theoxmangroup.com Open in urlscan Pro
198.185.159.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://securitycompanyfortworth.com/
Effective URL:
https://theoxmangroup.com/
Submission: On May 06 via automatic, source certstream-suspicious (May 6th 2022, 2:21:09 pm UTC) — Scanned from DE

Summary HTTP 101 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 29 domains to perform 101 HTTP transactions. The main IP is 198.185.159.144, located in United States and belongs to SQUARESPACE, US. The main domain is theoxmangroup.com.
TLS certificate: Issued by R3 on April 3rd 2022. Valid for: 3 months.

This is the only time theoxmangroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 8	198.49.23.145 198.49.23.145	53831 (SQUARESPACE) (SQUARESPACE)
6	198.185.159.144 198.185.159.144	53831 (SQUARESPACE) (SQUARESPACE)
5	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dd1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
12	151.101.128.237 151.101.128.237	54113 (FASTLY) (FASTLY)
3	23.205.251.248 23.205.251.248	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400e:80e::2008	15169 (GOOGLE) (GOOGLE)
8	151.101.64.238 151.101.64.238	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223e:2c00:f:b2f5:a240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:27::... 2620:1ec:27::cafe:2133	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	104.45.184.134 104.45.184.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223d:aa00:f:9de7:2240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e01b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223e:1200:16:5ccd:c900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:8d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
101	36

8 198.49.23.145 (United States) 2 redirects

ASN53831 (SQUARESPACE, US)

securitycompanyfortworth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ghostplugins.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghostplugins.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.185.159.144 (United States)

ASN53831 (SQUARESPACE, US)

theoxmangroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:7::17d8:4dd1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.128.237 (United States)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.205.251.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-251-248.deploy.static.akamaitechnologies.com

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a2 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.squarewebsites.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.238 (United States)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223e:2c00:f:b2f5:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:2133 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.45.184.134 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:aa00:f:9de7:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)

form.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f7::5c7b:e01b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:1200:16:5ccd:c900:93a1 (United States)

ASN16509 (AMAZON-02, US)

usercontent.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-na1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 8121 static1.squarespace.com — Cisco Umbrella Rank: 7672	772 KB
8	flodesk.com assets.flodesk.com — Cisco Umbrella Rank: 27655 form.flodesk.com — Cisco Umbrella Rank: 39426 usercontent.flodesk.com — Cisco Umbrella Rank: 47524	3 MB
8	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 6578	319 KB
7	hubspot.com 1 redirects api.hubspot.com — Cisco Umbrella Rank: 7344 forms.hubspot.com — Cisco Umbrella Rank: 5463 app.hubspot.com — Cisco Umbrella Rank: 10904 api-na1.hubspot.com — Cisco Umbrella Rank: 86047 track.hubspot.com — Cisco Umbrella Rank: 4194	22 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1591 a.clarity.ms — Cisco Umbrella Rank: 2788 c.clarity.ms — Cisco Umbrella Rank: 926	25 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	252 KB
7	ghostplugins.dev 1 redirects www.ghostplugins.dev — Cisco Umbrella Rank: 262829 ghostplugins.dev — Cisco Umbrella Rank: 260122	45 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 1007 p.typekit.net — Cisco Umbrella Rank: 1232	76 KB
6	theoxmangroup.com theoxmangroup.com	41 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 13185	261 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	133 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	115 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 ajax.googleapis.com — Cisco Umbrella Rank: 432	33 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	315 B
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 7740	988 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
2	squarewebsites.org assets.squarewebsites.org — Cisco Umbrella Rank: 115882	8 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 6143	918 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 379	553 B
1	hubspot.net avatars.hubspot.net — Cisco Umbrella Rank: 92129	1 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	440 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5887	3 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4045	16 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 8436	25 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4062	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 8857	22 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 12862	1010 B
1	google.com www.google.com — Cisco Umbrella Rank: 20	967 B
1	securitycompanyfortworth.com 1 redirects securitycompanyfortworth.com	169 B
101	29

	Domain	Requested by
12	assets.squarespace.com	theoxmangroup.com static1.squarespace.com assets.squarespace.com
8	images.squarespace-cdn.com	theoxmangroup.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.ghostplugins.dev	theoxmangroup.com
6	theoxmangroup.com	assets.squarespace.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	use.typekit.net	theoxmangroup.com assets.flodesk.com use.typekit.net
4	a.clarity.ms	www.clarity.ms a.clarity.ms
4	assets.flodesk.com	theoxmangroup.com assets.flodesk.com
3	connect.facebook.net	js.hsadspixel.net connect.facebook.net
3	api.hubspot.com	js.usemessages.com static.hsappstatic.net
3	www.googletagmanager.com	theoxmangroup.com www.googletagmanager.com
3	static1.squarespace.com	theoxmangroup.com static1.squarespace.com
2	www.facebook.com
2	c.clarity.ms	1 redirects
2	forms.hsforms.com	theoxmangroup.com
2	usercontent.flodesk.com	theoxmangroup.com
2	p.typekit.net	theoxmangroup.com use.typekit.net
2	form.flodesk.com	assets.flodesk.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	assets.squarewebsites.org	theoxmangroup.com
2	fonts.googleapis.com	theoxmangroup.com assets.flodesk.com
1	api.hubapi.com	js.hsadspixel.net
1	track.hubspot.com
1	c.bing.com	1 redirects
1	avatars.hubspot.net
1	api-na1.hubspot.com	1 redirects
1	app.hubspot.com	js.usemessages.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	forms.hubspot.com	js.hscollectedforms.net
1	js.hsadspixel.net	js-na1.hs-scripts.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.hscollectedforms.net	js-na1.hs-scripts.com
1	js.hs-analytics.net	js-na1.hs-scripts.com
1	js.usemessages.com	js-na1.hs-scripts.com
1	www.clarity.ms	theoxmangroup.com
1	www.gstatic.com	www.google.com
1	ghostplugins.dev	1 redirects
1	js-na1.hs-scripts.com	theoxmangroup.com
1	ajax.googleapis.com	theoxmangroup.com
1	www.google.com	theoxmangroup.com
1	securitycompanyfortworth.com	1 redirects
101	42

This site contains links to these domains. Also see Links.

Domain
www.theoxmangroup.com
facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
theoxmangroup.com R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-12` - `2023-03-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-14` - `2022-07-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.ghostplugins.dev R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.squarespace-cdn.com R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.flodesk.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-12` - `2022-05-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://theoxmangroup.com/
Frame ID: DC8C24868AC2E1E1E3E010868A637C13
Requests: 91 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/21153261/threads/utk/2bb54670499041c39e2e0d3329e7497c?uuid=dd56e6ac4f1d425fa4aaeb9e25f9691c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=theoxmangroup.com&inApp53=false&messagesUtk=2bb54670499041c39e2e0d3329e7497c&url=https%3A%2F%2Ftheoxmangroup.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: FAB5C52713CDEDF58562C1157522BC4F
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AE3335F7EA337DD4543F8AE5BC1390D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Oxman Group

Page URL History Show full URLs

https://securitycompanyfortworth.com/ HTTP 301
https://theoxmangroup.com/ Page URL

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

101
Requests

97 %
HTTPS

81 %
IPv6

29
Domains

42
Subdomains

36
IPs

4
Countries

5785 kB
Transfer

11251 kB
Size

21
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.theoxmangroup.com/dental
Title: IT For Dental Clinics

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/healthcare
Title: IT For Healthcare

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-1
Title: E

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-2
Title: a

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-3
Title: s

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-4
Title: y

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-5
Title: -

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-6
Title: t

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-7
Title: o

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-8
Title: -

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-9
Title: u

Search URL Search Domain Scan URL

URL: https://www.theoxmangroup.com/businesses-10
Title: n

Search URL Search Domain Scan URL

URL: http://facebook.com/theoxmangroup

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/theoxmangroup

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securitycompanyfortworth.com/ HTTP 301
https://theoxmangroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://ghostplugins.dev/assets/variants-buttons/variants-buttons-7-1.js HTTP 301
https://www.ghostplugins.dev/assets/variants-buttons/variants-buttons-7-1.js

Request Chain 88

https://api-na1.hubspot.com/userpreferences/v1/avatar/02d13fc9780e1de0b98d2ec0fc0393e6/100 HTTP 307
https://avatars.hubspot.net/default-100

Request Chain 90

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=F78BB45621884279AC4A1FE0E91DC8A7&RedC=c.clarity.ms&MXFR=3177F423AA2163B4118CE5BFAE216DCF HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=F78BB45621884279AC4A1FE0E91DC8A7&MUID=02135D7231FE63213EC24CEE3095629F

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
theoxmangroup.com/
Redirect Chain

https://securitycompanyfortworth.com/
https://theoxmangroup.com/

373 KB
40 KB

581ms
309ms

Document
text/html

198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

147d8d6e8ead947196e9d467ebd7f1964abba15e0ff7d1b4acb8a61eb7afb111

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 40828
content-type: text/html;charset=utf-8
date: Fri, 06 May 2022 14:21:01 GMT
etag: W/"ea6f7e1064d17e6dbe41b12551a3043f"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=43200
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: Dv3xPUp0/yJsqeqlt
x-frame-options: SAMEORIGIN SAMEORIGIN

Redirect headers

age: 0
content-length: 0
date: Fri, 06 May 2022 14:21:01 GMT
location: https://theoxmangroup.com/
server: Squarespace
strict-transport-security: max-age=43200
x-contextid: 8yvXeryf/vitIk9Py

GET
H2 200 42KrOsl9kyjsBnFDyYgK1LUd8jsRvLthulFOd4cI0qvfez92fFHN4UJLFRbh52jhWDmcZcs8wRJXwewkwhJhFDZqFcItjDJXFU7ZMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBCZhB8OAFode80ZemkOQSo-2S0SaBuj... Show response
use.typekit.net/ik/ 16 KB
7 KB 136ms
104ms Script
text/javascript 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/42KrOsl9kyjsBnFDyYgK1LUd8jsRvLthulFOd4cI0qvfez92fFHN4UJLFRbh52jhWDmcZcs8wRJXwewkwhJhFDZqFcItjDJXFU7ZMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBCZhB8OAFode80ZemkOQSo-2S0SaBujW48Sagyjh90jhNlOfG0jWw0dA9CHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBCZhB8OAFode80ZemkOQSo-2S0SaBujW48Sagyjh90jhNlOeBDOcu8OeUzjhBC-eNDifUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYsGZANtdAB0Za4ziWM0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBCZhB8OAFode80ZemkOQSo-2S0SaBujW48Sagyjh90jhNlOYiaikoySkolZPUaiaS0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUaiaS0iey8dayljAo1ScNuSfoRdhXKIagkjAiljWsTjhIlZWyXZAoqZAb7f6Ru6MJbMg6YJMJ7f6RX6MJbMg6sJMHbMj_elGCe.js

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9d62a174ae0be0ffad85fbbc1ff333dc820c21a29ad38122c1f1a70a395f6318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 06 May 2022 14:21:02 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6679

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 136ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,700

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

914a7f0227e36a6bb75b3a24f83917d6b3027d845dcf8ddfcd5401182e16712f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 14:21:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 14:21:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 14:21:02 GMT

GET
H2 200 modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.2.2/ 80 KB
29 KB 28ms
6ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.2.2/modern.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 15305870
x-cache: HIT, HIT
x-cache-hits: 1, 226057
content-encoding: gzip
content-length: 29224
x-served-by: cache-bwi5144-BWI, cache-hhn4027-HHN
last-modified: Wed, 08 Sep 2021 20:21:24 GMT
server: UploadServer
x-timer: S1651846863.117207,VS0,VE0
etag: "03e5ef7c77d113abf6178fce61ec6344"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 10:43:13 GMT

GET
H2 200 style-loader-runtime-3b32196fd63237cb77125-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 4 KB
2 KB 8ms
5ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/style-loader-runtime-3b32196fd63237cb77125-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7dc2181f67db2cb889c9500a17d0244e21c8cfaecf4eb00f0a3f60426638ea46

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 3098344
x-cache: HIT, HIT
x-cache-hits: 1, 196500
content-encoding: br
content-length: 1807
x-served-by: cache-iad-kiad7000160-IAD, cache-hhn4027-HHN
last-modified: Thu, 31 Mar 2022 17:08:21 GMT
server: UploadServer
x-timer: S1651846863.130413,VS0,VE0
etag: "96f84f1dd8f6c2db628000c299729db2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 extract-css-runtime-df0bcb3fb161c9761a2a8-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 183 B
318 B 9ms
6ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-df0bcb3fb161c9761a2a8-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 037709da281376828e43211b173f1f202861ff95fcfd8c32948bae02c66092e4

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 2686416
x-cache: HIT, HIT
x-cache-hits: 1, 197532
content-encoding: br
content-length: 131
x-served-by: cache-iad-kiad7000120-IAD, cache-hhn4027-HHN
last-modified: Fri, 25 Mar 2022 17:01:12 GMT
server: UploadServer
x-timer: S1651846863.131673,VS0,VE0
etag: "233fdb6f2944bccc7d89e7aa073f6d3a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 12:07:26 GMT

GET
H2 200 extract-css-moment-js-vendor-0c99b8bf7f3dd5358b2f5-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 562 KB
85 KB 9ms
6ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-0c99b8bf7f3dd5358b2f5-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a335034c7cafef2c77fcbf69ab399efbaa0fb72fa405b2d92c502c6b64d21edc

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 3098343
x-cache: HIT, HIT
x-cache-hits: 1, 198681
content-encoding: br
content-length: 86355
x-served-by: cache-iad-kcgs7200085-IAD, cache-hhn4027-HHN
last-modified: Thu, 31 Mar 2022 17:08:00 GMT
server: UploadServer
x-timer: S1651846863.131775,VS0,VE0
etag: "66b1de3aaf9e6685ccb40f11c2b9a9a6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 moment-js-vendor-ac5d1bbd5d874f86c9e4f-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 381 KB
64 KB 10ms
7ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/moment-js-vendor-ac5d1bbd5d874f86c9e4f-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f890ccc79170bbc968c2c2052553b8f7a6b300d10a7181d6c6993dc016fdbce0

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 3098343
x-cache: HIT, HIT
x-cache-hits: 1, 197789
content-encoding: br
content-length: 64783
x-served-by: cache-iad-kcgs7200150-IAD, cache-hhn4027-HHN
last-modified: Thu, 31 Mar 2022 17:07:26 GMT
server: UploadServer
x-timer: S1651846863.131798,VS0,VE0
etag: "15b4d2cb907c8a1b7ce550b524f54a8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 cldr-resource-pack-51def4af8f210f9d1e4fa-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
18 KB 16ms
13ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-51def4af8f210f9d1e4fa-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e140022b28f49866c83fc34eafbe550e1af89819eeb46b52d68ca1385402e3c6

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 3098344
x-cache: HIT, HIT
x-cache-hits: 1, 221648
content-encoding: br
content-length: 18359
x-served-by: cache-iad-kiad7000112-IAD, cache-hhn4027-HHN
last-modified: Thu, 31 Mar 2022 17:07:34 GMT
server: UploadServer
x-timer: S1651846863.132617,VS0,VE0
etag: "f684b28d00d4cf606710a7f08420df46"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 common-vendors-stable-21627972afe15f645442b-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
69 KB 17ms
14ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-21627972afe15f645442b-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f7c4aafd2597166d7192b560f072a466fed9c54d72e6e1dc311a0c9c6b0c2e76

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 3098344
x-cache: HIT, HIT
x-cache-hits: 2, 198368
content-encoding: br
content-length: 70710
x-served-by: cache-iad-kiad7000080-IAD, cache-hhn4027-HHN
last-modified: Thu, 31 Mar 2022 17:07:03 GMT
server: UploadServer
x-timer: S1651846863.132604,VS0,VE0
etag: "78c57573056f37f4a39ff116794f5a9e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 common-vendors-595d35664a23a2acd04e2-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 575 KB
141 KB 16ms
14ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-595d35664a23a2acd04e2-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 93295de48b9afeaaee8f302d3f6bf06ee04d2eb0da96ea3dd4499a03aed6debd

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 315664
x-cache: HIT, HIT
x-cache-hits: 1, 5610
content-encoding: br
content-length: 143779
x-served-by: cache-iad-kjyo7100146-IAD, cache-hhn4027-HHN
last-modified: Mon, 02 May 2022 21:40:09 GMT
server: UploadServer
x-timer: S1651846863.132594,VS0,VE0
etag: "67031373850e8f0b2dde4c783f1b50c7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 22:39:58 GMT

GET
H2 200 common-2b7743e189b19ad300dab-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 786 KB
189 KB 16ms
14ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-2b7743e189b19ad300dab-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fddb73481481d9c2fe5dc8325f706516995542b0dc5d52ab0f1edf480c913b0a

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 60133
x-cache: HIT, HIT
x-cache-hits: 1, 3932
content-encoding: br
content-length: 192752
x-served-by: cache-iad-kjyo7100075-IAD, cache-hhn4027-HHN
last-modified: Thu, 05 May 2022 20:27:26 GMT
server: UploadServer
x-timer: S1651846863.132575,VS0,VE0
etag: "620482b7c10a69923122badbf2a6ffe4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 21:38:50 GMT

GET
H2 200 performance-496e3739d1c4053c9ea16-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 25 KB
8 KB 21ms
19ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-496e3739d1c4053c9ea16-min.en-US.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ae4ad9770e5aa4a4e8063188195c8bc42300dab8f133f05211d7036c43b236d

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 2590378
x-cache: HIT, HIT
x-cache-hits: 1, 180171
content-encoding: br
content-length: 8078
x-served-by: cache-iad-kjyo7100040-IAD, cache-hhn4027-HHN
last-modified: Wed, 06 Apr 2022 14:13:00 GMT
server: UploadServer
x-timer: S1651846863.132810,VS0,VE0
etag: "14a81c0d58009dc774c2fc57f7ebc5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 14:48:05 GMT

GET
H2 200 site.css
static1.squarespace.com/static/versioned-site-css/5ffde2240c23b676d6a8c247/52/5c5a519771c10ba3470d8101/5ffde2250c23b676d6a8c261/1221/ 906 KB
93 KB 705ms
683ms Stylesheet
text/css 23.205.251.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/versioned-site-css/5ffde2240c23b676d6a8c247/52/5c5a519771c10ba3470d8101/5ffde2250c23b676d6a8c261/1221/site.css

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.251.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-251-248.deploy.static.akamaitechnologies.com

Software

Squarespace /

Resource Hash

4a85bb852e73b4b8d3d52cd2386d785dacb6eb4187e7271d7a7b7facc1b11c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: cache
strict-transport-security: max-age=43200
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
x-contextid: yUbWA0NQ/EbxjEuXn
date: Fri, 06 May 2022 14:21:02 GMT
vary: Accept-Encoding, "Accept-Encoding"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=94607984
accept-ranges: bytes
timing-allow-origin: *
tracepoint: "Akamai"

GET
H2 200 style.css
assets.squarewebsites.org/custom-tables/ 10 KB
3 KB 80ms
32ms Stylesheet
text/css 2606:4700:20::681a:a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarewebsites.org/custom-tables/style.css
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3d1cb58e8e730d84317b595275eff1aae625253d6b5745f678b0d158b267d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2679
cf-polished: origSize=10058
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed: /
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Wed, 04 May 2022 15:59:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfWlZCGdyDMo%2BwSUSbL1AoQ%2FV2dNBN53%2BIeOyl3kF7C0EY3h7CR3PScO4WIDsPcKLlHS6hx2AWTIPAkpQsvIlRtd9fBXqaXwHx6uRj78FNJDtvGAtmDuaKmwhzsjNVCRiBOJXbWxsBUWyhhY6ANTdyoBj1%2FNW8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 06 May 2022 16:21:02 GMT
cache-control: public, max-age=7200
x-turbo-charged-by: LiteSpeed
cf-ray: 70725c297c8a90fa-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 131ms
45ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cef5b2f18783775bcef71ec51ae18ff9799f2edf61c68150d8ac3dd187f1b5d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Fri, 06 May 2022 14:21:02 GMT

GET
H2 200 swiper.css
www.ghostplugins.dev/assets/helpers/swiper/ 14 KB
5 KB 306ms
98ms Stylesheet
text/css 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghostplugins.dev/assets/helpers/swiper/swiper.css

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

aecbbb82a3f1f565c7fd764f886cb63a2c64c87025198626b8d33c2b98d27c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 773156
x-contextid: kK65CpLZ/2ItnbXxY
vary: Accept-Encoding
content-length: 4759
pragma: cache
server: Squarespace
etag: W/"ea464064d07cbe606f6a026f466204bf--gzip"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fibo.css
www.ghostplugins.dev/assets/fibo/ 4 KB
1 KB 306ms
98ms Stylesheet
text/css 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghostplugins.dev/assets/fibo/fibo.css

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

561413a81b8108554f93d2eaa674a41e7816a88b3183804938f7215315e28284

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 773147
x-contextid: kK65CpLZ/cYpQoQ2O
vary: Accept-Encoding
content-length: 1096
pragma: cache
server: Squarespace
etag: W/"99ef2dd94c65c6238ebf9523ea6490f1--gzip"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 128ms
42ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 08:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 May 2023 08:50:49 GMT

GET
H2 200 variants-buttons.css
www.ghostplugins.dev/assets/variants-buttons/ 2 KB
672 B 395ms
187ms Stylesheet
text/css 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghostplugins.dev/assets/variants-buttons/variants-buttons.css

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

df014f6a02e9976412563d004e66def5977a06944bc525394dee9c49b0259040

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 773118
x-contextid: kK65CpLZ/eFZ2xvsA
vary: Accept-Encoding
content-length: 501
pragma: cache
server: Squarespace
etag: W/"8a15759320d49394c6cffaa7f5a41f9a--gzip"
strict-transport-security: max-age=0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 21153261.js Show response
js-na1.hs-scripts.com/ 2 KB
1010 B 230ms
187ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/21153261.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ddca2e71340fc24b0611fb8abab06d1b79e1b89a388de2ac9edb15e1b938602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 06 May 2022 14:21:03 GMT
server: cloudflare
x-hubspot-correlation-id: a62d6449-afc4-4146-a74e-fc4735cd9b68
x-trace: 2B16ACA357349440487F484099D3925E5811B0AED4000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://theoxmangroup.com
access-control-max-age: 3600
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 70725c2edc4b5c74-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
34 KB 56ms
20ms Script
application/javascript 2a00:1450:400e:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=$GA_TRACKING_ID$

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72a275131838c90c764ee0ace5239d8b4061629f8201261e2c677630446923bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34583
x-xss-protection: 0
last-modified: Fri, 06 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 14:21:03 GMT

GET
H2 200 oxman_clogo_vector.png
images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/d1f1dc9e-ad46-4cb0-b4eb-8a8848953c6c/ 7 KB
8 KB 142ms
110ms Image
image/png 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/d1f1dc9e-ad46-4cb0-b4eb-8a8848953c6c/oxman_clogo_vector.png?format=1500w
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ea4459e80738e268d96e3f05a99696642b87c6651d6d2d67ba40894111808429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 260602
x-cache: HIT, MISS
content-length: 7426
x-served-by: cache-iad-kcgs7200151-IAD, cache-hhn4079-HHN
x-timer: S1651846863.162372,VS0,VE104
tracepoint: Fastly
etag: CO7nm+HkkPICEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 site-bundle.7dc978a6b4650d099c502385bd881929.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 168 KB
44 KB 9ms
7ms Script
application/javascript 23.205.251.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7dc978a6b4650d099c502385bd881929.js

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.251.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-251-248.deploy.static.akamaitechnologies.com

Software

Squarespace /

Resource Hash

4f00c6240c80fe1c5b9e2381fcbb44eae5b4ff774ef66ba5a4d22f15beb9ff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: cache
date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
x-contextid: HhyX5hsw/dnmg2uci
vary: Accept-Encoding, "Accept-Encoding"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=93759715
accept-ranges: bytes
timing-allow-origin: *
content-length: 44186
tracepoint: "Akamai"

GET
H2 200 custom-table.js Show response
assets.squarewebsites.org/custom-tables/ 14 KB
5 KB 31ms
30ms Script
application/x-javascript 2606:4700:20::681a:a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarewebsites.org/custom-tables/custom-table.js
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a803b7c6a2c6060856a994b830a8581ba8e572934e41407cb768beb4bea7ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695
cf-polished: origSize=14755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed: /
x-robots-tag: noindex, noarchive, nosnippet
last-modified: Wed, 20 Oct 2021 09:00:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqqdCKplncEy4WNBxi%2Fo3%2FEhnLhK1g54uYv2gkO5vw6qEKToyRmelItg5q9TqvCAfEex9kCGeN5QjfRz%2FABJQ7eT1D2df%2FodF9dxcOBpimt4UOWSkMMzZsdm27emJKI9avnfX4xApZ7dmEv0YepJBCigVr97TBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
expires: Fri, 06 May 2022 16:21:02 GMT
cache-control: public, max-age=7200
x-turbo-charged-by: LiteSpeed
cf-ray: 70725c2bb88c90fa-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
cf-bgj: minify

GET
H2 200 swiper.js Show response
www.ghostplugins.dev/assets/helpers/swiper/ 137 KB
36 KB 101ms
100ms Script
application/javascript 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghostplugins.dev/assets/helpers/swiper/swiper.js

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

becef044ad12f78fbee073e80704df9d9b3e352aa8ac6f7a9ae7ff3963835e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 773156
x-contextid: kK65CpLZ/0WHaeTMK
vary: Accept-Encoding
content-length: 36232
pragma: cache
server: Squarespace
etag: W/"a7593afe1a7b4470a3831f4bfaab5a65--gzip"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fibo-7-1.js Show response
www.ghostplugins.dev/assets/fibo/ 2 KB
975 B 98ms
98ms Script
application/javascript 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghostplugins.dev/assets/fibo/fibo-7-1.js

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

d0fe76214677126cc1b04eaeb5bbbabd8faba15f0b39b418275ef6d1e895cf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 773147
x-contextid: kK65CpLZ/WLjOI1kF
vary: Accept-Encoding
content-length: 831
pragma: cache
server: Squarespace
etag: W/"b53cbeda646dd1b3d34bb683efdfe6ca--gzip"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

variants-buttons-7-1.js Show response
www.ghostplugins.dev/assets/variants-buttons/
Redirect Chain

https://ghostplugins.dev/assets/variants-buttons/variants-buttons-7-1.js
https://www.ghostplugins.dev/assets/variants-buttons/variants-buttons-7-1.js

3 KB
1 KB

99ms
99ms

Script
application/javascript

198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghostplugins.dev/assets/variants-buttons/variants-buttons-7-1.js

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

60bee5395c3634af83e16e1a1e80f9a82a9fddd3e8af291dd5ec3862271bc231

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 773025
x-contextid: kK65CpLZ/JyfNMVbA
vary: Accept-Encoding
content-length: 1245
pragma: cache
server: Squarespace
etag: W/"bd3dcf97334194523263cf1adb40937e--gzip"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://www.ghostplugins.dev/assets/variants-buttons/variants-buttons-7-1.js
date: Wed, 04 May 2022 15:35:29 GMT
x-contextid: sWZTl1Zq/NhTX0H6m
server: Squarespace
age: 168333
content-length: 0
strict-transport-security: max-age=0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 364 KB
144 KB 121ms
36ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147136
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 14:11:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 108 KB
41 KB 71ms
36ms Script
application/javascript 2a00:1450:400e:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXHFXLS

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7f7ce7a026b8779984cc06812546520fe29cd24dc23f211ee2362459bef0e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42193
x-xss-protection: 0
last-modified: Fri, 06 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 14:21:03 GMT

GET
H/1.1 200
OK universal.mjs Show response
assets.flodesk.com/ 48 KB
19 KB 59ms
8ms Script
application/javascript 2600:9000:223e:2c00:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/universal.mjs?v=825923400
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2c00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c7ed462690163461cad0d10fad9144977fde58cc475be472d34aa6f2782ef27

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 13:21:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age: 2336369
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 08 Apr 2022 09:15:02 GMT
Server: AmazonS3
ETag: W/"53ca4b1b9ce738f2ade694403dedbedc"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, PUT, HEAD, POST, DELETE
Content-Type: application/javascript
Via: 1.1 d04699b52d8873377c4b5f4e7dcf7068.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: ETag
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA56-P4
X-Amz-Cf-Id: gOEFb5M12zzQKoRs_lbIFUAv2j4gjDdTqqhbqq8GxnWaVdftACWTYA==

GET
H/1.1 200
OK universal.js Show response
assets.flodesk.com/ 61 KB
23 KB 48ms
8ms Script
application/javascript 2600:9000:223e:2c00:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/universal.js?v=1651846863117
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2c00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7690a068f3c99aaff5cbc7b8fa13a9eea0d8951216404696814c8d1957302d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 09:15:14 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 08 Apr 2022 09:15:02 GMT
Server: AmazonS3
Age: 2437550
ETag: W/"67d6d8af5d57f888e1cf8919aca8a1a2"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P4
X-Amz-Cf-Id: kBZJ-fIrXGZCawdv868fCCFAoaMSWcEFetgJ1I1f_foo_bUvXZ6OrQ==

GET
H2 200 90t0tz7r7n Show response
www.clarity.ms/tag/ 1 KB
2 KB 180ms
100ms Script
application/x-javascript 2620:1ec:27::cafe:2133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/90t0tz7r7n?ref=bwt
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2436530fee858652d1e19d486a85d5189a27363ec0083a30b9426c2d348958be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:02 GMT
x-powered-by: ASP.NET
x-azure-ref: 0zy51YgAAAADLH98qOoDXRZX+/3kohzgVUFJBRURHRTEzMDgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
content-length: 1167
expires: -1

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 133ms
48ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 154481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 173ms
88ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 154481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 142ms
79ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 154481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

GET
H2 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
13 KB 102ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce6b49ca9fc6bce7548c2f246f67d66f98722c0c626c2256a40473c79f817c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 20:00:53 GMT
x-content-type-options: nosniff
age: 152410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12612
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:08:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 20:00:53 GMT

GET
H2 200 Blue_001.png
images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1610474044112-6HO46XJBYS20U1OHLCR9/ 3 KB
3 KB 99ms
99ms Image
image/png 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1610474044112-6HO46XJBYS20U1OHLCR9/Blue_001.png?format=original
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 446d520f4ed608c1dbb7483176229b73024663995b5f29da66efa279fd20916f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 111875
x-cache: HIT, MISS
content-length: 3386
x-served-by: cache-iad-kiad7000113-IAD, cache-hhn4079-HHN
x-timer: S1651846863.176565,VS0,VE93
tracepoint: Fastly
etag: CP7Suav7lu4CEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 144ms
103ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,400;0,600;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:28:04 GMT
x-content-type-options: nosniff
age: 154379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:28:04 GMT

GET
H2 200 squarespace-ui-font.woff
assets.squarespace.com/universal/fonts/ 9 KB
9 KB 8ms
8ms Font
application/octet-stream 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/fonts/squarespace-ui-font.woff
Requested by: Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/versioned-site-css/5ffde2240c23b676d6a8c247/52/5c5a519771c10ba3470d8101/5ffde2250c23b676d6a8c261/1221/site.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b980267ac2254ef534bfe32055489ed677d461077b37f2ee62bf7b5fc4f7362f

Request headers

Referer: https://static1.squarespace.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 3820855
x-cache: HIT, HIT
x-cache-hits: 1, 32134
content-encoding: gzip
content-length: 9023
x-served-by: cache-iad-kcgs7200148-IAD, cache-hhn4027-HHN
last-modified: Thu, 09 May 2019 21:33:27 GMT
server: UploadServer
x-timer: S1651846863.184833,VS0,VE0
etag: "e99a175a26d1be1ff88c5c1aafc58e1e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 09:00:08 GMT

GET
H2 200 Dr-Snider.jpg
images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1611690377695-CZKICNA7Q92AJ7S3EXCM/ 50 KB
50 KB 107ms
105ms Image
image/jpeg 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1611690377695-CZKICNA7Q92AJ7S3EXCM/Dr-Snider.jpg
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a2b29a375588db154a3c218b1b22093aa712c9a0ecab9151bc0998437607f0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 174856
x-cache: HIT, MISS
content-length: 51146
x-served-by: cache-iad-kiad7000061-IAD, cache-hhn4079-HHN
x-timer: S1651846863.224447,VS0,VE99
tracepoint: Fastly
etag: CMnHjcSuuu4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 alan-garcia.jpg
images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1610564838545-PAMRFISW7Q2CLDNX526D/ 154 KB
154 KB 207ms
206ms Image
image/jpeg 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1610564838545-PAMRFISW7Q2CLDNX526D/alan-garcia.jpg
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e30a6c6fe73dbb38de2a73aad5b1089058a8d671bfd2d44f2ce63b319f8ec2b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 243898
x-cache: HIT, MISS
content-length: 157468
x-served-by: cache-iad-kiad7000164-IAD, cache-hhn4079-HHN
x-timer: S1651846863.224812,VS0,VE198
tracepoint: Fastly
etag: CNTprcnNme4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 56ms
25ms Script
application/javascript 2a00:1450:400e:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-80819938-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=$GA_TRACKING_ID$

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4204004011e40e4932af8f9fa30ca1eb4e9f5338cfcce3e540ba53013ae6551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40750
x-xss-protection: 0
last-modified: Fri, 06 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 14:21:03 GMT

GET
H2 200 clarity.js Show response
a.clarity.ms/s/0.6.34/ 53 KB
23 KB 330ms
93ms Script
application/javascript 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/90t0tz7r7n?ref=bwt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: br
etag: "1d85e80e187b254"
last-modified: Tue, 03 May 2022 00:01:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
22 KB 84ms
35ms Script
application/javascript 2606:4700::6811:ebcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/21153261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0dd8ccd27470010f5148a31d1d6dafee2ddccca06b73536e3219bcd790a4fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 3d65275b81abaf880be10de6f2c71e9a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 520
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10012/bundles/project.js&cfRay=70724f7beacf5bfd-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 02 May 2022 09:53:14 UTC
server: cloudflare
etag: W/"8363d6862ab9a465eec7a203c5b84613"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ._Yaj2o2hXltYtvzDFlCLtnm8S2a0t3Z
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
cf-ray: 70725c306c546964-FRA
x-amz-cf-id: UHh8MhyZtHFxirfyBnSxJnRZD3DxMq3W23CPB33yvbTfPfR5lDudLA==
x-hs-target-asset: conversations-embed/static-1.10012/bundles/project.js

GET
H2 200 21153261.js Show response
js.hs-analytics.net/analytics/1651846800000/ 62 KB
20 KB 229ms
197ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1651846800000/21153261.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/21153261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb99f87da50d1affa118d02bcf32b803c8cfa9d41ad52ea5e716f6195736aa42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: WV9YXH6N5MK3DET6
x-amz-server-side-encryption: AES256
cf-ray: 70725c3049569c07-FRA
x-amz-id-2: 2LJijSbVPLV5x1VxpZD+qqCPmHuhgxhgIqMNFP6wrE8y4//Shsd5P2YBtQU4n78c69RlC8VrDcs=
last-modified: Thu, 14 Apr 2022 17:07:34 GMT
server: cloudflare
etag: W/"0b776272158c156e31e42b29f5495ddc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Fri, 06 May 2022 14:26:03 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 73 KB
25 KB 196ms
177ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/21153261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.273/bundles/project.js&cfRay=70725c303d00994a-IAD
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 70725c303d00994a-FRA
last-modified: Fri, 04 Mar 2022 03:24:42 UTC
server: cloudflare
etag: W/"5655d6c20b8fbd0326ccba67c4a94b8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: d8qvQ4NJOEEA6UgWpFiA1cbs11TvqQym
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: KKmWWP9OpnKK3MJU-4xNKaG_IXsZUbsE2-OJ8TKA-iof9_KCsmOhuw==
x-hs-target-asset: collected-forms-embed-js/static-1.273/bundles/project.js

GET
H2 200 21153261.js Show response
js.hs-banner.com/ 60 KB
16 KB 326ms
284ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/21153261.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/21153261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483723eb5294c08f1fcca152bba3e26af4af3decfc522782f04008ba446257e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: WV9QRC5YF18KE84S
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: fgUYJ5OyxDLCyzyp5wv9/VmOaqYmfK8yQTdcDDJmicVNimqcubtbDiqwT0pDfTFvvHcmQPdWHwI=
timing-allow-origin: *
last-modified: Fri, 18 Feb 2022 01:17:33 GMT
server: cloudflare
etag: W/"12f2decbad5884b867343488d12df016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: KVG7S9Wk0exPdVGIXa0QcfJdmlrTj_hW
access-control-allow-origin: https://theoxmangroup.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 70725c305e29918f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 06 May 2022 14:26:03 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 56ms
24ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/21153261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142e1cd28809b7bbe61123941a3a70a045a5c1fa864c97574b32abd94f4b4229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 76cd2de9f0213e8c76093c6b346e8118.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 462
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.278/bundles/pixels-release.js&cfRay=707250e6bc7490f2-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 26 Apr 2022 04:18:52 UTC
server: cloudflare
etag: W/"e23a3c7ef0fc6b7c55f83c4911c95be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: sUKtDc7b2iEDZ57z7v16VeKnAVF7O_.0
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 70725c304c519c0a-FRA
x-amz-cf-id: Cw9-YxHou3f8Jm0Vcv4otLMf5BxhPZADEfubBvG9j86MkjyB_L-5DA==
x-hs-target-asset: adsscriptloaderstatic/static-1.278/bundles/pixels-release.js

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
36ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80819938-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 114
date: Fri, 06 May 2022 14:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 06 May 2022 16:19:09 GMT

GET
H2 200 settings Show response
theoxmangroup.com/api/1/performance/ 53 B
153 B 127ms
127ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://theoxmangroup.com/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-496e3739d1c4053c9ea16-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 4ba7ea9dbea03c2b9bc67ae21e519f95e17b99891189cba6e53dca643ae18d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
x-contextid: Dv3xPUp0/Ob995dQ5
server: Squarespace
content-length: 53
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 floating-cart.bda27ce8b89f60a4f31e.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 496 B
572 B 7ms
7ms Script
application/javascript 23.205.251.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.bda27ce8b89f60a4f31e.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7dc978a6b4650d099c502385bd881929.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.251.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-251-248.deploy.static.akamaitechnologies.com

Software

Squarespace /

Resource Hash

1ba4db8a8b47e7401e2ce265e599728073542f70940cb889c6315f3c4e23da0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: cache
date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
x-contextid: 19OhEAPo/a9JBMDww
vary: Accept-Encoding, "Accept-Encoding"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=93150003
accept-ranges: bytes
timing-allow-origin: *
content-length: 310
tracepoint: "Akamai"

GET
H2 200 l
use.typekit.net/af/e2d519/000000000000000077359e4d/30/ 21 KB
21 KB 67ms
47ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e2d519/000000000000000077359e4d/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 85ff522f9e9e22a96be11f5eeb95cf0d1e1a409fcef5a4a0581d46b5c4f83d05

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
server: nginx
etag: "0cb8dc2eca68286e1adb51e116317b74f8351035"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21500

GET
H2 200 l
use.typekit.net/af/476ca0/000000000000000077359e4b/30/ 21 KB
21 KB 54ms
35ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/476ca0/000000000000000077359e4b/30/l?subset_id=2&fvd=i7&v=3
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ca7f492bccf47ea1a71369c48b256fdc7e017717e5c366ee9f5b96c508380911

Request headers

Referer: https://theoxmangroup.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
server: nginx
etag: "67b50a78d7f10322911e2e291af3e6df59f922fe"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21020

GET
H2 200 5ffe6a81463bdb0cc92381f0 Show response
form.flodesk.com/forms/ 35 KB
5 KB 202ms
145ms XHR
text/html 2600:9000:223d:aa00:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/5ffe6a81463bdb0cc92381f0
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1651846863117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:aa00:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c209cd147b94d35e3727824caf8ddda3d7047fc162efce60bcd5d4e813417d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: WIVD5e6gOAoaeX4DGHgalhugV7jt9KuFVlLJiLhRnXsenwm9XqdwqA==
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)

GET
H2 200 5ffe704a02be17a0aac9eed6 Show response
form.flodesk.com/forms/ 35 KB
5 KB 192ms
135ms XHR
text/html 2600:9000:223d:aa00:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/5ffe704a02be17a0aac9eed6
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1651846863117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:aa00:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7f7e9d7deb66b3cc88e9015936c53a700b8c3bfa484644c2ec93732f097960e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: bfXV9wm3Ex9_gnCgthBaggclhUcvVpkSNCXFFFF5_tauc6E39zKXsw==
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)

GET
H2 200 announcement-bar-e2ca8929cbbeedbecc976-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 70 KB
21 KB 20ms
6ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/announcement-bar-e2ca8929cbbeedbecc976-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-21627972afe15f645442b-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5cb4b7deb095f0e20f4cd4ba508d718ff1185df167c25eb231e40ca29590ea34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 1353606
x-cache: HIT, HIT
x-cache-hits: 1, 5068
content-encoding: br
content-length: 21210
x-served-by: cache-iad-kjyo7100154-IAD, cache-hhn4032-HHN
last-modified: Wed, 20 Apr 2022 21:49:34 GMT
server: UploadServer
x-timer: S1651846864.652969,VS0,VE0
etag: "a96735e7331a1186988e24c262aa009b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 22:20:58 GMT

POST
H2 200 RecordHit Show response
theoxmangroup.com/api/census/ 17 B
59 B 178ms
177ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://theoxmangroup.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-595d35664a23a2acd04e2-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://theoxmangroup.com/
X-CSRF-Token: BfnBYjntZseIN2I4NThlN2Y1MzFmNTgxOTEwMmY1N2VjYWI3ZmRi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: Dv3xPUp0/ATG6h2gI
content-length: 17

POST
H2 200 button-render Show response
theoxmangroup.com/api/census/ 17 B
59 B 174ms
174ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://theoxmangroup.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-595d35664a23a2acd04e2-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://theoxmangroup.com/
X-CSRF-Token: BfnBYjntZseIN2I4NThlN2Y1MzFmNTgxOTEwMmY1N2VjYWI3ZmRi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: Dv3xPUp0/AM4mzbg9
content-length: 17

POST
H2 200 button-render Show response
theoxmangroup.com/api/census/ 17 B
111 B 169ms
169ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://theoxmangroup.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-595d35664a23a2acd04e2-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://theoxmangroup.com/
X-CSRF-Token: BfnBYjntZseIN2I4NThlN2Y1MzFmNTgxOTEwMmY1N2VjYWI3ZmRi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: Dv3xPUp0/8FtLw3Es
content-length: 17

POST
H2 200 button-render Show response
theoxmangroup.com/api/census/ 17 B
60 B 172ms
172ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://theoxmangroup.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-595d35664a23a2acd04e2-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://theoxmangroup.com/
X-CSRF-Token: BfnBYjntZseIN2I4NThlN2Y1MzFmNTgxOTEwMmY1N2VjYWI3ZmRi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: Dv3xPUp0/5NHaI2Km
content-length: 17

GET
H2 200 Squarespace+Homepage+Icons.png
images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1610514549498-MCB3S434P85OCR9RLYSN/ 7 KB
7 KB 104ms
104ms Image
image/png 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1610514549498-MCB3S434P85OCR9RLYSN/Squarespace+Homepage+Icons.png?format=750w
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4146c2ed22143d24f04c5eff95c4111436bcb2be8eb814629ca86493f7b3932f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 243610
x-cache: HIT, MISS
content-length: 6809
x-served-by: cache-iad-kcgs7200032-IAD, cache-hhn4079-HHN
x-timer: S1651846864.677095,VS0,VE98
tracepoint: Fastly
etag: CO6LsJ2SmO4CEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 The_Oxman_Group_Meeting
images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/56bc9b34-d229-4921-a5e2-631b277c4c10/ 34 KB
35 KB 95ms
95ms Image
image/jpeg 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/56bc9b34-d229-4921-a5e2-631b277c4c10/The_Oxman_Group_Meeting?format=500w
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4867dbf5c0a0b62181f1fcab308a26c897ef65fd68c61f74d06a75c7bea9be67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 174856
x-cache: HIT, MISS
content-length: 35289
x-served-by: cache-iad-kjyo7100172-IAD, cache-hhn4079-HHN
x-timer: S1651846864.681664,VS0,VE88
tracepoint: Fastly
etag: CJmGn6j5mPYCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 28960071_l.jpg
images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1612191107310-K08PSNZ7O6RL5XQNSRWJ/ 60 KB
60 KB 98ms
97ms Image
image/jpeg 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1612191107310-K08PSNZ7O6RL5XQNSRWJ/28960071_l.jpg?format=500w
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c4d7965693f963b7370bc701d9a4de9632044d305728a8b449e0ea0c64116f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 174855
x-cache: HIT, MISS
content-length: 61423
x-served-by: cache-iad-kiad7000152-IAD, cache-hhn4079-HHN
x-timer: S1651846864.681744,VS0,VE91
tracepoint: Fastly
etag: CJX+0/b3yO4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 55ms
7ms Image
image/gif 2a02:26f0:f7::5c7b:e01b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_5ffde2240c23b676d6a8c247&ht=tk&h=theoxmangroup.com&f=32885.32884&a=646866&js=1.21.0&app=typekit&e=js&_=1651846863682
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e01b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 430ms
411ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=21153261&conversations-embed=static-1.10012&mobile=false&messagesUtk=2bb54670499041c39e2e0d3329e7497c&traceId=2bb54670499041c39e2e0d3329e7497c

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0450273c0d11e7c36f4f3ff0f22195eff70dd9f425e0ed4f2edd73fdae22424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Referer: https://theoxmangroup.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://theoxmangroup.com/

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d9a2df25-c313-418e-b55c-c43d0a4ca889
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1458
server: cloudflare
x-trace: 2B0F7362F659E8F318AC8F008FD434696266837643000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMMxH3m5MI5QuFa%2Fwss%2B8y3Zmn8cb6HqDUZ8qJ8qnSlyia55%2BFBUVDyZrgbgAel1pQ6nwprNuQVH%2FpDKKBWnfHU42R8Oucjq9ffUSHZj%2FK5mx%2BZYZe9KBK9tlmmLAd2nRy0%2BXlFpDfSGOVZ4Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://theoxmangroup.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 70725c338e829134-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 203ms
160ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://theoxmangroup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://theoxmangroup.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70725c326ad69a17-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 06 May 2022 14:21:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjKyR4JGCx%2ByU%2B3JuFnoWO9WJxX1j9zq1VjXtwMl2NFKjyv7x5lr0A2JWRj94kEi%2FCqpU6SYU1mLH1pNjXHkjxwQUMmHs05R67gcA97Sj1Up4WN6rU1tQLKs5IFPmxUKl2Y7fLUzRZzKO1ACFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 86bbb00b-09ce-4212-94d6-c8b694bc21ac
x-trace: 2B2A9208A2F1E49C6662FDC03BD9BFBE217A0D8CD1000000000000000000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 118ms
44ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1993658469&t=pageview&_s=1&dl=https%3A%2F%2Ftheoxmangroup.com%2F&ul=en-us&de=UTF-8&dt=The%20Oxman%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=547637659&gjid=2121676623&cid=1591508865.1651846864&tid=UA-80819938-1&_gid=455838147.1651846864&_r=1&gtm=2ou540&did=dZjQwMz&gdid=dZjQwMz&z=1613295604

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theoxmangroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 14:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theoxmangroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 116 B
679 B 146ms
145ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=21153261&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d52481cba69debb22c6028f24dca95bbfbbacb6f2248a6445bfbe82ea6774f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://theoxmangroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2531c449-e2a1-4671-8e66-f3d9b0d46528
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GApqKLAP%2Bo%2F5gupnP6%2FdgglKRcZMv6S9%2BMugBtnNBbyRjnoKqB4s2cUSSY1WEfg7FTeUJ6cYXCi0FqICL8maYYFRfYzHqmSYgW9IcbQNNuMUQpao6jtw1BVu07JlR6RFjjKBojCow8zEN6vqICcz"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://theoxmangroup.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 70725c329b1a9a17-FRA
access-control-allow-headers: *

GET
H2 200 zzl1xzu.css
use.typekit.net/ 5 KB
1 KB 31ms
31ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zzl1xzu.css

Requested by

Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1651846863117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3cafb80fd25d1112014f0def67b2b9d23c4a524c3ae85dab02854eeeab501c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 06 May 2022 14:21:03 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 821

GET
H3 200 css
fonts.googleapis.com/ 22 KB
1014 B 129ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&display=swap

Requested by

Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1651846863117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41b23fe048b2fd60e44fb571828a3b190c9d35f73ed2e0fd0a22ec49af970e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 13:26:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 14:21:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 14:21:03 GMT

GET
H/1.1 200
OK 675.b703988066f82404a705.js Show response
assets.flodesk.com/ 13 KB
5 KB 8ms
7ms Script
application/javascript 2600:9000:223e:2c00:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/675.b703988066f82404a705.js
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1651846863117
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2c00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ab3c2defb509b84ef51823a45ae319c88d6489ca2de531873be264dd5166d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 09:15:17 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 08 Apr 2022 09:14:32 GMT
Server: AmazonS3
Age: 2437547
ETag: W/"48a4766b3fcf2e0e6bb7a2d5844ba131"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P4
X-Amz-Cf-Id: w7hVEkeikMJ8BBrMP3ejiIv0CBt6FN2sAgWCcdPfzp4PVd7xJP116g==

GET
H/1.1 200
OK 650.f5745f1cd6fec726b945.js Show response
assets.flodesk.com/ 13 KB
5 KB 15ms
7ms Script
application/javascript 2600:9000:223e:2c00:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/650.f5745f1cd6fec726b945.js
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1651846863117
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2c00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb73c173c54751992526fb3a628ea977e778aee629eb31c0fd87dd8f2d7eb4a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 09:15:14 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 08 Apr 2022 09:14:32 GMT
Server: AmazonS3
Age: 2437550
ETag: W/"2948b86e99236d4631f59740c2e267ad"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P4
X-Amz-Cf-Id: eFmZX1tgGARCwK6yyxSc2PqkoBsJH0dEotUaSSRwtJXwVt9KM-asVA==

GET
H/1.1 200
OK 10-ways-to-protect-your-business-graphic_c01e6c75-8424-4831-8d9e-2c003ee9e55f.png
usercontent.flodesk.com/6ea454d5-63e1-4371-bee4-65af32f12751/upload/ 2 MB
2 MB 220ms
154ms Image
image/png 2600:9000:223e:1200:16:5ccd:c900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usercontent.flodesk.com/6ea454d5-63e1-4371-bee4-65af32f12751/upload/10-ways-to-protect-your-business-graphic_c01e6c75-8424-4831-8d9e-2c003ee9e55f.png
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1200:16:5ccd:c900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14331b22594634de195ed842c8c3af206f2d1ef6557bc7760e5ce46a81bb598a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 14:21:04 GMT
Via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
Last-Modified: Wed, 13 Jan 2021 04:00:30 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P4
Etag: "55ad3705786d81a4f6077bdd6d85f8ee"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1797181
X-Amz-Cf-Id: 2EhRmOeiInIN406CVdwf12LQwpRzR4imye5IIPSN9hJu2JJy1mEs8g==

GET
H/1.1 200
OK a5-bifold-brochure-mockup-with-a-customizable-background-1370-el_b7dcd8ea-6493-432d-aa32-13421e4660fa.png
usercontent.flodesk.com/6ea454d5-63e1-4371-bee4-65af32f12751/upload/ 2 MB
2 MB 502ms
277ms Image
image/png 2600:9000:223e:1200:16:5ccd:c900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usercontent.flodesk.com/6ea454d5-63e1-4371-bee4-65af32f12751/upload/a5-bifold-brochure-mockup-with-a-customizable-background-1370-el_b7dcd8ea-6493-432d-aa32-13421e4660fa.png
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1200:16:5ccd:c900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14331b22594634de195ed842c8c3af206f2d1ef6557bc7760e5ce46a81bb598a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 14:21:05 GMT
Via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
Last-Modified: Wed, 13 Jan 2021 03:43:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P4
Etag: "55ad3705786d81a4f6077bdd6d85f8ee"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1797181
X-Amz-Cf-Id: _PTbHleNurPiJ6qsGjbgVj3g6DBNKKjX9D8VvPE8xnEubIZmkIsRmw==

GET
H2 200 Blue_002.png
images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1610474044142-JMRJJKU5KELJ2JPOCILK/ 2 KB
2 KB 96ms
96ms Image
image/png 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5ffde2240c23b676d6a8c247/1610474044142-JMRJJKU5KELJ2JPOCILK/Blue_002.png?format=2500w
Requested by: Host: theoxmangroup.com
URL: https://theoxmangroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8b7ecdf69fce112276582f8c24385582fbf64525991f266589141406fd3f9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 174856
x-cache: HIT, MISS
content-length: 2285
x-served-by: cache-iad-kiad7000020-IAD, cache-hhn4079-HHN
x-timer: S1651846864.876423,VS0,VE90
tracepoint: Fastly
etag: CO2c2q37lu4CEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 7ms
7ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e01b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zzl1xzu&ht=tk&f=39504.39505.39506.39507.39508.39509&a=12822158&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zzl1xzu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e01b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-80819938-1&cid=1591508865.1651846864&jid=547637659&gjid=2121676623&_gid=455838147.1651846864&_u=YEBAAUAAAAAAAC~&z=301467294

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theoxmangroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 May 2022 14:21:03 GMT
content-type: text/plain
access-control-allow-origin: https://theoxmangroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/0230dd/00000000000000007735bb33/30/ 26 KB
26 KB 48ms
48ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0230dd/00000000000000007735bb33/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zzl1xzu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e5b627b2aa5520423d9eef65612847ff0316ea78285f6ca54c461cabf4077f91

Request headers

Referer: https://use.typekit.net/zzl1xzu.css
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:03 GMT
server: nginx
etag: "5bb33ae2a954c4b3b528681f85ecbf7624532fad"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26356

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
517 B 213ms
172ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: theoxmangroup.com
URL: https://theoxmangroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 027ba358-f258-44f7-a139-d03edd02dceb
cf-ray: 70725c33ddf89061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2BC4A94CBDA7B87123373E5945329295EB52812EAE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 117ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theoxmangroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 228957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:45:07 GMT

POST
H2 204 collect Show response
a.clarity.ms/ 0
71 B 96ms
95ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theoxmangroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://theoxmangroup.com
date: Fri, 06 May 2022 14:21:03 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 204 collect Show response
a.clarity.ms/ 0
25 B 282ms
281ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theoxmangroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://theoxmangroup.com
date: Fri, 06 May 2022 14:21:03 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 2bb54670499041c39e2e0d3329e7497c Show response
app.hubspot.com/conversations-visitor/21153261/threads/utk/ Frame FAB5 45 KB
17 KB 166ms
148ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/21153261/threads/utk/2bb54670499041c39e2e0d3329e7497c?uuid=dd56e6ac4f1d425fa4aaeb9e25f9691c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=theoxmangroup.com&inApp53=false&messagesUtk=2bb54670499041c39e2e0d3329e7497c&url=https%3A%2F%2Ftheoxmangroup.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f85aed01d86afaf20e532575278774c5c2a39bdaf3d1c45766b79046f5cb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://theoxmangroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 2623
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 70725c364d9192a1-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.12467/html/index.html&cfRay=70725c364d9192a1&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F21153261%2Fthreads%2Futk%2F2bb54670499041c39e2e0d3329e7497c%3Fuuid%3Ddd56e6ac4f1d425fa4aaeb9e25f9691c%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dtheoxmangroup.com%26inApp53%3Dfalse%26messagesUtk%3D2bb54670499041c39e2e0d3329e7497c%26url%3Dhttps%253A%252F%252Ftheoxmangroup.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Ftheoxmangroup.com%2F&cfenv=prod&pdt=2022-05-06&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 06 May 2022 14:21:04 GMT
etag: W/"51715458c01714071b61dafdbd3156b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 02 May 2022 09:53:14 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a7a1b4c19abc42d237405ce4c4069f10.cloudfront.net (CloudFront)
x-amz-cf-id: 9kLe6LX1byng29CXg_S_v6-4EHeVCV_XkVSMn4CTIulzqH31cWmz7Q==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: Ir6MeZncWNked7PUsqDMI7unbWAh92NJ
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.12467/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.203/ Frame FAB5 43 KB
16 KB 55ms
26ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.203/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/21153261/threads/utk/2bb54670499041c39e2e0d3329e7497c?uuid=dd56e6ac4f1d425fa4aaeb9e25f9691c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=theoxmangroup.com&inApp53=false&messagesUtk=2bb54670499041c39e2e0d3329e7497c&url=https%3A%2F%2Ftheoxmangroup.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e8f0db124467ba13998321f98b5e1a2676bba6a1a4f332d86bda5e67a7193e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1196541
x-amz-server-side-encryption: AES256
cf-ray: 70725c376d9d9a2a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Apr 2022 17:43:58 GMT
server: cloudflare
etag: W/"7f32041ce4ae3e5ab88e0b0ea6ab18e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKYIy41B68BvjdkVgE1pJIXg5R67HW0V7vp5Uk8yLciSrVW7iXwfhrdAOsPtiyrmCDz2JpfVGEGs1gepD3JK1rehLdjult%2Fi6SgGEEL1y2Ajj2%2BYJKQCF%2FoI8p51FIMtUJVQKMVRM%2F5wBWu7xtdHeHuMm0Y%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: UGiKWIpHu8m7uqqaj3K0FjiIdd4O1v_r
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: UbekG86K_oPOO45is_jaOgTfUQJnP4suEDTPS9mzA-a939RO2JETWQ==
expires: Sat, 06 May 2023 14:21:04 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame FAB5 20 KB
5 KB 51ms
22ms Stylesheet
text/css 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1491955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIOVipzJFpDaJAon%2FESzP7AEotyiz5uX6%2FakDB58IcXkB88EyK752j7sYT0Fm6zQGCaHTKKlA%2Fa2hLxVZzdM3vwZ5ES6hrtsYkbuCPMbE4u8%2F9b21Diq8TyxjxS9E8feH3TkN2sAS3NCtzYFvHciQ2qieds%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P2
cf-ray: 70725c377a15690d-FRA
x-amz-cf-id: 23c1eNiCqFv3-L7b7GcD5q0QudwUFfEGt_BsOirNla5ADUFWqNjTzQ==
expires: Sat, 06 May 2023 14:21:04 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.245/ Frame FAB5 285 KB
91 KB 54ms
26ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.245/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71ed5e133bbae4e2ef1723946c5584c9d4896e0fbc2c0cafb55de43712b4720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
via: 1.1 37e2872b8b14122ba8fe3a34c3bb506a.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 769039
x-amz-server-side-encryption: AES256
cf-ray: 70725c376da29a2a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Apr 2022 15:52:40 GMT
server: cloudflare
etag: W/"939fdf20ed52bee9b80cc045a31dd0dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=our%2Fba05uB76PU95NKWrgqdHtVX2hohozy%2Bis%2B7rsgglDnLYVe%2BKx%2FeHJQkOHWLWdwuEBCIQafg8iZLd%2FSknDoyw17m96rV8JsEqbNsgmCzozYOpT2B%2BHAwvISZG2lJttuGQNl%2BVVrNiutNnRKW3LZXcItc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NuQtwG3QB3159g7h2fjU0t2mShrFaIyk
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-C1
content-type: application/javascript
x-amz-cf-id: LAEQbI5UfC1lzobWMF-1W3Ux-lx7HeznGthGARWjDg7FauIYFOXPpw==
expires: Sat, 06 May 2023 14:21:04 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12467/bundles/ Frame FAB5 506 KB
148 KB 50ms
21ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12467/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

640641f67d71f804fdc68413adbf92145b91fac27ac8e310402abc74916027ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
via: 1.1 4842376441adfff51e41110458fe337a.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 318466
x-amz-server-side-encryption: AES256
cf-ray: 70725c376d9f9a2a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 02 May 2022 21:48:50 GMT
server: cloudflare
etag: W/"93612e1ff4989c33f139649cbbe580ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Biuw%2Bf6XoU8mNrzKfqnbdGEYxIADehqAIU3D8yvP5TXYL%2BTuzPsNHUJj%2FBzdT6L0T9ZkSuCycmFvsK540iAUXSraU4A81E%2Fjkkx5KQ5mfOe0v8xSQsVg6aPYuT79RwAiw%2FwzGFLpUjljS92ocKpeBdMb1%2BE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: c_ME8I9c5rS_VUPeb2G11xh.FkzqNYqo
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: TXL50-P4
content-type: application/javascript
x-amz-cf-id: eGvRgcdVuWPiId44f2YH1YzBvqVQCd2EG-_gI4I9Z12SWUyfSYkDaA==
expires: Sat, 06 May 2023 14:21:04 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12345/ Frame FAB5 776 B
1 KB 45ms
25ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12345/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12467/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4539d65bbb4e63f0aa6cf4d575ef93999a2c3d22a3834fc2b1283b4722531c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2133543
x-amz-server-side-encryption: AES256
cf-ray: 70725c385c209b1b-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 21:46:08 GMT
server: cloudflare
etag: W/"86a4c873ef7ecdf9b2c0519ae1f7cabc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FxdMYXsmScSJKdcwILlNDzI7sAOXS48zP%2B1J08dGipdM9uOOXB9DZv7EQ2XxoZNHxvAVIQLrJim9K1eOMKZnyG2PZfb8uIOr76ZzqG%2FsFb0Qn8Ya7PKL3xSL%2BLhyymnAmDP%2BEVQCfxBSj7je9Dbz8RIwbY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: ZkyW9K.WQcROxyOxhmlVF7b4.3qSqja5
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: obc3dJagooggjeLlDy0LTQBj8L3T4GO2O7aIlaOhzsNf3f5Dz9Am9w==
expires: Sat, 06 May 2023 14:21:04 GMT

GET
H2

200

default-100
avatars.hubspot.net/ Frame FAB5
Redirect Chain

https://api-na1.hubspot.com/userpreferences/v1/avatar/02d13fc9780e1de0b98d2ec0fc0393e6/100
https://avatars.hubspot.net/default-100

448 B
1 KB

65ms
24ms

Image
image/webp

2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/default-100
Protocol: H2
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 51950
x-amz-server-side-encryption: AES256
cf-ray: 70725c3a291e9bf2-FRA
content-length: 448
x-amz-id-2: 1CJAA72ixkpYr4s14VnC8IOzdmMYv48zq37ph2f9v74dSObtKwnvznqxz8YR+Snppchyx7a40TI=
last-modified: Fri, 18 Sep 2020 15:59:13 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1997735891/gname:staff/uname:jmendelewski/gid:20/mode:33188/mtime:1484768632/atime:1484768827/md5:dd769facdb720bc65224b1db30749aeb/ctime:1484768635
etag: "dd769facdb720bc65224b1db30749aeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5cUmMkZnmGQ8sBwwfIhIINnn6N53AwX9hlToyzkzp0se0DWqvuGinDmIOXCKJ%2FntmLbAqc1PKkMNqHQwEtFz0J8x7cU6vLK9uAi2bKBIUc0fCgGCVGvT9Bq81uI%2FnYlXy7etZLOp2kvnMFXTZw1EFk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: YG2HG55N53CMC934
cf-polished: origFmt=png, origSize=798
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

Redirect headers

date: Fri, 06 May 2022 14:21:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: 4f96b6b1-4816-48fe-a152-5bb99f70a06e
x-trace: 2BCC8C70F322213464E346192B22F26FE0AFDB4E6C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pu6KSdsZI%2B9GdC%2B%2F3x3IVdOLiKe1REJMRVz2dUSHht085dCNJhZ5IstXuFEedN2hP7Gu1tTR3VQTLSgERH0VSkboN93CoLyzX9VJs6OYVUsaImfIMX8IqiCchRukPAmWYJRBCyY0JRBed0nPWmweB8%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/default-100
access-control-allow-credentials: false
cf-ray: 70725c38fac692a1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 rhumb
api.hubspot.com/cartographer/v1/ Frame FAB5 0
1 KB 170ms
153ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12467

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12467/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6d66ed3b-b3a3-4c27-91ce-f2aa5a5d8246
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTtr5oZT3ABn9HgrXHFBVxUS8ftdUuQTSMw2UMyfr3pl9eDdbdQ09pQIjrY7Y2Tj2E6ZWJkQ5SjHGztwE3A2ukqYmVA7A0cdWWz1R2PcHeGFI%2B6tp7hlb8V67%2F%2B8Oh%2BZvxaxkKrz%2FdfGtOeEQg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 70725c390cec5c8c-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=F78BB45621884279AC4A1FE0E91DC8A7&RedC=c.clarity.ms&MXFR=3177F423AA2163B4118CE5BFAE216DCF
https://c.clarity.ms/c.gif?CtsSyncId=F78BB45621884279AC4A1FE0E91DC8A7&MUID=02135D7231FE63213EC24CEE3095629F

42 B
368 B

28ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=F78BB45621884279AC4A1FE0E91DC8A7&MUID=02135D7231FE63213EC24CEE3095629F
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 14:21:04 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 14:21:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DDF1D07472F048F48D3926341EF3DACD Ref B: FRAEDGE1409 Ref C: 2022-05-06T14:21:05Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=F78BB45621884279AC4A1FE0E91DC8A7&MUID=02135D7231FE63213EC24CEE3095629F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
508 B 131ms
130ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=21153261&rcu=https%3A%2F%2Ftheoxmangroup.com%2F&pu=https%3A%2F%2Ftheoxmangroup.com%2F&t=The+Oxman+Group&cts=1651846864858&vi=f6bd2adea43e0d569aaafd5c732207d6&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:04 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 787ab51b-e49f-43d9-b778-ea7d1f803fef
cf-ray: 70725c396bca92a1-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kevnHqziLy30LpGRzOAmrxzcjXXm95bDw4YRQuV4EZcRh8W27An0Z6vJ7Mpdw8WVVp2oTzVQK6ZmcpDOp50QYBwwjc0AfHpdOVfV4mmGmZWuyxtv%2F7J5SPvYwDcI54uR%2BFi2yDOnY2%2BgYwoXSgZs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 74 B
918 B 204ms
156ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=21153261

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b51653bedc1c92d8c2dd43126c5b15e692cca992e7b8be0688573a72bb97ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 29e41cd1-0a3f-40c8-baac-71c71bcca69d
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B7F35645A49D093CA9A2244CCF8EE8DC120A06162000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og5xPz%2BWquRVNtkfUztq0U6X3Iqw5BYlxTW1MM5gIJ635tfcaH33p9ybyvD9ZM0M3ueBtA52Y3w8QVk9g%2B2OL6c%2Fv4qIx1vGZ22OMI1drIRGh5JgH14AtCqdmkt%2F1elcGWK4SqIi3GIaBjFG"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://theoxmangroup.com
access-control-allow-credentials: false
cf-ray: 70725c39b8ac6913-FRA
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 31ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: wL3w0c4xXP4y+VoPTjM5dfe7qKON6RVUK8nx2IyXykpYzh0Uy7j/+8idJglGdajoMqwt/8+VLbyf49/YAZlSFA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 06 May 2022 14:21:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.58

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20656
x-xss-protection: 0
pragma: public
x-fb-debug: ObSNnc8ZNx2hzvqv8P5uoAcbPe2++pfBOIixbHzRmNrzg9lGuK0y8A7KP88U3Zg04tRDoz0v0E68tbqUL8Bh+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 06 May 2022 14:21:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 720800875131520 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 64ms
56ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/720800875131520?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

711ea9a9a1e993e3b03fb546c6ddab20319eb68e94ba2c664ecf4676f8f2c38a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Y54Qt2Eb20guIPtbXj6tiIxgi6r4/cJFmfw3rPGILix0axBOIUNtqQGeep290jX0eaTQRi9HYERRmiKjgLgcHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 06 May 2022 14:21:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651846865173
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 36ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=720800875131520&ev=PageView&dl=https%3A%2F%2Ftheoxmangroup.com%2F&rl=&if=false&ts=1651846865249&sw=1600&sh=1200&ud[external_id]=f6bd2adea43e0d569aaafd5c732207d6&v=2.9.58&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1651846865248.1011481962&it=1651846865111&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 06 May 2022 14:21:05 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
471 B 226ms
192ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theoxmangroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:21:05 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 4641c4a5-e3f3-4b4b-bf07-c5b89459fc2a
cf-ray: 70725c3f3da06910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2BD90A484C07680CF22441D2365A0BF0A2130FC4AC000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

POST
H3 200 / Show response
www.facebook.com/tr/ Frame AE33 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://theoxmangroup.com
Referer: https://theoxmangroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://theoxmangroup.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 14:21:05 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 92ms
91ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: a.clarity.ms
URL: https://a.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theoxmangroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://theoxmangroup.com
date: Fri, 06 May 2022 14:21:05 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
securitycompanyfortworth.com/	1969-12-31 23:59:59	Name: crumb Value: BbqZrLl1pblnMGE5NzRmNWY3M2U0OGU3MjllNWJhZDUzYjE0YmU4
theoxmangroup.com/	1969-12-31 23:59:59	Name: crumb Value: BfnBYjntZseIN2I4NThlN2Y1MzFmNTgxOTEwMmY1N2VjYWI3ZmRi
www.clarity.ms/	1970-01-20 11:36:22	Name: CLID Value: 773cbeae8eb5496989c036f8c5b5a260.20220506.20230506
theoxmangroup.com/	1970-01-20 20:21:58	Name: ss_cvr Value: ef1bbd0c-b066-4415-8d34-e029ecfe8aa1\|1651846863595\|1651846863595\|1651846863595\|1
theoxmangroup.com/	1970-01-20 02:50:48	Name: ss_cvt Value: 1651846863595
.theoxmangroup.com/	1970-01-20 20:21:58	Name: _ga Value: GA1.2.1591508865.1651846864
.theoxmangroup.com/	1970-01-20 02:52:13	Name: _gid Value: GA1.2.455838147.1651846864
.theoxmangroup.com/	1970-01-20 02:50:46	Name: _gat_gtag_UA_80819938_1 Value: 1
.theoxmangroup.com/	1970-01-20 11:36:22	Name: _clck Value: jtewxs\|1\|f18\|0
.theoxmangroup.com/	1970-01-20 02:52:13	Name: _clsk Value: sfaz3o\|1651846864047\|1\|1\|a.clarity.ms/collect
.hubspot.com/	1970-01-20 02:50:48	Name: __cf_bm Value: GiMRN22uGzCKvPosEDWKDut2ml09Hs8cBeNY_JWw558-1651846864-0-AS0S5iZ6OQH+w68W9ZiDU2r7DmpO8aTwhQhKS7D4IITld9p/YnJNnt9POSNBy0R+2o7nOnIV/794YaXw2qAU01c=
.theoxmangroup.com/	1970-01-20 07:09:58	Name: messagesUtk Value: 2bb54670499041c39e2e0d3329e7497c
.theoxmangroup.com/	1970-01-20 07:09:58	Name: __hstc Value: 234132865.f6bd2adea43e0d569aaafd5c732207d6.1651846864856.1651846864856.1651846864856.1
.theoxmangroup.com/	1970-01-20 07:09:58	Name: hubspotutk Value: f6bd2adea43e0d569aaafd5c732207d6
.theoxmangroup.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.theoxmangroup.com/	1970-01-20 02:50:48	Name: __hssc Value: 234132865.1.1651846864857
.c.bing.com/	1970-01-20 12:12:22	Name: SRM_B Value: 02135D7231FE63213EC24CEE3095629F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:12:22	Name: MUID Value: 02135D7231FE63213EC24CEE3095629F
.c.clarity.ms/	1970-01-20 02:50:47	Name: ANONCHK Value: 0
.theoxmangroup.com/	1970-01-20 05:00:22	Name: _fbp Value: fb.1.1651846865248.1011481962

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
ajax.googleapis.com
api-na1.hubspot.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
assets.flodesk.com
assets.squarespace.com
assets.squarewebsites.org
avatars.hubspot.net
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
form.flodesk.com
forms.hsforms.com
forms.hubspot.com
ghostplugins.dev
images.squarespace-cdn.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
p.typekit.net
securitycompanyfortworth.com
static.hsappstatic.net
static1.squarespace.com
stats.g.doubleclick.net
theoxmangroup.com
track.hubspot.com
use.typekit.net
usercontent.flodesk.com
www.clarity.ms
www.facebook.com
www.ghostplugins.dev
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.45.184.134
151.101.128.237
151.101.64.238
198.185.159.144
198.49.23.145
23.205.251.248
2600:9000:223d:aa00:f:9de7:2240:93a1
2600:9000:223e:1200:16:5ccd:c900:93a1
2600:9000:223e:2c00:f:b2f5:a240:93a1
2606:4700:20::681a:a2
2606:4700:4400::6812:21ab
2606:4700::6810:5505
2606:4700::6811:44b0
2606:4700::6811:74b0
2606:4700::6811:81ab
2606:4700::6811:8d2
2606:4700::6811:c8cc
2606:4700::6811:d2cc
2606:4700::6811:ebcc
2606:4700::6811:f2cc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:27::cafe:2133
2620:1ec:c11::200
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9b
2a00:1450:400e:80e::2008
2a02:26f0:3500:7::17d8:4dd1
2a02:26f0:f7::5c7b:e01b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.142.114.2
037709da281376828e43211b173f1f202861ff95fcfd8c32948bae02c66092e4
0ab3c2defb509b84ef51823a45ae319c88d6489ca2de531873be264dd5166d27
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
142e1cd28809b7bbe61123941a3a70a045a5c1fa864c97574b32abd94f4b4229
14331b22594634de195ed842c8c3af206f2d1ef6557bc7760e5ce46a81bb598a
147d8d6e8ead947196e9d467ebd7f1964abba15e0ff7d1b4acb8a61eb7afb111
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ba4db8a8b47e7401e2ce265e599728073542f70940cb889c6315f3c4e23da0e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f4539d65bbb4e63f0aa6cf4d575ef93999a2c3d22a3834fc2b1283b4722531c
2436530fee858652d1e19d486a85d5189a27363ec0083a30b9426c2d348958be
2c7ed462690163461cad0d10fad9144977fde58cc475be472d34aa6f2782ef27
3b51653bedc1c92d8c2dd43126c5b15e692cca992e7b8be0688573a72bb97ca1
3cafb80fd25d1112014f0def67b2b9d23c4a524c3ae85dab02854eeeab501c8f
4146c2ed22143d24f04c5eff95c4111436bcb2be8eb814629ca86493f7b3932f
41b23fe048b2fd60e44fb571828a3b190c9d35f73ed2e0fd0a22ec49af970e45
446d520f4ed608c1dbb7483176229b73024663995b5f29da66efa279fd20916f
483723eb5294c08f1fcca152bba3e26af4af3decfc522782f04008ba446257e2
4867dbf5c0a0b62181f1fcab308a26c897ef65fd68c61f74d06a75c7bea9be67
4a85bb852e73b4b8d3d52cd2386d785dacb6eb4187e7271d7a7b7facc1b11c6c
4ba7ea9dbea03c2b9bc67ae21e519f95e17b99891189cba6e53dca643ae18d3a
4c3d1cb58e8e730d84317b595275eff1aae625253d6b5745f678b0d158b267d1
4f00c6240c80fe1c5b9e2381fcbb44eae5b4ff774ef66ba5a4d22f15beb9ff6f
561413a81b8108554f93d2eaa674a41e7816a88b3183804938f7215315e28284
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
5cb4b7deb095f0e20f4cd4ba508d718ff1185df167c25eb231e40ca29590ea34
60bee5395c3634af83e16e1a1e80f9a82a9fddd3e8af291dd5ec3862271bc231
640641f67d71f804fdc68413adbf92145b91fac27ac8e310402abc74916027ef
6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711ea9a9a1e993e3b03fb546c6ddab20319eb68e94ba2c664ecf4676f8f2c38a
72a275131838c90c764ee0ace5239d8b4061629f8201261e2c677630446923bc
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7690a068f3c99aaff5cbc7b8fa13a9eea0d8951216404696814c8d1957302d00
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7dc2181f67db2cb889c9500a17d0244e21c8cfaecf4eb00f0a3f60426638ea46
7f7e9d7deb66b3cc88e9015936c53a700b8c3bfa484644c2ec93732f097960e9
83a803b7c6a2c6060856a994b830a8581ba8e572934e41407cb768beb4bea7ae
85ff522f9e9e22a96be11f5eeb95cf0d1e1a409fcef5a4a0581d46b5c4f83d05
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8e8f0db124467ba13998321f98b5e1a2676bba6a1a4f332d86bda5e67a7193e0
914a7f0227e36a6bb75b3a24f83917d6b3027d845dcf8ddfcd5401182e16712f
93295de48b9afeaaee8f302d3f6bf06ee04d2eb0da96ea3dd4499a03aed6debd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ae4ad9770e5aa4a4e8063188195c8bc42300dab8f133f05211d7036c43b236d
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d62a174ae0be0ffad85fbbc1ff333dc820c21a29ad38122c1f1a70a395f6318
9ddca2e71340fc24b0611fb8abab06d1b79e1b89a388de2ac9edb15e1b938602
a0450273c0d11e7c36f4f3ff0f22195eff70dd9f425e0ed4f2edd73fdae22424
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b29a375588db154a3c218b1b22093aa712c9a0ecab9151bc0998437607f0e9
a335034c7cafef2c77fcbf69ab399efbaa0fb72fa405b2d92c502c6b64d21edc
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e
aecbbb82a3f1f565c7fd764f886cb63a2c64c87025198626b8d33c2b98d27c8e
b4f85aed01d86afaf20e532575278774c5c2a39bdaf3d1c45766b79046f5cb61
b7f7ce7a026b8779984cc06812546520fe29cd24dc23f211ee2362459bef0e61
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
b980267ac2254ef534bfe32055489ed677d461077b37f2ee62bf7b5fc4f7362f
bb99f87da50d1affa118d02bcf32b803c8cfa9d41ad52ea5e716f6195736aa42
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
becef044ad12f78fbee073e80704df9d9b3e352aa8ac6f7a9ae7ff3963835e8f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c209cd147b94d35e3727824caf8ddda3d7047fc162efce60bcd5d4e813417d84
c4d7965693f963b7370bc701d9a4de9632044d305728a8b449e0ea0c64116f37
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ca7f492bccf47ea1a71369c48b256fdc7e017717e5c366ee9f5b96c508380911
cb73c173c54751992526fb3a628ea977e778aee629eb31c0fd87dd8f2d7eb4a9
ce6b49ca9fc6bce7548c2f246f67d66f98722c0c626c2256a40473c79f817c1a
cef5b2f18783775bcef71ec51ae18ff9799f2edf61c68150d8ac3dd187f1b5d2
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
d0fe76214677126cc1b04eaeb5bbbabd8faba15f0b39b418275ef6d1e895cf6a
d4204004011e40e4932af8f9fa30ca1eb4e9f5338cfcce3e540ba53013ae6551
d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df014f6a02e9976412563d004e66def5977a06944bc525394dee9c49b0259040
e0dd8ccd27470010f5148a31d1d6dafee2ddccca06b73536e3219bcd790a4fad
e140022b28f49866c83fc34eafbe550e1af89819eeb46b52d68ca1385402e3c6
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e30a6c6fe73dbb38de2a73aad5b1089058a8d671bfd2d44f2ce63b319f8ec2b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b627b2aa5520423d9eef65612847ff0316ea78285f6ca54c461cabf4077f91
e8b7ecdf69fce112276582f8c24385582fbf64525991f266589141406fd3f9ef
ea4459e80738e268d96e3f05a99696642b87c6651d6d2d67ba40894111808429
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f71ed5e133bbae4e2ef1723946c5584c9d4896e0fbc2c0cafb55de43712b4720
f7c4aafd2597166d7192b560f072a466fed9c54d72e6e1dc311a0c9c6b0c2e76
f7d52481cba69debb22c6028f24dca95bbfbbacb6f2248a6445bfbe82ea6774f
f890ccc79170bbc968c2c2052553b8f7a6b300d10a7181d6c6993dc016fdbce0
fddb73481481d9c2fe5dc8325f706516995542b0dc5d52ab0f1edf480c913b0a

theoxmangroup.com Open in urlscan Pro 198.185.159.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

97 %HTTPS

81 %IPv6

29 Domains

42 Subdomains

36 IPs

4 Countries

5785 kBTransfer

11251 kBSize

21 Cookies

14 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theoxmangroup.com Open in urlscan Pro
198.185.159.144 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

97 %
HTTPS

81 %
IPv6

29
Domains

42
Subdomains

36
IPs

4
Countries

5785 kB
Transfer

11251 kB
Size

21
Cookies

101 HTTP transactions
0 data transactions