theordinary.com Open in urlscan Pro
104.19.145.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theordinary.com/
Effective URL:
https://theordinary.com/en-de
Submission: On February 09 via api (February 9th 2024, 2:19:55 am UTC) from US — Scanned from DE

Summary HTTP 160 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 35 domains to perform 160 HTTP transactions. The main IP is 104.19.145.121, located in and belongs to CLOUDFLARENET, US. The main domain is theordinary.com. The Cisco Umbrella rank of the primary domain is 269822.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on March 24th 2023. Valid for: a year.

This is the only time theordinary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 48	104.19.145.121 104.19.145.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	52.239.221.36 52.239.221.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:5a00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.77 18.245.60.77	16509 (AMAZON-02) (AMAZON-02)
13	85.222.147.21 85.222.147.21	14340 (SALESFORCE) (SALESFORCE)
1	13.32.29.156 13.32.29.156	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.103 18.245.60.103	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:190d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:592::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2 4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	54.145.98.26 54.145.98.26	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
4	35.157.194.178 35.157.194.178	16509 (AMAZON-02) (AMAZON-02)
4	2.19.96.162 2.19.96.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.215.22.232 23.215.22.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.96.182.255 3.96.182.255	16509 (AMAZON-02) (AMAZON-02)
14	52.60.165.90 52.60.165.90	16509 (AMAZON-02) (AMAZON-02)
2	79.125.24.105 79.125.24.105	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:d400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	143.204.98.64 143.204.98.64	16509 (AMAZON-02) (AMAZON-02)
2	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
5	34.192.191.43 34.192.191.43	14618 (AMAZON-AES) (AMAZON-AES)
8	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.120.210.154 104.120.210.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.84.88.110 99.84.88.110	16509 (AMAZON-02) (AMAZON-02)
2	13.109.184.55 13.109.184.55	14340 (SALESFORCE) (SALESFORCE)
3	2a02:26f0:350... 2a02:26f0:3500:89a::38e9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.97.95.115 3.97.95.115	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:266... 2600:9000:266e:d600:7:bffe:c3c0:21	16509 (AMAZON-02) (AMAZON-02)
160	46

48 104.19.145.121 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

theordinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.221.36 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

publicfiles10em.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:5a00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-77.fra60.r.cloudfront.net

static.myshlf.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 85.222.147.21 (Paris, France)

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg0-cdg3.eu26-cdg.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.29.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-156.fra56.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-103.fra60.r.cloudfront.net

aa873949f74d.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:190d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:592::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

11373437.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
13759042.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.98.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-98-26.compute-1.amazonaws.com

110006539.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.194.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-194-178.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.96.162 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-162.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.22.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-232.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.96.182.255 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-96-182-255.ca-central-1.compute.amazonaws.com

deciemchatbuild.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.60.165.90 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

deciem.my.salesforce-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.125.24.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-24-105.eu-west-1.compute.amazonaws.com

e.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.64 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-64.fra50.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

20690ba8a7264ee69bc444faa0915668-aa873949f74d.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.120.210.154 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-120-210-154.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-110.muc50.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.109.184.55 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl9-ncg1-c5-iad4.la1-c2-ia4.salesforceliveagent.com

d.la1-c2-ia4.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:89a::38e9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.lightning.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.97.95.115 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-95-115.ca-central-1.compute.amazonaws.com

d.la1-core1.sfdc-58ktaz.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:266e:d600:7:bffe:c3c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3nocrch4qti4v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	theordinary.com 2 redirects theordinary.com — Cisco Umbrella Rank: 269822	1 MB
17	force.com 1 redirects service.force.com — Cisco Umbrella Rank: 3836 deciemchatbuild.secure.force.com — Cisco Umbrella Rank: 446574 static.lightning.force.com — Cisco Umbrella Rank: 7281	2 MB
14	salesforce-sites.com deciem.my.salesforce-sites.com — Cisco Umbrella Rank: 207632	442 KB
11	forter.com 1 redirects aa873949f74d.cdn4.forter.com — Cisco Umbrella Rank: 510216 cdn9.forter.com — Cisco Umbrella Rank: 4787 20690ba8a7264ee69bc444faa0915668-aa873949f74d.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4508 cdn3.forter.com — Cisco Umbrella Rank: 4209	175 KB
8	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 859	6 KB
6	doubleclick.net 2 redirects 11373437.fls.doubleclick.net — Cisco Umbrella Rank: 620633 13759042.fls.doubleclick.net — Cisco Umbrella Rank: 625901 stats.g.doubleclick.net — Cisco Umbrella Rank: 80	3 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2720 adservice.google.com — Cisco Umbrella Rank: 97	2 KB
4	salesforceliveagent.com d.la1-c2-ia4.salesforceliveagent.com — Cisco Umbrella Rank: 34967 d.la1-core1.sfdc-58ktaz.salesforceliveagent.com — Cisco Umbrella Rank: 28487	6 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 628	142 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2871	9 KB
3	cloudfront.net d3nocrch4qti4v.cloudfront.net	837 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 363	14 KB
3	cquotient.com cdn.cquotient.com — Cisco Umbrella Rank: 7097 e.cquotient.com — Cisco Umbrella Rank: 11333 p.cquotient.com — Cisco Umbrella Rank: 7730	22 KB
2	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 752	656 B
2	google.de www.google.de — Cisco Umbrella Rank: 6562	515 B
2	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 976	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 171	69 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1277	10 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1311 pixel.quantserve.com — Cisco Umbrella Rank: 1132	10 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 853	20 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 1019	59 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	204 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2759	968 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	185 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1307	639 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1264	637 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1147	18 KB
1	igodigital.com 110006539.collect.igodigital.com — Cisco Umbrella Rank: 693833	2 KB
1	gbqofs.com cdn2.gbqofs.com — Cisco Umbrella Rank: 49474
1	gstatic.com www.gstatic.com	197 KB
1	myshlf.us static.myshlf.us — Cisco Umbrella Rank: 76563	1 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4433	14 KB
1	windows.net publicfiles10em.blob.core.windows.net — Cisco Umbrella Rank: 461437	368 KB
0	Failed function sub() { [native code] }. Failed
160	35

	Domain	Requested by
48	theordinary.com	2 redirects theordinary.com
14	deciem.my.salesforce-sites.com	theordinary.com deciem.my.salesforce-sites.com static.lightning.force.com
13	service.force.com	theordinary.com deciem.my.salesforce-sites.com service.force.com
8	ct.pinterest.com	s.pinimg.com theordinary.com
5	cdn0.forter.com
4	analytics.tiktok.com	theordinary.com analytics.tiktok.com
4	tags.srv.stackadapt.com	theordinary.com tags.srv.stackadapt.com
3	d3nocrch4qti4v.cloudfront.net
3	static.lightning.force.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com theordinary.com
2	d.la1-core1.sfdc-58ktaz.salesforceliveagent.com	static.lightning.force.com
2	d.la1-c2-ia4.salesforceliveagent.com	service.force.com
2	cdn3.forter.com
2	tr.snapchat.com	sc-static.net
2	cdn9.forter.com	1 redirects theordinary.com
2	adservice.google.com	13759042.fls.doubleclick.net 11373437.fls.doubleclick.net
2	www.google.de	theordinary.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	servedby.flashtalking.com	www.googletagmanager.com servedby.flashtalking.com
2	connect.facebook.net	theordinary.com connect.facebook.net
2	13759042.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	11373437.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	theordinary.com
2	www.googletagmanager.com	theordinary.com www.googletagmanager.com
1	p.cquotient.com	cdn.cquotient.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	www.facebook.com	theordinary.com
1	pixel.quantserve.com	theordinary.com
1	20690ba8a7264ee69bc444faa0915668-aa873949f74d.cdn.forter.com
1	rules.quantcount.com	secure.quantserve.com
1	alb.reddit.com	theordinary.com
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	e.cquotient.com	cdn.cquotient.com
1	deciemchatbuild.secure.force.com	1 redirects
1	sc-static.net	theordinary.com
1	110006539.collect.igodigital.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cdn2.gbqofs.com	theordinary.com
1	www.gstatic.com	www.google.com
1	aa873949f74d.cdn4.forter.com	theordinary.com
1	cdn.cquotient.com	theordinary.com
1	static.myshlf.us	theordinary.com
1	www.dwin1.com	theordinary.com
1	publicfiles10em.blob.core.windows.net	theordinary.com
0	mlomiejdfkolichcflejclcbmpeaniij Failed
0	ihcjicgdanjaechkgeegckofjjedodee Failed
0	gighmmpiobklfepjocnamgkkbiglidom Failed
160	52

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
niod.com GeoTrust TLS RSA CA G1	`2023-03-24` - `2024-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-27` - `2024-09-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
static.myshlf.us Amazon RSA 2048 M03	`2023-08-11` - `2024-09-08`	a year	crt.sh
*.eu26.force.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2024-12-31`	a year	crt.sh
*.cquotient.com Amazon RSA 2048 M02	`2023-04-05` - `2024-05-03`	a year	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
gbqofs.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-11`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.collect.igodigital.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
sfdc-58ktaz.my.salesforce-sites.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-02` - `2025-02-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-11-23` - `2024-07-22`	8 months	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh
la1-c2-ia4.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-04` - `2024-07-01`	a year	crt.sh
static.lightning.salesforce.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-05-08` - `2024-05-01`	a year	crt.sh
la1-core1.sfdc-58ktaz.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-15` - `2024-11-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://theordinary.com/en-de
Frame ID: 1C166D072CAEF55BE8DB92EC9AD7FF1D
Requests: 117 HTTP requests in this frame

Frame: https://11373437.fls.doubleclick.net/activityi;dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de
Frame ID: C5241C575CD4A251262D04F1F453752C
Requests: 2 HTTP requests in this frame

Frame: https://13759042.fls.doubleclick.net/activityi;dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de
Frame ID: 65605265943E7B22100E2478CD86BC5B
Requests: 2 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/25633;130017;14288;iframe/?ftXRef=undefined&ftXValue=undefined&ftXType=Page_View&ftXName=undefined&ftXNumItems=1&ftXCurrency=undefined&U1=undefined&ft_referrer=https%3A%2F%2Ftheordinary.com%2Fen-de&ns=&cb=361204733
Frame ID: 61F0C027688C6FD48E080B9A3B17D285
Requests: 2 HTTP requests in this frame

Frame: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
Frame ID: 31347B49829F2014AFE27E71C3EE514D
Requests: 27 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cee3acf4-f810-4ae6-ae30-04952a3dd849&u_scsid=5c07a58e-01de-4ebb-b7af-10b7d6abfdea&u_sclid=64b758c9-9efb-470b-b61c-d7b443b01644
Frame ID: E7BC82F3E7089A66AF1A81691F19B6F9
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/eswDev.html?parent=https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
Frame ID: 67A92FD2F63E4EE3B226AACB439ADD73
Requests: 6 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 2F225FC7CF0F86E2EEAC1796DD2F6382
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png
Frame ID: 379DAE5814A90376326947BB89026EAB
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg
Frame ID: D1208F78589BF8730A3277DE929C6697
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png
Frame ID: 1B0F2A040B7916020E7539B0E0FAB363
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to The Ordinary: Effective Clinical Skincare

Page URL History Show full URLs

http://theordinary.com/ HTTP 301
https://theordinary.com/ HTTP 302
https://theordinary.com/en-de Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

160
Requests

96 %
HTTPS

41 %
IPv6

35
Domains

52
Subdomains

46
IPs

7
Countries

4766 kB
Transfer

14233 kB
Size

55
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/theordinary

Search URL Search Domain Scan URL

URL: https://www.instagram.com/theordinary/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/deciem

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@theordinary

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theordinary.com/ HTTP 301
https://theordinary.com/ HTTP 302
https://theordinary.com/en-de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://11373437.fls.doubleclick.net/activityi;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de HTTP 302
https://11373437.fls.doubleclick.net/activityi;dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de

Request Chain 54

https://13759042.fls.doubleclick.net/activityi;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de HTTP 302
https://13759042.fls.doubleclick.net/activityi;dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de

Request Chain 62

https://deciemchatbuild.secure.force.com/liveAgentSetupFlow HTTP 301
https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Request Chain 83

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/7cbf5c923c187d736c23b01c18fb53b9f9e1cd0f2a8c1034e9e6685ebac2c41cac7f4ace641353e2d8f949d6a076

160 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en-de Show response
theordinary.com/
Redirect Chain

http://theordinary.com/
https://theordinary.com/
https://theordinary.com/en-de

279 KB
27 KB

697ms
696ms

Document
text/html

104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theordinary.com/en-de

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43d04af47e07ec175f22903793a79c673bb93015ae1f96a5b4a6a6f24fbb5b96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8528a12fb9a218b7-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Fri, 09 Feb 2024 02:19:49 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
server: cloudflare
vary: accept-encoding
x-content-type-options: nosniff
x-dw-request-base-id: hIUDRvhrxWUBAAB_

Redirect headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8528a12d1fea18b7-FRA
content-length: 0
content-type: text/html;charset=UTF-8
date: Fri, 09 Feb 2024 02:19:49 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
location: /en-de
pragma: no-cache
server: cloudflare
x-dwsid-samesite: None None

GET
H2 200 jquery.min.js Show response
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/ 87 KB
31 KB 38ms
36ms Script
application/javascript 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/jquery.min.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:58 GMT
server: cloudflare
age: 7890
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591559
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c1f18b7-FRA
x-dw-request-base-id: QHQYRDlrxWUBAAB_
expires: Sun, 10 Mar 2024 00:00:57 GMT

GET
H2 200 vendors.js Show response
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/ 389 KB
112 KB 38ms
37ms Script
application/javascript 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/vendors.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc77e58076d7a8bbed8e0f89c151ef555c9b31d96fe978a714da5b11fef98782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7890
cf-polished: origSize=398160
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591581
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c2118b7-FRA
x-dw-request-base-id: QHRyRk9rxWUBAAB_
expires: Sun, 10 Mar 2024 00:01:19 GMT

GET
H2 200 main.js Show response
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/ 108 KB
27 KB 22ms
21ms Script
application/javascript 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/main.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78bb6fd88bd659d9e49f1c40a0ddc75d4f9df25bc686294ef0a0700a728e137e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7890
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591558
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1346c4d18b7-FRA
x-dw-request-base-id: QHQXRDlrxWUBAAB_
expires: Sun, 10 Mar 2024 00:00:57 GMT

GET
H2 200 exp_components-theordinary.js Show response
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/ 10 KB
3 KB 20ms
20ms Script
application/javascript 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/exp_components-theordinary.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4ba2fba12feb37c18e6e88cffee2d9157108725c476e6b153fb4d4f5ad7692c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7890
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591558
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1346c4f18b7-FRA
x-dw-request-base-id: QHQTRDlrxWUBAAB_
expires: Sun, 10 Mar 2024 00:00:57 GMT

GET
H2 200 campaignBanner.js Show response
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/ 1 KB
787 B 19ms
19ms Script
application/javascript 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/js/campaignBanner.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 978dbd2b44c49004a0dc12b906ab394766cbf6eb2edeeee5763b710db3826819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:16:45 GMT
server: cloudflare
age: 7890
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591558
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1346c5018b7-FRA
x-dw-request-base-id: QHQQRDlrxWUBAAB_
expires: Sun, 10 Mar 2024 00:00:57 GMT

GET
H2 200 bootstrap.css
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/home/ 185 KB
25 KB 30ms
29ms Stylesheet
text/css 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/home/bootstrap.css
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27cf680ace881bcdbca064ab11ad951b69922451b4efd5a2168be5ae3298a87e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7890
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591559
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c1518b7-FRA
x-dw-request-base-id: hIUGOjlrxWUBAAB_
expires: Sun, 10 Mar 2024 00:00:57 GMT

GET
H2 200 icons-font.css
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/ 21 KB
11 KB 27ms
26ms Stylesheet
text/css 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/icons-font.css
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5b7d18292034245d199f395242c6f37f572087f2bfbe51fc1a81dd78879e2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7890
cf-polished: origSize=23029
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591576
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c1618b7-FRA
x-dw-request-base-id: QHSwRUprxWUBAAB_
expires: Sun, 10 Mar 2024 00:01:14 GMT

GET
H2 200 global.css
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/brands/theordinary/ 328 KB
49 KB 34ms
33ms Stylesheet
text/css 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/brands/theordinary/global.css
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6a244b8280559b1c1e0b8cf9166aa448cb57cb9fd5a35eae20aa35504423e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7890
cf-polished: origSize=336536
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591559
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c1718b7-FRA
x-dw-request-base-id: QHQZRDlrxWUBAAB_
expires: Sun, 10 Mar 2024 00:00:57 GMT

GET
H2 200 homePage_exp.css
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/brands/theordinary/ 16 KB
3 KB 29ms
28ms Stylesheet
text/css 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/brands/theordinary/homePage_exp.css
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8840219a50fb8cede51a7bc090d528f130dbd7e5761a62b7a189563b25a7deb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7890
cf-polished: origSize=15989
vary: accept-encoding
content-type: text/css
cache-control: public, max-age=2591581
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c1818b7-FRA
x-dw-request-base-id: QHRzRk9rxWUBAAB_
expires: Sun, 10 Mar 2024 00:01:19 GMT

GET
H2 200 campaignBanner.css
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/experience/components/commerceAssets/ 952 B
425 B 18ms
17ms Stylesheet
text/css 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/experience/components/commerceAssets/campaignBanner.css
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8abea80ff465a0f952c82a3d4b82027045a1a34c95b78227536275e194c4b4ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 18:16:45 GMT
server: cloudflare
age: 7890
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2591576
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c1b18b7-FRA
x-dw-request-base-id: hIUPO0prxWUBAAB_
expires: Sun, 10 Mar 2024 00:01:14 GMT

GET
H2 200 theordinary_black.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dwd35f7eca/images/brands-logo/ 2 KB
2 KB 30ms
30ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dwd35f7eca/images/brands-logo/theordinary_black.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b6ebfc54a99c0252d22b86fd5629011a0a84d5806c0676b031b6dcd87b2fd1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 718815
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=F5PhpuzZMAJKa8jgUb3Go3S3z4N5ZNYjLpmwk3xrDYk-1707445189-1-AahdxE54RnCkSPFCOhNC36IEHzNMpzw89JDuAotXXRKSV-uryycLUJVCma53bf8mtJpJxXD3g5n1fIuLUyzJHOYtaC4_7hMTlXVj07U7-Q-o0PJt8QEaff22rEsJIx5ymW2qWGed4uYKK4Tjk5BvINU; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=F5PhpuzZMAJKa8jgUb3Go3S3z4N5ZNYjLpmwk3xrDYk-1707445189-1-AahdxE54RnCkSPFCOhNC36IEHzNMpzw89JDuAotXXRKSV-uryycLUJVCma53bf8mtJpJxXD3g5n1fIuLUyzJHOYtaC4_7hMTlXVj07U7-Q-o0PJt8QEaff22rEsJIx5ymW2qWGed4uYKK4Tjk5BvINU"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=2591948
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c1c18b7-FRA
x-dw-request-base-id: hIXLNLKTumUBAAB_
expires: Fri, 01 Mar 2024 18:38:42 GMT

GET
H2 200 niod_grey.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw6cd96e95/images/brands-logo/ 572 B
488 B 28ms
27ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw6cd96e95/images/brands-logo/niod_grey.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01611bacab0bec0ff5d71c5f9bdbf7a29f5fa4537257528d09d8f869f28e7ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 718815
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591946
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1341c1d18b7-FRA
x-dw-request-base-id: QHQSQLCTumUBAAB_
expires: Fri, 01 Mar 2024 18:38:40 GMT

GET
H2 200 deciem_black.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw9ed03030/images/brands-logo/ 410 B
395 B 29ms
27ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw9ed03030/images/brands-logo/deciem_black.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f8c5c4243962dba74d36be7825b6e50f7730829bfe1278c981aeb4aa68aef61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:46 GMT
server: cloudflare
age: 718815
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591951
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1344c3418b7-FRA
x-dw-request-base-id: QHTSQLWTumUBAAB_
expires: Fri, 01 Mar 2024 18:38:45 GMT

GET
H2 200 theordinary.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw5cf38ed6/images/brands-logo/ 2 KB
1009 B 28ms
28ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw5cf38ed6/images/brands-logo/theordinary.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7cac07547c83a26354a466726c6659d7aab42772aa70b302afffd4d8282709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 582879
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2563430
cross-origin-resource-policy: cross-origin
cf-ray: 8528a1344c3618b7-FRA
x-dw-request-base-id: QHQ_40w3vGUBAAB_
expires: Sun, 03 Mar 2024 00:29:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 394 KB
116 KB 86ms
50ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f82552e9826700d3910287a32eea0ddef4aa0fc39d1d91a84f8b6538f9b845e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118562
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Raleway-Variable.ttf
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/fonts/ 257 KB
257 KB 19ms
19ms Font
application/x-font-ttf 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/fonts/Raleway-Variable.ttf
Requested by: Host: theordinary.com
URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/brands/theordinary/global.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3548e08b4ab3c9c1f4c896ae70f5707486deb31f9b6f9cc5cf6fd5d8dccb8676

Request headers

Referer: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/brands/theordinary/global.css
Origin: https://theordinary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7889
vary: Accept-Encoding
content-type: application/x-font-ttf
cache-control: public, max-age=2591559
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 8528a1346c5418b7-FRA
x-dw-request-base-id: QHQxRDprxWUBAAB_
content-length: 263104
expires: Sun, 10 Mar 2024 00:00:58 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87b2aa3db7807ba502b83ecf3f5bb314b28caa7c47d0751039a472948a8cc07f

Request headers

Referer
Origin: https://theordinary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 Geologica-Variable.ttf
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/fonts/ 335 KB
336 KB 26ms
26ms Font
application/x-font-ttf 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/fonts/Geologica-Variable.ttf
Requested by: Host: theordinary.com
URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/brands/theordinary/global.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39fa8d9c58db985ce8f03707c67970ca171321b7b112764057569c9aacde625b

Request headers

Referer: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/css/brands/theordinary/global.css
Origin: https://theordinary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 7889
vary: Accept-Encoding
content-type: application/x-font-ttf
cache-control: public, max-age=2591559
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 8528a1347c5518b7-FRA
x-dw-request-base-id: QHQwRDprxWUBAAB_
content-length: 343100
expires: Sun, 10 Mar 2024 00:00:58 GMT

GET
H2 200 theordinary_white.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw56c4de7d/images/brands-logo/ 2 KB
996 B 18ms
16ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw56c4de7d/images/brands-logo/theordinary_white.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758e7c49f56cb58d592ee0536aaff4e846a66b99b82c4080f50bbd398aac5934

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 718822
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591958
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134bc8e18b7-FRA
x-dw-request-base-id: QHS9QLWTumUBAAB_
expires: Fri, 01 Mar 2024 18:38:45 GMT

GET
H2 200 niod.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw947c9c0e/images/brands-logo/ 568 B
482 B 31ms
29ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw947c9c0e/images/brands-logo/niod.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05f0deddcdd56b05ca434e6ac2f8e602e4e62b161dc857075544e0876ad08d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:46 GMT
server: cloudflare
age: 718813
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591947
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134bc9018b7-FRA
x-dw-request-base-id: hIXdNLKTumUBAAB_
expires: Fri, 01 Mar 2024 18:38:42 GMT

GET
H2 200 niod_black.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dwdb2d6908/images/brands-logo/ 568 B
450 B 33ms
31ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dwdb2d6908/images/brands-logo/niod_black.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280812c22af4d153c169a7326891471ff0069e0c4520396214d7e4c115b9e068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:46 GMT
server: cloudflare
age: 718813
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591963
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134bc9518b7-FRA
x-dw-request-base-id: hIUbOMOTumUBAAB_
expires: Fri, 01 Mar 2024 18:38:59 GMT

GET
H2 200 niod_white.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw0b8f9352/images/brands-logo/ 564 B
501 B 33ms
31ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw0b8f9352/images/brands-logo/niod_white.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77c26258af8d7b8525ffe5be4b62cbcacb2bf9a2315c0617d9b3b31cc7991341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 718813
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591960
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134bc9718b7-FRA
x-dw-request-base-id: QHS2QsCTumUBAAB_
expires: Fri, 01 Mar 2024 18:38:56 GMT

GET
H2 200 deciem_full_black.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw213c4c28/images/brands-logo/ 2 KB
830 B 42ms
40ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw213c4c28/images/brands-logo/deciem_full_black.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ec300ca34c4fa1aed08e5a1fe88c8532298135c361b00933ea640b2fc860e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:46 GMT
server: cloudflare
age: 718821
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591968
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134bc9918b7-FRA
x-dw-request-base-id: hIVZN8CTumUBAAB_
expires: Fri, 01 Mar 2024 18:38:56 GMT

GET
H2 200 deciem_full_white.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dwf1744d8c/images/brands-logo/ 2 KB
789 B 20ms
18ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dwf1744d8c/images/brands-logo/deciem_full_white.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cecc2396c967d5b1267653339c86dbe9e9d851790c66a5a39d3b33ed6aa7bba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:46 GMT
server: cloudflare
age: 582878
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2563429
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134bc9b18b7-FRA
x-dw-request-base-id: QHRA40w3vGUBAAB_
expires: Sun, 03 Mar 2024 00:29:00 GMT

GET
H2 200 logo.svg
theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw4ee7d800/theordinary/ 36 KB
14 KB 34ms
32ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw4ee7d800/theordinary/logo.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5005a57736600dff609a04ba89a80eb076722e1f8a23d8b2ad5cfcb1231ae30e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Feb 2021 23:02:36 GMT
server: cloudflare
age: 940319
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2590649
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134bc9d18b7-FRA
x-dw-request-base-id: qGVmlAOeQGUBAAB_
expires: Tue, 27 Feb 2024 21:13:08 GMT

GET
H2 200 D31669-ORD-Homepage-February2024-Web-Desktop-Slot-A.jpg
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw64e1d72e/theordinary/homepage/slotA/ 128 KB
128 KB 36ms
35ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw64e1d72e/theordinary/homepage/slotA/D31669-ORD-Homepage-February2024-Web-Desktop-Slot-A.jpg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f8e47df1b26e4c9275d56c82ee82c9bfe7479b1231ffd582d55ccae8003bc3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
via: 1.1 333b3e221519b38df662208d5f1fc7d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 22891
x-amz-cf-pop: LHR5-P7
cf-polished: qual=85, origFmt=jpeg, origSize=275885
x-amz-meta-cleanquerystring
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="D31669-ORD-Homepage-February2024-Web-Desktop-Slot-A.webp"
content-length: 130810
x-amz-expiration: expiry-date="Mon, 03 Mar 2025 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Thu, 01 Feb 2024 05:00:39 GMT
server: cloudflare
etag: "9369732c70ffda681d833cae28df96e5"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a134bc9e18b7-FRA
x-amz-cf-id: ksOex8tNe5Qq3BWilvCRl0IQN-1Oz9Q7MkEntRpRaOMoJw3agIAA1A==

GET
DATA 200
OK truncated
/ 116 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aafe4c70c93efa67b43e3e1f50fa48f9cad9dcd369722eb79e39b9f17791b4e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2023-12-14-ORD-Web-Jan-DTC-Moment-2023-Homepage-Slots-C-02.jpg
theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw3067b160/theordinary/homepage/slotC/ 26 KB
26 KB 30ms
29ms Image
image/jpeg 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw3067b160/theordinary/homepage/slotC/2023-12-14-ORD-Web-Jan-DTC-Moment-2023-Homepage-Slots-C-02.jpg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cee0f7c3fc5985ee29d396c528d093e2840d95b53b358d0a8030f3aef39fc39f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
age: 930259
cf-polished: degrade=85, origSize=273495, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 26512
cf-bgj: imgq:85,h2pri
last-modified: Wed, 10 Jan 2024 14:58:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2591795
accept-ranges: bytes
cf-ray: 8528a134bc9f18b7-FRA
x-dw-request-base-id: QHTzAyVZt2UBAAB_
expires: Wed, 28 Feb 2024 07:52:05 GMT

GET
H2 200 2023-12-14-ORD-Web-Jan-DTC-Moment-2023-Homepage-Slots-D-02.jpg
theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw13d00130/theordinary/homepage/slotD/ 75 KB
76 KB 21ms
20ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw13d00130/theordinary/homepage/slotD/2023-12-14-ORD-Web-Jan-DTC-Moment-2023-Homepage-Slots-D-02.jpg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798e56973f3dd6b3cf503ad57d7a9643073cdf574a6aa81e2a2515b7bd9343f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
age: 930259
cf-polished: qual=85, origFmt=jpeg, origSize=729635
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="2023-12-14-ORD-Web-Jan-DTC-Moment-2023-Homepage-Slots-D-02.webp"
content-length: 77098
cf-bgj: imgq:85,h2pri
last-modified: Wed, 10 Jan 2024 14:58:48 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=2581478
accept-ranges: bytes
cf-ray: 8528a134bca018b7-FRA
x-dw-request-base-id: hIU1itcwt2UBAAB_
expires: Wed, 28 Feb 2024 05:00:07 GMT

GET
H2 200 D31669-ORD-Homepage-February2024-Web-Desktop-Slot-E-Ingredients.jpg
theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw186ab479/theordinary/homepage/slotE/ 92 KB
92 KB 34ms
33ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw186ab479/theordinary/homepage/slotE/D31669-ORD-Homepage-February2024-Web-Desktop-Slot-E-Ingredients.jpg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7990b42444f5019a6fe4d828c931248444f943097a1bff4c3b577881ce6680be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
age: 580252
cf-polished: qual=85, origFmt=jpeg, origSize=1423214
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="D31669-ORD-Homepage-February2024-Web-Desktop-Slot-E-Ingredients.webp"
content-length: 94212
cf-bgj: imgq:85,h2pri
last-modified: Tue, 30 Jan 2024 19:45:55 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=2569906
accept-ranges: bytes
cf-ray: 8528a134bca118b7-FRA
x-dw-request-base-id: QHRnRNpavGUBAAB_
expires: Sun, 03 Mar 2024 03:00:42 GMT

GET
H2 200 D30638-ORD-Slowvember-Web-Essentials-Blog-SLOT-F.jpg
theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw815b86c4/theordinary/homepage/ 12 KB
13 KB 33ms
32ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw815b86c4/theordinary/homepage/D30638-ORD-Slowvember-Web-Essentials-Blog-SLOT-F.jpg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7e538ff5ac49c340b99abcdf2d07cd5e7bffe03579a9510b06dc3096dadf85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
age: 30531
cf-polished: qual=85, origFmt=jpeg, origSize=65107
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=i4U49Nd_GivU_Vbo5XtfFJJ3qQMQLhlLtDeMRxh0lwE-1707445189-1-AZY8VjFifgI2GNpA_7VGJC0rD90ort0gtvtwSqwUfgeaZSt4LRHc7Qf1vieX7vnwMHewvUjr0tbSHq04cA4s68hJRuR-8p8h7SPfOgSahAKNTpDbg3xTIT9Qe4XFzE9pfCRw8mHoIa_A3qXnJO6Uz_U; report-to cf-csp-endpoint
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="D30638-ORD-Slowvember-Web-Essentials-Blog-SLOT-F.webp"
content-length: 12002
cf-bgj: imgq:85,h2pri
last-modified: Wed, 25 Oct 2023 20:59:19 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=i4U49Nd_GivU_Vbo5XtfFJJ3qQMQLhlLtDeMRxh0lwE-1707445189-1-AZY8VjFifgI2GNpA_7VGJC0rD90ort0gtvtwSqwUfgeaZSt4LRHc7Qf1vieX7vnwMHewvUjr0tbSHq04cA4s68hJRuR-8p8h7SPfOgSahAKNTpDbg3xTIT9Qe4XFzE9pfCRw8mHoIa_A3qXnJO6Uz_U"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: public, max-age=2555667
accept-ranges: bytes
cf-ray: 8528a134bca218b7-FRA
x-dw-request-base-id: hIWYG5SGxGUBAAB_
expires: Sat, 09 Mar 2024 07:45:24 GMT

GET
H2 200 cphfw-slotG.jpg
theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw0a787b37/theordinary/homepage/slotFGH/ 34 KB
35 KB 40ms
39ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw0a787b37/theordinary/homepage/slotFGH/cphfw-slotG.jpg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f75d85a2a371d1d194fb4668ff64d814ae1e882804388580b1b6810323090c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
age: 1744933
cf-polished: qual=85, origFmt=jpeg, origSize=44800
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="cphfw-slotG.webp"
content-length: 35256
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Dec 2023 16:35:56 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=2566346
accept-ranges: bytes
cf-ray: 8528a134bca318b7-FRA
x-dw-request-base-id: hIXHDmmHqmUBAAB_
expires: Sun, 18 Feb 2024 14:30:02 GMT

GET
H2 200 glycolid-slot-f.jpg
theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw0bc11410/theordinary/homepage/ 9 KB
9 KB 30ms
29ms Image
image/jpeg 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/-/Library-Sites-DeciemSharedLibrary/default/dw0bc11410/theordinary/homepage/glycolid-slot-f.jpg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be766333fba21f1cc1bc6aaa1e2090736ae8762650af97d2b01982089ef0a3fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
age: 270742
cf-polished: status=format_not_supported
cross-origin-resource-policy: cross-origin
content-length: 9214
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Apr 2023 15:23:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2586217
accept-ranges: bytes
cf-ray: 8528a134bca418b7-FRA
x-dw-request-base-id: qGWn_DbKSmUBAAB_
expires: Wed, 06 Mar 2024 23:07:27 GMT

GET
H2 200 slowvember-ord-teaser-poster.jpg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw37ad1f6d/images/poster/ 2 KB
2 KB 20ms
19ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dw37ad1f6d/images/poster/slowvember-ord-teaser-poster.jpg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e4d53f0d4ee67a20f0038c9cfaba9b595ceec36b35096793c6d028965614ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
cf-cache-status: HIT
age: 718519
cf-polished: qual=85, origFmt=jpeg, origSize=3692
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="slowvember-ord-teaser-poster.webp"
content-length: 2170
cf-bgj: imgq:85,h2pri
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=2591674
accept-ranges: bytes
cf-ray: 8528a134bca518b7-FRA
x-dw-request-base-id: QHQqRMeTumUBAAB_
expires: Fri, 01 Mar 2024 18:39:03 GMT

GET
H2 200 short-arrow-rounded.svg
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dwb06d0c81/images/icons/svg/ 525 B
442 B 40ms
40ms Image
image/svg+xml 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/default/dwb06d0c81/images/icons/svg/short-arrow-rounded.svg
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8440273b6470e7d97333add30f1d86d04be0d781cdd988a51d66b0029edbf0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 18:15:47 GMT
server: cloudflare
age: 718510
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2591764
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134bca618b7-FRA
x-dw-request-base-id: QHSeWCuUumUBAAB_
expires: Fri, 01 Mar 2024 18:40:43 GMT

GET
H/1.1 200
OK slowvember-ord-teaser.mp4
publicfiles10em.blob.core.windows.net/cdn/Videos/DeciemCorp/ 368 KB
368 KB 410ms
109ms Media
video/mp4 52.239.221.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://publicfiles10em.blob.core.windows.net/cdn/Videos/DeciemCorp/slowvember-ord-teaser.mp4
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.221.36 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6dc0c894d32caefabb595efb5ddc0c91bef062a271667b056be21f1f5113f8f8

Request headers

Referer: https://theordinary.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Range: bytes=0-

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 09 Feb 2024 02:19:49 GMT
Last-Modified: Mon, 16 Oct 2023 19:04:32 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9OSxPMSpzJi8pfJgAYoXgA==
ETag: 0x8DBCE7ABB63B88F
Content-Type: video/mp4
x-ms-request-id: e2a84b29-e01e-00b6-30fe-5a6cc0000000
x-ms-version: 2009-09-19
Content-Length: 376624

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 50ms
17ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=onRecaptchaLoad

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a18c7d97100ebfda148b980d3edb247332788b8b023aca91b28c7edc7308cd2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 09 Feb 2024 02:19:49 GMT

GET
H2 200 29849.js Show response
www.dwin1.com/ 46 KB
14 KB 57ms
9ms Script
application/javascript 2600:9000:214f:5a00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/29849.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5a00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bae38610dc93749bdb7f6255d16d61dec5637abd6598f38e72144efa9dd3dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 61_uE5b0WSeKf44ZbzMdIjpwSTu9VpTz
content-encoding: gzip
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
date: Fri, 09 Feb 2024 02:16:13 GMT
x-amz-cf-pop: FRA53-C1
age: 577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Feb 2024 15:14:54 GMT
server: AmazonS3
etag: W/"950d2df84fef932bf7c5ccf822084e6f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: bST4NCVXmtuAoatOhKB0SAl45R7kZXFLE5-aWPMY8XhieefdqZ6Qww==

GET
H2 200 sms_aff_clicktrack-deciem.js Show response
static.myshlf.us/Affiliates/ 2 KB
1 KB 56ms
7ms Script
application/javascript 18.245.60.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myshlf.us/Affiliates/sms_aff_clicktrack-deciem.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-77.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6903d61b1cc414c444950c4aab5ceb178c35269902df7acf00057c3317098083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
date: Thu, 08 Feb 2024 10:08:25 GMT
last-modified: Tue, 13 Dec 2022 13:22:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 58782
x-amz-server-side-encryption: AES256
etag: W/"d989db17a826565d651b1ae968c945ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: M9Mui00hUDezMR71tKa04sskUsRMHeOrMQQTR87DdVqpL-WBQA3Bjw==

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 100ms
16ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 15:20:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 04 Jul 2023 00:26:54 GMT
Content-Encoding: gzip
Age: 39579
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8455
X-XSS-Protection: 1; mode=block
Expires: Fri, 09 Feb 2024 15:20:10 GMT

GET
H2 200 dwanalytics-22.2.js Show response
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/internal/jscript/ 6 KB
3 KB 37ms
37ms Script
application/javascript 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/internal/jscript/dwanalytics-22.2.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97223d2d4bf5dc81d4dab5b8cfcd1030bcb2f283e571a88e7dd84d938cff7520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 00:00:57 GMT
server: cloudflare
age: 7890
cf-polished: origSize=6582
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591558
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134ccab18b7-FRA
x-dw-request-base-id: QHQcRDlrxWUBAAB_
expires: Sun, 10 Mar 2024 00:00:57 GMT

GET
H2 200 dwac-21.7.js Show response
theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/internal/jscript/ 5 KB
2 KB 38ms
38ms Script
application/javascript 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.static/Sites-deciem-global-Site/-/en_DE/v1707436838019/internal/jscript/dwac-21.7.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab4c6c213dea5bbfb5d836bfa5e19fd035ca43c9f74550a91b35eaf07b330381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 00:00:57 GMT
server: cloudflare
age: 7890
cf-polished: origSize=5007
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=2591558
cross-origin-resource-policy: cross-origin
cf-ray: 8528a134ccad18b7-FRA
x-dw-request-base-id: QHQbRDlrxWUBAAB_
expires: Sun, 10 Mar 2024 00:00:57 GMT

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 65 KB
19 KB 59ms
10ms Script
application/javascript 13.32.29.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-156.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a713761be2c3c12881a59ac5da8f6cc0e34a5e9a57137cd16ce61cc98d87fabf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:23:26 GMT
content-encoding: gzip
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
last-modified: Thu, 30 Mar 2023 18:43:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 3384
x-amz-server-side-encryption: AES256
etag: W/"137b36a7e6287aefaac847ae7c5b71ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 9v-4UeOeEQNb9P9bi2G4PKa87UxKs4OY8EpFI0AjaEfZuD7iPB2l_w==

GET
H2 200 script.js Show response
aa873949f74d.cdn4.forter.com/sn/aa873949f74d/ 371 KB
172 KB 46ms
9ms Script
application/javascript 18.245.60.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aa873949f74d.cdn4.forter.com/sn/aa873949f74d/script.js

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-103.fra60.r.cloudfront.net

Software

Resource Hash

776bdffbfa8463da673a3edb26ac95e2dba8f9ea09967685e4e6c2c59b73ff85

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:49 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 27 Jan 2024 14:19:08 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/aa873949f74d/19069792078
etag: W/"dc1bef39c74908286e66e26bde8a495b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: lsYrbvVdMjGLa2DX47gZPwJaeNKz8BwymSBnoPil8rS1Ztk7cWzPXw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 493 KB
197 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onRecaptchaLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theordinary.com/
Origin: https://theordinary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 10:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 10:26:21 GMT

GET
H2 403 detector-dom.min.js
cdn2.gbqofs.com/deciem/p/ 0
0 187ms
155ms Script
application/xml 2606:4700::6812:190d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.gbqofs.com/deciem/p/detector-dom.min.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K1WHNF7H93&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1d1e8a14364e07860871b9a85268df856270fea92d85af309e0c44d86880a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Feb 2024 02:19:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Feb 2024 01:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1901
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 09 Feb 2024 03:48:09 GMT

GET
H2 200 hotjar-1434794.js Show response
static.hotjar.com/c/ 9 KB
4 KB 44ms
21ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1434794.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

3d7676fb1a857205651c1ad44a869193886877a7ada6cb1ada2d20a72b40f104

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/3d515d1ceb8dd4dee6203d6df56fae3b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: tOwMkzfI19t3cWEMCnrDQf5B8MOJ1gSyiQmg4x9utE2IB1wH2bzskg==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 89ms
10ms Script
application/javascript 2a02:26f0:480:592::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:592::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f541b09d3f169b333fecf7d94459e7ad60a4fe96e4d57dc794d26bc4d1087d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "41d4f22af522e8bb22aadeabf6fa09ea"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1861

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 89ms
10ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 16 Feb 2024 02:19:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 91ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 09 Feb 2024 02:19:49 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4667407FB43B45029A160D411E7B6C14 Ref B: FRA31EDGE0105 Ref C: 2024-02-09T02:19:50Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 51ms
17ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: d0721ac91b973b019d6f365bafb54fe794c973f88277924c036e25a077f5feaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 08 Feb 2024 20:24:57 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "0ca83ac178b16bd69bff070b635cd7fa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8698

GET
H2

200

activityi;dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=s... Show response
11373437.fls.doubleclick.net/ Frame C524
Redirect Chain

https://11373437.fls.doubleclick.net/activityi;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cp...
https://11373437.fls.doubleclick.net/activityi;dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v83...

522 B
621 B

26ms
26ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11373437.fls.doubleclick.net/activityi;dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

0d209f47cf87a5f4e3aba738e77c973b5d3e44a835563e56ceabaced5d6429a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theordinary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 02:19:50 GMT
expires: Fri, 09 Feb 2024 02:19:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 02:19:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11373437.fls.doubleclick.net/activityi;dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He... Show response
13759042.fls.doubleclick.net/ Frame 6560
Redirect Chain

https://13759042.fls.doubleclick.net/activityi;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=4...
https://13759042.fls.doubleclick.net/activityi;dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordi...

566 B
615 B

24ms
23ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13759042.fls.doubleclick.net/activityi;dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

14a5db39ccfbf8006165d86c3ac66b1569ca7284d0bbda30077be3935bcf4afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theordinary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 311
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 02:19:50 GMT
expires: Fri, 09 Feb 2024 02:19:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 02:19:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13759042.fls.doubleclick.net/activityi;dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 37ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Feb 2024 02:19:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: SM3MM8+8vC0UfJ8NR5n256e8KGUnzeqcexI6mLOUvz+v4xN40VLCnlVyMI+C21aPlEGvwABcDNUyxJhi3ONFhw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect.js Show response
110006539.collect.igodigital.com/ 8 KB
2 KB 341ms
98ms Script
application/javascript 54.145.98.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://110006539.collect.igodigital.com/collect.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.98.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-98-26.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 21:52:24 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 63ms
30ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8f1c242f8ab56e926271c58a17f0bcc42afb5496960cac798b66c551ea3fa150

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 18049
x-amz-cf-id: g6_9DSnHtMC4eygQqAGJzVbRA7DrfWmL6Cfwj0XUlCWWgjPsKI-j5g==

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 138ms
102ms Script
text/javascript 35.157.194.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.194.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44d42c1263c3ea673d2af85a9ba042da865f4772d658324b1561c7383319f51b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Feb 2024 02:19:50 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 278ms
148ms Script
application/javascript 2.19.96.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBCND2RC77U9C04LJUV0&lib=ttq
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.162 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 16cdbae19eafd4314fa19996b2eeaef5c6660fc43269d7d538854e81e213d95a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id: 22463d80.272d03ea
date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24020902195014C014515C058AF17691-3D1F9B3D15A913C8-00
x-cache: TCP_MISS from a2-19-96-158.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 134,2.19.96.158
server-timing: cdn-cache; desc=MISS, edge; dur=121, origin; dur=13, inner; dur=2
content-length: 1370
pragma: no-cache
server: nginx
x-tt-logid: 2024020902195014C014515C058AF17691
x-cache-remote: TCP_MISS from a23-48-100-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1.1-53905974) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.48.100.209
x-tt-trace-host: 011d68ed99a1da9e98595cfdaa70b1c210169999ce770c8be2410d7781283bbe20ff3308bab2f418934c59c7d8ec886caea902ac96c9d4c8f648258bc16b3eaf221e4c5a4c49443254589b2ccaf0a8578efb4d2b694d58ded52257ee29cf4999acf956173d3907793e73623c9be2f598e3
expires: Fri, 09 Feb 2024 02:19:50 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/25633;130017;14288;iframe/ Frame 61F0 2 KB
1 KB 54ms
15ms Document
text/html 23.215.22.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/container/25633;130017;14288;iframe/?ftXRef=undefined&ftXValue=undefined&ftXType=Page_View&ftXName=undefined&ftXNumItems=1&ftXCurrency=undefined&U1=undefined&ft_referrer=https%3A%2F%2Ftheordinary.com%2Fen-de&ns=&cb=361204733

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSNCTZT&gtm_auth=at3rkKALywQckzT0tnSSvQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.22.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-22-232.deploy.static.akamaitechnologies.com

Software

prod-xre-app11.frk11 /

Resource Hash

7a839a8b106f495a63d8e4ead1bf648b90f3c97150c7a97adfa094fb8f6d0740

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://theordinary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 953
Content-Type: text/html
Date: Fri, 09 Feb 2024 02:19:50 GMT
Expires: Fri, 09 Feb 2024 02:19:50 GMT
Pragma: no-cache
Server: prod-xre-app11.frk11
Strict-Transport-Security: max-age=86400
Vary: Accept-Encoding

GET
BLOB 200
OK 489dea59-b1d6-44b0-b4fc-49c40197e13a
https://theordinary.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theordinary.com/489dea59-b1d6-44b0-b4fc-49c40197e13a
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3813fc413958e1b37026ee2e691a2ae6d834084c7df33be4f435cf97180591ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 5318
Content-Type: application/javascript

GET
H2

200

liveAgentSetupFlow Show response
deciem.my.salesforce-sites.com/ Frame 3134
Redirect Chain

https://deciemchatbuild.secure.force.com/liveAgentSetupFlow
https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

27 KB
6 KB

397ms
162ms

Document
text/html

52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

7b238c5b1d4721202df086cef4e95c6186800649afc6e49707d0f3c3e97ad961

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theordinary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public,max-age=600
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Fri, 09 Feb 2024 02:19:50 GMT
expires: Fri, 09 Feb 2024 02:29:50 GMT
last-modified: Fri, 09 Feb 2024 02:19:50 GMT
p3p: CP="CUR OTR STA"
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache,must-revalidate,max-age=0,no-store,private
content-length: 0
content-security-policy: upgrade-insecure-requests
date: Fri, 09 Feb 2024 02:19:50 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 products-in-all-categories Show response
e.cquotient.com/recs/bfkj-deciem-global/ 18 KB
3 KB 135ms
49ms Script
text/javascript 79.125.24.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e.cquotient.com/recs/bfkj-deciem-global/products-in-all-categories?callback=CQuotient._callback0&_=1707445190034&_device=windows&userId=&cookieId=bcaNkr2WvEZDs3VZm7njTYxxPT&emailId=&anchors=id%3A%3A%7C%7Csku%3A%3A%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A&slotId=search-drawer-recommendations&slotConfigId=New%20Slot%20Configuration%20-%202023-01-04%2015%3A46%3A24&slotConfigTemplate=slots%2Frecommendation%2FsearchDrawerRecommendations.isml&ccver=1.03&realm=BFKJ&siteId=deciem-global&instanceType=prd&v=v3.1.0&json=%7B%22userId%22%3A%22%22%2C%22cookieId%22%3A%22bcaNkr2WvEZDs3VZm7njTYxxPT%22%2C%22emailId%22%3A%22%22%2C%22anchors%22%3A%5B%7B%22id%22%3A%22%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%5D%2C%22slotId%22%3A%22search-drawer-recommendations%22%2C%22slotConfigId%22%3A%22New%20Slot%20Configuration%20-%202023-01-04%2015%3A46%3A24%22%2C%22slotConfigTemplate%22%3A%22slots%2Frecommendation%2FsearchDrawerRecommendations.isml%22%2C%22ccver%22%3A%221.03%22%2C%22realm%22%3A%22BFKJ%22%2C%22siteId%22%3A%22deciem-global%22%2C%22instanceType%22%3A%22prd%22%2C%22v%22%3A%22v3.1.0%22%7D

Requested by

Host: cdn.cquotient.com
URL: https://cdn.cquotient.com/js/v2/gretel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.125.24.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-79-125-24-105.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

2dc42a20cd2e7a09b72cb3f7f0e9871dbeece524e96bc66a25a3cd8d1c25f07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
etag: W/"482f-YTGjuDxTYUGtnvKwqcAbHqYlxUs"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store
x-envoy-upstream-service-time: 16

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 39ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K1WHNF7H93&gtm=45je4270v880502387z8833212135za200&_p=1707445189816&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1347880378.1707445190&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707445190&sct=1&seg=0&dl=https%3A%2F%2Ftheordinary.com%2Fen-de&dt=Welcome%20to%20The%20Ordinary%3A%20Effective%20Clinical%20Skincare&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_region=en-de&ep.gtm_container_version=GTM-PSNCTZT%3A88&tfd=1931
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1WHNF7H93&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theordinary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 65ms
18ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K1WHNF7H93&cid=1347880378.1707445190&gtm=45je4270v880502387z8833212135za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1WHNF7H93&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theordinary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 44ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K1WHNF7H93&cid=1347880378.1707445190&gtm=45je4270v880502387z8833212135za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=2015343370

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.fd7a1c20a85f7a95e5ff.js Show response
script.hotjar.com/ 218 KB
55 KB 48ms
10ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fd7a1c20a85f7a95e5ff.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1434794.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

135cc2fb726f9d5ba840faf6e0ff280e2bd7b6b28a2736bd6092c807cfbea88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 569024
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55316
last-modified: Fri, 02 Feb 2024 12:16:01 GMT
etag: "253d3ab37754a78a185ec9d668fb77c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 9kAKlBjYfTgUPqGJNSCVxnERWuMGPJesljwdLK1qk8BCHKjuHgvwqg==

GET
H2 200 t2_53muszig_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 32ms
9ms XHR
application/json 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_53muszig_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 67ms
16ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1707445190128&id=t2_53muszig&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=5db51ceb-cec9-4fdb-bf5e-4fe040111828&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_5ad1a28b&dpm=&dpcc=&dprc=
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 16ms
16ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=687705736&t=pageview&_s=1&dl=https%3A%2F%2Ftheordinary.com%2Fen-de&ul=en-us&de=UTF-8&dt=Welcome%20to%20The%20Ordinary%3A%20Effective%20Clinical%20Skincare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1644813261&gjid=2118627944&cid=1347880378.1707445190&tid=UA-143004606-3&_gid=757110138.1707445190&_r=1&_slc=1&gtm=45He4270n81PSNCTZTv833212135za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=118590554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theordinary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theordinary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame 61F0 42 B
514 B 10ms
10ms Image
image/gif 23.215.22.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=14288&d=theordinary.com&r=en-de

Requested by

Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/25633;130017;14288;iframe/?ftXRef=undefined&ftXValue=undefined&ftXType=Page_View&ftXName=undefined&ftXNumItems=1&ftXCurrency=undefined&U1=undefined&ft_referrer=https%3A%2F%2Ftheordinary.com%2Fen-de&ns=&cb=361204733

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.22.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-22-232.deploy.static.akamaitechnologies.com

Software

prod-xre-app5.frk11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/container/25633;130017;14288;iframe/?ftXRef=undefined&ftXValue=undefined&ftXType=Page_View&ftXName=undefined&ftXNumItems=1&ftXCurrency=undefined&U1=undefined&ft_referrer=https%3A%2F%2Ftheordinary.com%2Fen-de&ns=&cb=361204733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 02:19:50 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app5.frk11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Fri, 09 Feb 2024 02:19:50 GMT

GET
H2 200 rdn-natural-moisturizing-factors-phytoceramides-100ml.png
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw91e29ba9/Images/products/The%20Ordinary/ 21 KB
22 KB 22ms
22ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw91e29ba9/Images/products/The%20Ordinary/rdn-natural-moisturizing-factors-phytoceramides-100ml.png?sw=320&sh=320&sm=fit
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd60963b341f05865b760547bfe8c19e89d4759a80132f81d4f1670a40db4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 67ffdd2ec6e280830e7ef1d09212a7dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 17703
x-amz-cf-pop: CDG52-P5
cf-polished: origFmt=png, origSize=41236
x-amz-meta-cleanquerystring: sw=320&sh=320&sm=fit
x-cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="rdn-natural-moisturizing-factors-phytoceramides-100ml.webp"
content-length: 21924
x-amz-expiration: expiry-date="Sun, 26 May 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Apr 2023 14:01:53 GMT
server: cloudflare
etag: "95888391126bb422491205860a69656d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a1366db418b7-FRA
x-amz-cf-id: c2xZl45Vc05oHb7w6d8ysv5i-AHyUH71zsd6Lbig-j9d9SaZieRgTg==

GET
H2 200 rdn-natural-moisturizing-factors-ha-30ml.png
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw44a812cf/Images/products/The%20Ordinary/ 20 KB
21 KB 19ms
19ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw44a812cf/Images/products/The%20Ordinary/rdn-natural-moisturizing-factors-ha-30ml.png?sw=320&sh=320&sm=fit
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4cae9ab01592b26949eb3cbcb0d15b89c51568942c87d9abfc45ca01424b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 e544866f1454c4458d3a6644b47d065e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 32212
x-amz-cf-pop: VIE50-C2
cf-polished: origFmt=png, origSize=37901
x-amz-meta-cleanquerystring: sw=320&sh=320&sm=fit
x-cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="rdn-natural-moisturizing-factors-ha-30ml.webp"
content-length: 20714
x-amz-expiration: expiry-date="Sun, 26 May 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Apr 2023 14:01:51 GMT
server: cloudflare
etag: "2a412bfe2cab3402c269db253228d5fb"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a1366db518b7-FRA
x-amz-cf-id: 8IbxTF5DQzR2k8BG5UJsz3_DUKiBMI_BhV6BKu-ZLzpdvCSAke5EVg==

GET
H2 200 rdn-natural-moisturizing-factors-beta-glucan-100ml.png
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dwccf3e3f2/Images/products/The%20Ordinary/ 21 KB
21 KB 18ms
18ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dwccf3e3f2/Images/products/The%20Ordinary/rdn-natural-moisturizing-factors-beta-glucan-100ml.png?sw=320&sh=320&sm=fit
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3901cf4a72592458111bf765cc7a0fddd45fc18d0e85d5b3a52ce078d9f9c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 580252
x-amz-cf-pop: FRA56-P5
cf-polished: origFmt=png, origSize=40467
x-amz-meta-cleanquerystring: sw=320&sh=320&sm=fit
x-cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="rdn-natural-moisturizing-factors-beta-glucan-100ml.webp"
content-length: 21456
x-amz-expiration: expiry-date="Sun, 09 Jun 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 10 May 2023 13:02:55 GMT
server: cloudflare
etag: "65818d1d79f2373b57657bbac4c698a6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a1366db618b7-FRA
x-amz-cf-id: e8oP39-B1qyxEW5RYxxAjwNlzLWbTSdfSDSqR6_WRlOC9qP_L5251w==

GET
H2 200 main.deb3b3f8.js Show response
s.pinimg.com/ct/lib/ 64 KB
18 KB 12ms
12ms Script
application/javascript 2a02:26f0:480:592::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:592::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b306b09654fe82ddf9f380fb188d3b957efcc472f0d44142e440c3fd6689e67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "b7048c83fa3e7c5a8e48bb07d8c7e849"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18527

GET
H2 200 rules-p-vrgqp8HkEUxPG.js Show response
rules.quantcount.com/ 160 B
639 B 46ms
20ms Script
application/javascript 2600:9000:223c:d400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-vrgqp8HkEUxPG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: faabf9ec248142e093f8ed4a4e823cbc42c09968ea89363118f9f73219348f9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:43:52 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:50:29 GMT
server: AmazonS3
etag: "ee29c7f1551e96e93f23af500c3f0e69"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: FhPqxNrPsfTziFD_Hs0BaltAy26o7d1PHbvOonKor3sC9qAiAtraLw==

GET
H2 200 918069964921567 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 123ms
120ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/918069964921567?v=2.9.145&r=stable&domain=theordinary.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2eaf21223b517884e61dce4306eb0214a2c5bf9c14321356e9c6ceb0760985c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Feb 2024 02:19:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: s9fn8xWwj2o93UUDFDZe54pUL/gd4AZkpnx+BCOxd9swWpGvSMVgyW5Etbk2RTF4KHUyFDvYBqGb4AzCV2XArA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=*;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3...
adservice.google.com/ddm/fls/z/ Frame 6560 42 B
107 B 85ms
50ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=*;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de

Requested by

Host: 13759042.fls.doubleclick.net
URL: https://13759042.fls.doubleclick.net/activityi;dc_pre=CPrdnoCZnYQDFZQhBgAdmEoGrw;src=13759042;type=website;cat=allpages;ord=4773724751376;npa=0;auiddc=1515123092.1707445190;u1=https%3A%2F%2Ftheordinary.com%2Fen-de;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13759042.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-143004606-3&cid=1347880378.1707445190&jid=1644813261&gjid=2118627944&_gid=757110138.1707445190&_u=YCDACEAABAAAACAAI~&z=936077143

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theordinary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Feb 2024 02:19:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theordinary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25065556.js Show response
bat.bing.com/p/action/ 0
118 B 83ms
83ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25065556.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 09 Feb 2024 02:19:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C61C43F25014570A8FD995A74E07876 Ref B: FRA31EDGE0105 Ref C: 2024-02-09T02:19:50Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25065556&tm=gtm002&Ver=2&mid=d3287ffb-b719-4620-bfeb-8278e6ea235f&sid=b3df4510c6f111ee83b5931fdad6bf00&vid=b3df4bd0c6f111ee8957d396e29517dd&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Welcome%20to%20The%20Ordinary%3A%20Effective%20Clinical%20Skincare&kw=DECIEM&p=https%3A%2F%2Ftheordinary.com%2Fen-de&r=&lt=1864&evt=pageLoad&sv=1&rn=245570

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 02:19:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46230A55CDAF44159941D23F64CCD494 Ref B: FRA31EDGE0105 Ref C: 2024-02-09T02:19:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=*;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;u...
adservice.google.com/ddm/fls/z/ Frame C524 42 B
401 B 43ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=*;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de

Requested by

Host: 11373437.fls.doubleclick.net
URL: https://11373437.fls.doubleclick.net/activityi;dc_pre=CJ_5noCZnYQDFfojBgAdrDoD-Q;src=11373437;type=pagev0;cat=decie0;ord=3604755333882;npa=0;auiddc=1515123092.1707445190;pscdl=noapi;gtm=45He4270v833212135za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftheordinary.com%2Fen-de?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11373437.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

7cbf5c923c187d736c23b01c18fb53b9f9e1cd0f2a8c1034e9e6685ebac2c41cac7f4ace641353e2d8f949d6a076 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/7cbf5c923c187d736c23b01c18fb53b9f9e1cd0f2a8c1034e9e6685ebac2c41cac7f4ace641353e2d8f949d6a076

0
323 B

106ms
106ms

XHR
text/plain

143.204.98.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/7cbf5c923c187d736c23b01c18fb53b9f9e1cd0f2a8c1034e9e6685ebac2c41cac7f4ace641353e2d8f949d6a076

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Server

143.204.98.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-64.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: fj14e5segdwJ0yyduYTrDjmfZWgTWnJ-G_I_BhvKii0Ec9X56vyuCw==

Redirect headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/7cbf5c923c187d736c23b01c18fb53b9f9e1cd0f2a8c1034e9e6685ebac2c41cac7f4ace641353e2d8f949d6a076
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: 9ACZSQZzD3QC07gNiUx6lCVdPBAplzSyFuRalg3PCyITlYfXm21T_g==

GET
BLOB 200
OK 11c61d49-7d9d-4d88-ade0-508184c22a01
https://theordinary.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theordinary.com/11c61d49-7d9d-4d88-ade0-508184c22a01
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f96852d0b4e46507d54289bfe34041eddf3e546e154e26eea3045aa958d28403

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 17544
Content-Type: application/javascript

GET
H2 200 cee3acf4-f810-4ae6-ae30-04952a3dd849.js Show response
tr.snapchat.com/config/com/ 186 B
455 B 156ms
111ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/cee3acf4-f810-4ae6-ae30-04952a3dd849.js?v=3.9.2-2402090050

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

608fa20f5c636ea35a8d7f4939f4aa1101d531df29f858af3839b849dd62747d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://theordinary.com/
Origin: https://theordinary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://theordinary.com
x-envoy-upstream-service-time: 91
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame E7BC 0
201 B 60ms
17ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cee3acf4-f810-4ae6-ae30-04952a3dd849&u_scsid=5c07a58e-01de-4ebb-b7af-10b7d6abfdea&u_sclid=64b758c9-9efb-470b-b61c-d7b443b01644

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://theordinary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 09 Feb 2024 02:19:50 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK prop.json
20690ba8a7264ee69bc444faa0915668-aa873949f74d.cdn.forter.com/ 2 B
623 B 301ms
91ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://20690ba8a7264ee69bc444faa0915668-aa873949f74d.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://theordinary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Feb 2024 02:19:50 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Tue, 06 Feb 2024 11:07:27 GMT
Server: Apache
ETag: "2-610b4956c1a14"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://theordinary.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 18ms
17ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-143004606-3&cid=1347880378.1707445190&jid=1644813261&_u=YCDACEAABAAAACAAI~&z=1065624300

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-143004606-3&cid=1347880378.1707445190&jid=1644813261&_u=YCDACEAABAAAACAAI~&z=1065624300

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 98ms
98ms Stylesheet
text/css 35.157.194.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.194.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ddacc3618c70d111c0ad8ac3060fd21c36846929db812678ceea34fcb23dc9fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Feb 2024 02:19:50 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 125ms
98ms Fetch
image/jpeg 35.157.194.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.194.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Feb 2024 02:19:50 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/ 20 B
359 B 438ms
233ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/prop.json?_=1707445190244
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 02:19:50 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://theordinary.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 pixel;r=2091490095;source=gtm;rf=0;a=p-vrgqp8HkEUxPG;url=https%3A%2F%2Ftheordinary.com%2Fen-de;uht=2;fpan=1;fpa=P0-358074775-1707445190156;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0...
pixel.quantserve.com/ 35 B
455 B 24ms
15ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2091490095;source=gtm;rf=0;a=p-vrgqp8HkEUxPG;url=https%3A%2F%2Ftheordinary.com%2Fen-de;uht=2;fpan=1;fpa=P0-358074775-1707445190156;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=theordinary.com;dst=1;et=1707445190274;tzo=-60;ogl=;ses=59bcbff9-fb02-4a7b-bc6e-58830e72497c;mdl=

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
686 B 77ms
39ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613778178781&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1707445190276&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.d3d5ce17.1707445190.a16e7b76
x-envoy-upstream-service-time: 1
content-length: 172
x-pinterest-rid: 1421110391350046
pin-unauth: dWlkPU4yUXpNekEyTkdNdE1qSXhNaTAwWm1VM0xUbGhNemN0WVdNM01qZGtOVGhtTnpSbQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theordinary.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
709 B 78ms
40ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613778178781&cb=1707445190277&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.d3d5ce17.1707445190.a16e7b74
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 172
x-pinterest-rid: 9348245702759547
pin-unauth: dWlkPU1qazJOakJoTlRFdE1qbGhNUzAwTVdNMUxXRmhNakV0Wm1ReFpqWmlaR0kxTkRBeg
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theordinary.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
687 B 78ms
41ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613778178781&cb=1707445190277&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.d3d5ce17.1707445190.a16e7b7b
x-envoy-upstream-service-time: 1
content-length: 172
x-pinterest-rid: 4133853186705321
pin-unauth: dWlkPVpHRXlOalEwTldNdFlXWmlNQzAwTm1Wa0xXSmlNRGt0TXpOallURXlPV1k0TXpkaA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theordinary.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 CQRecomm-Start Show response
theordinary.com/on/demandware.store/Sites-deciem-global-Site/en_DE/ 12 KB
2 KB 162ms
162ms XHR
text/html 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theordinary.com/on/demandware.store/Sites-deciem-global-Site/en_DE/CQRecomm-Start
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d738a4d2d97c0a38ec8daa5a4fe018fd92915eb4b5b77fd4e68c05748961f7c5

Request headers

Referer: https://theordinary.com/en-de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: accept-encoding
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8528a1374e3618b7-FRA
x-dw-request-base-id: hIXgqcWLxWUBAAB_
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
454 B 73ms
42ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613778178781&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ftheordinary.com%2Fen-de%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22deb3b3f8%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1707445190283

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d3d5ce17.1707445190.a16e7b7c
content-type: image/gif
access-control-allow-origin: *
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 1195890006246801
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 31ms
10ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=918069964921567&ev=PageView&dl=https%3A%2F%2Ftheordinary.com%2Fen-de&rl=&if=false&ts=1707445190294&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707445190293.1824231338&ler=empty&cdl=API_unavailable&it=1707445190164&coo=false&exp=e1&rqm=GET

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Feb 2024 02:19:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main.MTU3YmJkODI0MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 379 KB
103 KB 13ms
13ms Script
application/javascript 2.19.96.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBCND2RC77U9C04LJUV0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.162 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id: 272d0413
date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024012520084764BCE36CCE0074700A85
x-tt-trace-id: 00-24012520084764BCE36CCE0074700A85-132BF365CD1D916D-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-19-96-158.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017228500c401e99051417dc717e08618e6d12fa25fe3e1685ceba67f3548a70fcbf1c39ddef25d47faed91a13499ea9a383355944cbb89a420dcd23ee709ce430cc57e34cdd9582e7df36fa7ca63c57a3b2f59f6a4d24095bdf2d98ea2f4ecc40
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 104393

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 51ms
50ms Fetch
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613778178781&cb=1707445190361&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU4yUXpNekEyTkdNdE1qSXhNaTAwWm1VM0xUbGhNemN0WVdNM01qZGtOVGhtTnpSbQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Ftheordinary.com%2Fen-de%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22deb3b3f8%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d3d5ce17.1707445190.a16e7bf7
content-type: image/gif
access-control-allow-origin: https://theordinary.com
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 2130624440070380
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
699 B 55ms
55ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613778178781&cb=1707445190362&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU4yUXpNekEyTkdNdE1qSXhNaTAwWm1VM0xUbGhNemN0WVdNM01qZGtOVGhtTnpSbQ%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Ftheordinary.com%2Fen-de%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22deb3b3f8%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: theordinary.com
URL: https://theordinary.com/en-de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d3d5ce17.1707445190.a16e7bf8
content-type: image/gif
access-control-allow-origin: *
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 8650347325441601
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 15ms
14ms Script
application/javascript 2.19.96.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.162 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id: 272d0431
date: Fri, 09 Feb 2024 02:19:50 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240123151538CB105E941C491498224C
x-tt-trace-id: 00-240123151538CB105E941C491498224C-1FABFF5BB1D8E736-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-19-96-158.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e83572f3e52186dc1c593befa1fab62db99c1f7153c437ec06474e07ee27c8d6bb4252a83cc74e0784f7094d3a20b41c80a3c99c7448c7993d6435b3d9e32c7b9f5e52308612f81020fc1a7b2241bf4aaea20881c32eda1b3eaaf4bd6e886b94
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
content-length: 37008

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
968 B 366ms
135ms Ping
text/plain 104.120.210.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.210.154 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-120-210-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theordinary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b9467.8fc3fb12
date: Fri, 09 Feb 2024 02:19:50 GMT
x-bytefaas-request-id: 20240209021950CCC54761EA79DFF377CF
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240209021950CCC54761EA79DFF377CF-440DB4DA30B5B971-00
x-cache: TCP_MISS from a104-120-210-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
x-parent-response-time: 18,104.120.210.150
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240209021950CCC54761EA79DFF377CF
x-cache-remote: TCP_MISS from a23-58-124-18.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 3.96
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01df6a9976b24b1b4c9e3efb9e8a5e18d8f52956942534406cfc6d283103e5f7b48233251037953a9ab6ef7739697c84b88f2f1d9cb2558e3ee8687554e42ff9eef393143248e9056d3e7b8551ee7bda371f42e91cb0b46827160a334e7642fc8f11bdd927a6dcd006422de24c38b285cc
x-origin-response-time: 9,23.58.124.18
access-control-allow-headers: *
expires: Fri, 09 Feb 2024 02:19:50 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
840 B 148ms
148ms Ping
text/plain 2.19.96.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.162 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theordinary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2246814e.272d0434
date: Fri, 09 Feb 2024 02:19:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24020902195051426F3EAF3652EF4B06-4E172FC88239C371-00
x-cache: TCP_MISS from a2-19-96-158.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time: 133,2.19.96.158
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=51, inner; dur=48
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024020902195051426F3EAF3652EF4B06
x-cache-remote: TCP_MISS from a23-48-100-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1.1-53905974) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.48.100.209
x-tt-trace-host: 011d68ed99a1da9e98595cfdaa70b1c210169999ce770c8be2410d7781283bbe20ff3308bab2f418934c59c7d8ec886cae901eeefb05577d25c3cdef28e9a6846e2db017b4e7cf376cead75b6c56c489770cce349a6bafbc2b930a39a972c433dc80890d856d103af5ff2753fbffc07681
access-control-allow-headers: Authorization,*
expires: Fri, 09 Feb 2024 02:19:50 GMT

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 141 B
335 B 98ms
98ms XHR
text/plain 35.157.194.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=0iYoWT9h_Wql6Jbz1O7l5w&is_js=true&landing_url=https%3A%2F%2Ftheordinary.com%2Fen-de&t=Welcome%20to%20The%20Ordinary%3A%20Effective%20Clinical%20Skincare&tip=tROCbGC_NVdrmqojYH0oJYNxmwO8QUivtxnFbrItPQ4&host=https%3A%2F%2Ftheordinary.com&sa_conv_data_css_value=%270-2a3b3f42-d67b-53e2-7c07-614fc66f83cf%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd92a3b3f42d67b53e27c07614fc66f83cf50ff0acb&sa-user-id-v3=s%253AAQAKIOTojqAKskm9SwghyW7iS2kL7uOc0u-80B12XNCUFm0NEHwYBCDGl5auBjABOgRZmQvUQgQ773nX.Y3nTHqtLR9aWjJxe%252BhEiw2f2VUTWQ5CHA8dEUQtNOAQ&sa-user-id-v2=s%253AKjs_QtZ7U-J8B2FPxm-Dz1D_Css.d32xM%252BuluxMvp1Ve0kxZKY4lkjbg2Uj00JE8lapQnXo&sa-user-id=s%253A0-2a3b3f42-d67b-53e2-7c07-614fc66f83cf.hoyUdIpc5fa3ursQ%252FqlLKGA39ooPcyEnFT6ufYB6NLU
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.194.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-194-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f92854412bfd9859858770aa385986604dd115ea5b46568bce2f5674cd398ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: https://theordinary.com
date: Fri, 09 Feb 2024 02:19:50 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 141
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 rdn-natural-moisturizing-factors-ha-30ml.png
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw44a812cf/Images/products/The%20Ordinary/ 3 KB
3 KB 24ms
22ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw44a812cf/Images/products/The%20Ordinary/rdn-natural-moisturizing-factors-ha-30ml.png?sw=90&sh=90&sm=fit
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d66a0462824222aaa8713d18cb11f2d0c36cb0dfa5a4d59736708fcb82b6544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 40890
x-amz-cf-pop: FRA56-P5
cf-polished: origFmt=png, origSize=5342
x-amz-meta-cleanquerystring: sw=90&sh=90&sm=fit
x-cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="rdn-natural-moisturizing-factors-ha-30ml.webp"
content-length: 3186
x-amz-expiration: expiry-date="Fri, 23 Feb 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 21:32:46 GMT
server: cloudflare
etag: "a8547977fe98f8465271f0163da70102"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a1385ec818b7-FRA
x-amz-cf-id: pduD4316gP18tdKh73y9NGr999VFGWb7A0OLhp9Y3OtinEgJ_dt8qQ==

GET
H2 200 rdn-niacinamide-10pct-zinc-1pct-30ml.png
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw632d2597/Images/products/The%20Ordinary/ 3 KB
3 KB 20ms
19ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw632d2597/Images/products/The%20Ordinary/rdn-niacinamide-10pct-zinc-1pct-30ml.png?sw=90&sh=90&sm=fit
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ad995b09469a157a6ddc7961080491d432c89a7a5f44c9c77f3870fe7f3bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2527997
x-amz-cf-pop: FRA56-P5
cf-polished: origFmt=png, origSize=4331
x-amz-meta-cleanquerystring: sw=90&sh=90&sm=fit
x-cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="rdn-niacinamide-10pct-zinc-1pct-30ml.webp"
content-length: 2636
x-amz-expiration: expiry-date="Sun, 18 Feb 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 18 Jan 2023 16:15:10 GMT
server: cloudflare
etag: "80eb07892df613eaca308686fe755b3e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a1385eca18b7-FRA
x-amz-cf-id: AqU50rYhpLtK8ZX4kobm24E2fiBUYQNlATH3nHPEPAzHCf-do6hOnw==

GET
H2 200 rdn-squalane-cleanser-240ml.png
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw01df57dc/Images/products/The%20Ordinary/ 3 KB
3 KB 21ms
20ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw01df57dc/Images/products/The%20Ordinary/rdn-squalane-cleanser-240ml.png?sw=90&sh=90&sm=fit
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d74049199475a34a044aad4781c77889e68c343095b5298414db0a29252b6168

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1744933
x-amz-cf-pop: FRA56-P5
cf-polished: origFmt=png, origSize=5105
x-amz-meta-cleanquerystring: sw=90&sh=90&sm=fit
x-cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="rdn-squalane-cleanser-240ml.webp"
content-length: 2882
x-amz-expiration: expiry-date="Sun, 01 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 02:01:25 GMT
server: cloudflare
etag: "96855fdf270f57c8bd757d680f63acf7"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a1385ecb18b7-FRA
x-amz-cf-id: VtpAk-I2A9nQYiecQbMlIKeivT7ke53vihka7sJyff6EULMkgrWEhQ==

GET
H2 200 rdn-multi-peptide-ha-serum-30ml.png
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw173d9e13/Images/products/The%20Ordinary/ 2 KB
3 KB 23ms
22ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw173d9e13/Images/products/The%20Ordinary/rdn-multi-peptide-ha-serum-30ml.png?sw=90&sh=90&sm=fit
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baf559b2680a925d050b64d374236e5a24520567ff3f4b2d3dd7c62a1f3178a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 33795
x-amz-cf-pop: FRA56-P5
cf-polished: origFmt=png, origSize=4357
x-amz-meta-cleanquerystring: sw=90&sh=90&sm=fit
x-cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="rdn-multi-peptide-ha-serum-30ml.webp"
content-length: 2260
x-amz-expiration: expiry-date="Fri, 23 Feb 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 12:16:04 GMT
server: cloudflare
etag: "64caa5ba79e32598cbdd60f633b4bdd4"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a1385ecd18b7-FRA
x-amz-cf-id: Fc9RRUibByJDnREqFfcE1Pij6DWn8sVPKcgRhY-9Al7DbAS-0nyzdQ==

GET
H2 200 rdn-glycolic-acid-7pct-exfoliating-toner-100ml.png
theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw41525bb7/Images/products/The%20Ordinary/ 3 KB
3 KB 21ms
21ms Image
image/webp 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/dw/image/v2/BFKJ_PRD/on/demandware.static/-/Sites-deciem-master/default/dw41525bb7/Images/products/The%20Ordinary/rdn-glycolic-acid-7pct-exfoliating-toner-100ml.png?sw=90&sh=90&sm=fit
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c2693819e53905035cb5880801b6ab7b8ac3691b4900481ceb630ee94aecec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 368683
x-amz-cf-pop: FRA56-P5
cf-polished: origFmt=png, origSize=4906
x-amz-meta-cleanquerystring: sw=90&sh=90&sm=fit
x-cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="rdn-glycolic-acid-7pct-exfoliating-toner-100ml.webp"
content-length: 2792
x-amz-expiration: expiry-date="Sun, 08 Dec 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 15:18:18 GMT
server: cloudflare
etag: "6c580272f951d37ab660ceb739270e2b"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8528a1385ece18b7-FRA
x-amz-cf-id: Ci8gPrwq0Y7u2RV6L_aToPnesyDbjZ0Yi5OUV8QmReSWTMvSQUgWxw==

GET
H2 200 pebble Show response
p.cquotient.com/ 147 B
486 B 57ms
36ms Script
text/javascript 79.125.24.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.cquotient.com/pebble?tla=bfkj-deciem-global&activityType=viewReco&callback=CQuotient._act_callback1&cookieId=bcaNkr2WvEZDs3VZm7njTYxxPT&userId=&emailId=&products=id%3A%3A100435%7C%7Csku%3A%3A%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A%3B%3Bid%3A%3A100436%7C%7Csku%3A%3A%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A%3B%3Bid%3A%3A100446%7C%7Csku%3A%3A%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A%3B%3Bid%3A%3A100613%7C%7Csku%3A%3A%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A%3B%3Bid%3A%3A100418%7C%7Csku%3A%3A%7C%7Ctype%3A%3A%7C%7Calt_id%3A%3A&recommenderName=products-in-all-categories&realm=BFKJ&siteId=deciem-global&instanceType=prd&locale=en_DE&slotId=search-drawer-recommendations&slotConfigId=New%20Slot%20Configuration%20-%202023-01-04%2015%3A46%3A24&slotConfigTemplate=slots%2Frecommendation%2FsearchDrawerRecommendations.isml&viewRecoRoundtrip=249&anchors=&__recoUUID=cc7c2c75-1797-4c50-bc3e-219753182c2b&referrer=&currentLocation=https%3A%2F%2Ftheordinary.com%2Fen-de&__fbp=fb.1.1707445190293.1824231338&__dw_p=2768f26db64213afa579e052e120240301050000000&ls=true&_=1707445190455&v=v3.1.0&fbPixelId=__UNKNOWN__&json=%7B%22cookieId%22%3A%22bcaNkr2WvEZDs3VZm7njTYxxPT%22%2C%22userId%22%3A%22%22%2C%22emailId%22%3A%22%22%2C%22products%22%3A%5B%7B%22id%22%3A%22100435%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%2C%7B%22id%22%3A%22100436%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%2C%7B%22id%22%3A%22100446%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%2C%7B%22id%22%3A%22100613%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%2C%7B%22id%22%3A%22100418%22%2C%22sku%22%3A%22%22%2C%22type%22%3A%22%22%2C%22alt_id%22%3A%22%22%7D%5D%2C%22recommenderName%22%3A%22products-in-all-categories%22%2C%22realm%22%3A%22BFKJ%22%2C%22siteId%22%3A%22deciem-global%22%2C%22instanceType%22%3A%22prd%22%2C%22locale%22%3A%22en_DE%22%2C%22slotId%22%3A%22search-drawer-recommendations%22%2C%22slotConfigId%22%3A%22New%20Slot%20Configuration%20-%202023-01-04%2015%3A46%3A24%22%2C%22slotConfigTemplate%22%3A%22slots%2Frecommendation%2FsearchDrawerRecommendations.isml%22%2C%22viewRecoRoundtrip%22%3A249%2C%22anchors%22%3A%5B%22%22%5D%2C%22__recoUUID%22%3A%22cc7c2c75-1797-4c50-bc3e-219753182c2b%22%2C%22referrer%22%3A%22%22%2C%22currentLocation%22%3A%22https%3A%2F%2Ftheordinary.com%2Fen-de%22%2C%22__fbp%22%3A%22fb.1.1707445190293.1824231338%22%2C%22__dw_p%22%3A%222768f26db64213afa579e052e120240301050000000%22%2C%22ls%22%3Atrue%2C%22_%22%3A1707445190455%2C%22v%22%3A%22v3.1.0%22%2C%22fbPixelId%22%3A%22__UNKNOWN__%22%7D

Requested by

Host: cdn.cquotient.com
URL: https://cdn.cquotient.com/js/v2/gretel.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.125.24.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-79-125-24-105.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

45aa0639364311fbbda9f36acc7b3f59af60c924586894c08424ccfb3226e43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-content-type-options: nosniff
server: envoy
etag: W/"93-/zFgmaLJDkT/fSygyzALhSaBJh8"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 2
content-length: 147

GET
H2 200 __Analytics-Start
theordinary.com/on/demandware.store/Sites-deciem-global-Site/en_DE/ 35 B
202 B 154ms
154ms Image
image/gif 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.store/Sites-deciem-global-Site/en_DE/__Analytics-Start?url=https%3A%2F%2Ftheordinary.com%2Fen-de&res=1600x1200&cookie=1&ref=&title=Welcome%20to%20The%20Ordinary%3A%20Effective%20Clinical%20Skincare&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.37093688012801795&cmpn=&tz=Canada/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0
Requested by: Host: theordinary.com
URL: https://theordinary.com/en-de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8528a139981e18b7-FRA
x-dw-request-base-id: hIXmqcaLxWUBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/ 20 B
359 B 91ms
91ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/prop.json?_=1707445190713
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 02:19:50 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://theordinary.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 stub.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/static/111213/js/perf/ Frame 3134 1 KB
833 B 207ms
206ms Script
application/x-javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/static/111213/js/perf/stub.js

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Dec 2014 19:28:43 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=10368000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Sat, 08 Jun 2024 02:19:50 GMT

GET
H2 200 lightning.out.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/ Frame 3134 2 KB
1 KB 107ms
106ms Script
application/x-javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/lightning.out.js?v=2

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

455eb995c7a6d4af3cd5ec37e1f93da6751ed13901f05fc0d918cd434e61a89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Mon, 25 Jul 2016 17:58:09 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=10368000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Sat, 08 Jun 2024 02:19:50 GMT

GET
H2 200 main.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/jslibrary/1699262264246/sfdc/ Frame 3134 857 KB
228 KB 115ms
114ms Script
application/x-javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/jslibrary/1699262264246/sfdc/main.js

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

ac3f3d5e19e3b2accfa53fea5aa5cf197a102b18ade76f2461e207a884c8afbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 18:03:16 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=10368000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Sat, 08 Jun 2024 02:19:50 GMT

GET
H2 200 en_US.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/jslibrary/jslabels/1707335440000/ Frame 3134 225 KB
70 KB 341ms
341ms Script
text/javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/jslibrary/jslabels/1707335440000/en_US.js

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

ee1386bedb462b955c227a70d912100ca6e6c7a71f7caca76b95c2648f94b9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Wed, 7 Feb 2024 19:50:40 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CUR OTR STA"
content-type: text/javascript;charset=UTF-8
cache-control: public,max-age=3888000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:19:50 GMT

GET
H2 200 NetworkTracking.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/jslibrary/1647410351246/sfdc/ Frame 3134 3 KB
2 KB 109ms
109ms Script
application/x-javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/jslibrary/1647410351246/sfdc/NetworkTracking.js

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

09b12961a196f2c69ae3c1e75546d47b54655d12f91cc9b6aeb9df1465a5cc1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Wed, 07 Feb 2024 18:03:16 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=10368000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Sat, 08 Jun 2024 02:19:50 GMT

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ Frame 3134 30 KB
9 KB 20ms
20ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 09:40:16 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 04 Jul 2023 00:26:54 GMT
Content-Encoding: gzip
Age: 59974
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8455
X-XSS-Protection: 1; mode=block
Expires: Fri, 09 Feb 2024 09:40:16 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/ 20 B
359 B 94ms
94ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/prop.json?_=1707445190939
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 02:19:50 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://theordinary.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 lightning.out.delegate.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/ Frame 3134 13 KB
4 KB 115ms
115ms Script
application/x-javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/lightning.out.delegate.js?v=1707445191000

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/lightning.out.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

0336e5baa591c718d7715a7901fdc498b9b2de55c4271f48c074cb1f3715ba2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Wed, 31 May 2023 13:43:37 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public,max-age=10368000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Sat, 08 Jun 2024 02:19:51 GMT

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/ 20 B
440 B 95ms
94ms XHR
application/json 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://theordinary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 09 Feb 2024 02:19:51 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://theordinary.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/ Frame 0
0 95ms
95ms Preflight 34.192.191.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aa873949f74d/20690ba8a7264ee69bc444faa0915668/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-191-43.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://theordinary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 09 Feb 2024 02:19:51 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

POST
H2 200 events
cdn3.forter.com/ 0
420 B 153ms
128ms Ping
text/plain 99.84.88.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-110.muc50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://theordinary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:51 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 47b2ce4c0cbd550c326fba9b552b2176.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://theordinary.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5leaaU7QIvlnTrSwgWgt7ULDGgNjCRbAWAaes7RxnF6MbjAiR05hjA==
expires: -1

GET
H/1.1 200
OK common.js Show response
service.force.com/embeddedservice/5.0/utils/ Frame 3134 19 KB
6 KB 22ms
22ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

8d290d6ab1f11071876d2313114be38025b648b6dd0540855254481cd8c969fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 01:34:16 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:56:58 GMT
Content-Encoding: gzip
Age: 2735
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5742
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 01:34:16 GMT

GET
H/1.1 200
OK esw.css
service.force.com/embeddedservice/5.0/ Frame 3134 10 KB
5 KB 20ms
20ms Stylesheet
text/css 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

490d6b7bfd6aee946e047d10e1ab8d97c004399c496625076ed016111328f1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 00:05:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:09:42 GMT
Content-Encoding: gzip
Age: 8051
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4356
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 00:05:40 GMT

GET
H/1.1 200
OK liveagent.esw.js Show response
service.force.com/embeddedservice/5.0/client/ Frame 3134 51 KB
14 KB 41ms
20ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

5e9871bb0784f760f1b43a303555e93356fe5ef935904b7e272e3e7746ccac7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 01:28:28 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:09:20 GMT
Content-Encoding: gzip
Age: 3083
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 13497
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 01:28:28 GMT

GET
H/1.1 200
OK eswDev.html Show response
service.force.com/embeddedservice/5.0/ Frame 67A9 456 B
1 KB 21ms
21ms Document
text/html 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswDev.html?parent=https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

0788c2f27d3c80a9e4cb799e5cafe979c382cc7683bc06422703406a90a781f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deciem.my.salesforce-sites.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=UTF-8
Date: Fri, 09 Feb 2024 02:19:51 GMT
Expires: Sat, 10 Feb 2024 02:19:51 GMT
Last-Modified: Thu, 14 Sep 2023 00:07:48 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK eswFrame.js Show response
service.force.com/embeddedservice/5.0/ Frame 67A9 15 KB
6 KB 16ms
16ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswDev.html?parent=https://deciem.my.salesforce-sites.com/liveAgentSetupFlow

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

35a3077584fae7249cd4c52c61b6382cfa06243a9ef0a6ff1c46559c62f1006a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/eswDev.html?parent=https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 01:38:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Age: 2488
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5294
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 01:38:23 GMT

GET
H/1.1 200
OK session.esw.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 67A9 7 KB
2 KB 19ms
19ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

093e67a009a34d2a0049f6ec2f3a722a601ff8f235f064638c96d69403c08895

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/eswDev.html?parent=https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 01:38:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:09:26 GMT
Content-Encoding: gzip
Age: 2488
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 2015
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 01:38:23 GMT

GET
H/1.1 200
OK broadcast.esw.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 67A9 7 KB
3 KB 20ms
19ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

eabed4f1131111fd10b5bc90848516989ffdb8d47eb657774e89861d80171098

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/eswDev.html?parent=https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 00:06:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding: gzip
Age: 8022
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 2380
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 00:06:09 GMT

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 11ms
11ms Script
application/javascript 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js

Protocol

Security

QUIC, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

e25b95455e7fb1949815ca9634790871682f9499c5785d52e3a8202116543349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.cdd5ce17.1707445191.487d23d5
etag: "067bae08a9fe7a530b507c43b95e0778"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
alt-svc: h3=":443"; ma=600
content-length: 2082
quic-version: 0x00000001

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame 2F22 565 B
348 B 43ms
43ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.deb3b3f8.js

Protocol

Security

QUIC, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://theordinary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.cdd5ce17.1707445191.487d23dc
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 09 Feb 2024 02:19:51 GMT
pinterest-version: f9d1c7100d6ab6a9fc70375cea0fca5e275d3fa9
quic-version: 0x00000001
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1386238917833172

GET
H/1.1 200
OK chasitor.esw.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 67A9 52 KB
13 KB 18ms
18ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

a839c0acc85b6e474988fe5a37a678542ae443d1afc1c9a585af90d6d8fe4b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/eswDev.html?parent=https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 01:50:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 01 Feb 2023 22:50:32 GMT
Content-Encoding: gzip
Age: 1770
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 12318
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 01:50:21 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la1-c2-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/ Frame 3134 174 B
568 B 782ms
100ms Script
text/javascript 13.109.184.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c2-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D5w000003HZgL&EmbeddedServiceConfig.configName=LiveChatAgents&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=en-US

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.184.55 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg1-c5-iad4.la1-c2-ia4.salesforceliveagent.com

Software

Resource Hash

2940e0f14379fe794c3f9f42ea5b659fc998b5f6948b1a692789880a9add94a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.js Show response
service.force.com/embeddedservice/5.0/client/ Frame 3134 37 KB
9 KB 16ms
16ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

66c4421cc7f9c9af827c4269a5aa65fe8cb009d044eeed5878d6471d6f11597f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 00:07:15 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:10:00 GMT
Content-Encoding: gzip
Age: 7956
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8218
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 00:07:15 GMT

GET
H/1.1 200
OK filetransfer.esw.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 67A9 2 KB
1 KB 16ms
16ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

b23b1ae457fa87fb29541e045ccf0de3f1abab79a97803f0ec952f79a6fb1255

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/eswDev.html?parent=https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 01:50:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 21 Jul 2020 16:52:00 GMT
Content-Encoding: gzip
Age: 1786
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 763
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 01:50:05 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la1-c2-ia4.salesforceliveagent.com/chat/rest/Visitor/ Frame 3134 177 B
568 B 764ms
101ms Script
text/javascript 13.109.184.55
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c2-ia4.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735w000000GPUu]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725w000000GNbJ&org_id=00D5w000003HZgL&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.184.55 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg1-c5-iad4.la1-c2-ia4.salesforceliveagent.com

Software

Resource Hash

ab87844ef3e1a87e7d484904702276ec4425416746ff434983435b3749914873

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.js Show response
service.force.com/embeddedservice/5.0/utils/ Frame 3134 25 KB
7 KB 25ms
24ms Script
application/x-javascript 85.222.147.21
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg0-cdg3.eu26-cdg.force.com

Software

Resource Hash

b1312c9c8c324e53193dff61a0c784da7048655a2b43f5cfdaca886ed3ce85c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 01:48:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 16 Jul 2020 18:56:26 GMT
Content-Encoding: gzip
Age: 1855
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 6943
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Feb 2024 01:48:56 GMT

GET
H2 200 sidebarApp.app Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/embeddedService/ Frame 3134 76 KB
25 KB 167ms
166ms XHR
application/json 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/embeddedService/sidebarApp.app?aura.format=JSON&aura.formatAdapter=LIGHTNING_OUT

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/lightning.out.delegate.js?v=1707445191000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

23ab88071d48d3f736784ca6ceb409473771f5d864f9c5175538c522064bfec7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; base-uri 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; base-uri 'self'
content-encoding: gzip
server-timing: Total;dur=64
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Feb 2023 02:19:51 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
link: </liveAgentSetupFlow/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2FembeddedService%3AsidebarApp%22%3A%22kmIuwwQmVUbAOioMlDJQkw%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AiconPaths%22%2C%22markup%3A%2F%2FembeddedService%3AsnapInsBrandingTokens%22%2C%22markup%3A%2F%2FembeddedService%3AsnapInsCommunityBrandingTokens%22%2C%22markup%3A%2F%2Fui%3Atokens%22%5D%2C%22tuid%22%3A%22151K3F7_eO2gpfTmP_SdFg%22%2C%22cuid%22%3A-1427457931%7D%2C%22pathPrefix%22%3A%22%2FliveAgentSetupFlow%22%7D/app.css?2=>;rel=preload;as=style;nopush,<https://static.lightning.force.com/can56.sfdc-58ktaz/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js>;rel=preload;as=script,<https://static.lightning.force.com/can56.sfdc-58ktaz/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2FembeddedService%3AsidebarApp%22%3A%22kmIuwwQmVUbAOioMlDJQkw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/appcore.js?2=>;rel=preload;as=script,<https://static.lightning.force.com/can56.sfdc-58ktaz/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2FembeddedService%3AsidebarApp%22%3A%22kmIuwwQmVUbAOioMlDJQkw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?2=>;rel=preload;as=script
expires: Thu, 09 Feb 2023 02:19:51 GMT

GET
H2 200 app.css
deciem.my.salesforce-sites.com/liveAgentSetupFlow/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2FembeddedService%3... Frame 3134 172 KB
25 KB 210ms
210ms Stylesheet
text/css 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2FembeddedService%3AsidebarApp%22%3A%22kmIuwwQmVUbAOioMlDJQkw%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AiconPaths%22%2C%22markup%3A%2F%2FembeddedService%3AsnapInsBrandingTokens%22%2C%22markup%3A%2F%2FembeddedService%3AsnapInsCommunityBrandingTokens%22%2C%22markup%3A%2F%2Fui%3Atokens%22%5D%2C%22tuid%22%3A%22151K3F7_eO2gpfTmP_SdFg%22%2C%22cuid%22%3A-1427457931%7D%2C%22pathPrefix%22%3A%22%2FliveAgentSetupFlow%22%7D/app.css?2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

ef3c0b481f97a8ebeee75690c5235e0a45c0658dd88d1325435026042fc4cc42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 02:19:51 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-xss-protection: 1; mode=block
expires: Sat, 08 Jun 2024 02:19:51 GMT

GET
H2 200 aura_prod.js Show response
static.lightning.force.com/can56.sfdc-58ktaz/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/ Frame 3134 835 KB
262 KB 107ms
53ms Script
text/javascript 2a02:26f0:3500:89a::38e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.lightning.force.com/can56.sfdc-58ktaz/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::38e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

380d50cc899d0aadee0b196b7d5be1f1ee2000f08d9eee542aeefc492b86aadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Feb 2024 02:19:51 GMT
akamai-grn: 0.9ea12417.1707445191.14f88e2f
server-timing: Total;dur=5
content-length: 266975
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Jan 2024 09:19:44 GMT
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,HEAD
access-control-expose-headers: Server-Timing
cache-control: public, max-age=28450807, immutable
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 03 Jan 2025 09:19:58 GMT

GET
H2 200 appcore.js Show response
static.lightning.force.com/can56.sfdc-58ktaz/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%2... Frame 3134 800 KB
102 KB 97ms
43ms Script
text/javascript 2a02:26f0:3500:89a::38e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.lightning.force.com/can56.sfdc-58ktaz/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2FembeddedService%3AsidebarApp%22%3A%22kmIuwwQmVUbAOioMlDJQkw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/appcore.js?2=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::38e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4f926f4c58c2491bf4d7a3c066e43daa15315303c833d7ed97035e241d1a5b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Feb 2024 02:19:51 GMT
akamai-grn: 0.9ea12417.1707445191.14f88e2e
content-length: 103589
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 06:33:10 GMT
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,HEAD
cache-control: public, max-age=26626400, immutable
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 06:33:11 GMT

GET
H2 200 app.js Show response
static.lightning.force.com/can56.sfdc-58ktaz/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%2... Frame 3134 5 MB
1 MB 61ms
8ms Script
text/javascript 2a02:26f0:3500:89a::38e9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:89a::38e9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cc9125fbd36b8ab16e2b162263204334339037364d3aa1f6242ec61c5eeff7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Feb 2024 02:19:51 GMT
akamai-grn: 0.9ea12417.1707445191.14f88e2d
content-length: 1146517
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 06:33:11 GMT
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,HEAD
cache-control: public, max-age=26626342, immutable
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
timing-allow-origin: *
expires: Fri, 13 Dec 2024 06:32:13 GMT

GET
H2 200 resources.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdE... Frame 3134 5 KB
2 KB 178ms
178ms Script
text/javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2FembeddedService%3AsidebarApp%22%3A%22kmIuwwQmVUbAOioMlDJQkw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2FliveAgentSetupFlow%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/resources.js?pv=1707420051000-1212909925&rv=1701889968000

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/lightning.out.delegate.js?v=1707445191000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

8644ffbdcfdcf2fb91162c8ae42fd388b1da8f11239f9fd08083ef32ec5a2da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 02:19:51 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private,max-age=31536000,immutable
x-xss-protection: 1; mode=block
expires: Sat, 08 Jun 2024 02:19:51 GMT

GET
H2 200 inline.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdE... Frame 3134 110 KB
37 KB 172ms
172ms Script
text/javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/lightning.out.delegate.js?v=1707445191000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

d1cca0dc098dad86b2a4d0968ee003921b8db4db3eb8558f7f593eed050ba2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Feb 2023 02:19:51 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection: 1; mode=block
expires: Thu, 09 Feb 2023 02:19:51 GMT

GET
H2 200 bootstrap.js Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22embeddedService%3AsidebarApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdE... Frame 3134 41 KB
15 KB 168ms
168ms Script
text/javascript 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: deciem.my.salesforce-sites.com
URL: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/lightning/lightning.out.delegate.js?v=1707445191000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

edda0f93d08cec001ae5318b2ad3bb2029b6d13684f2fe0ea695b3ba560b6d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Feb 2023 02:19:51 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection: 1; mode=block
expires: Thu, 09 Feb 2023 02:19:51 GMT

GET
H2 200 __Analytics-Start
theordinary.com/on/demandware.store/Sites-deciem-global-Site/en_DE/ 35 B
129 B 153ms
153ms Image
image/gif 104.19.145.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theordinary.com/on/demandware.store/Sites-deciem-global-Site/en_DE/__Analytics-Start?url=https%3A%2F%2Ftheordinary.com%2Fen-de&res=1600x1200&cookie=1&ref=&title=Welcome%20to%20The%20Ordinary%3A%20Effective%20Clinical%20Skincare&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.7790052858373777&cmpn=&tz=Canada/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.19.145.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/en-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8528a141ee1018b7-FRA
x-dw-request-base-id: hIX4qceLxWUBAAB_
content-length: 35
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 aura Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/ Frame 3134 83 KB
25 KB 130ms
129ms XHR
application/json 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/aura?r=0&aura.Component.getComponent=2

Requested by

Host: static.lightning.force.com
URL: https://static.lightning.force.com/can56.sfdc-58ktaz/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

77460919f3fc28b2a0e45d98e1c0936daffa4d551bdd793d0b1046042bc665a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 09 Feb 2024 02:19:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Feb 2023 02:19:52 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json;charset=UTF-8
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
server-timing: Total;dur=23
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 09 Feb 2023 02:19:52 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la1-core1.sfdc-58ktaz.salesforceliveagent.com/chat/rest/EmbeddedService/ Frame 3134 17 KB
4 KB 339ms
109ms Script
text/javascript 3.97.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-core1.sfdc-58ktaz.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D5w000003HZgL&EmbeddedServiceConfig.configName=LiveChatAgents&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=en-US

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.97.95.115 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-97-95-115.ca-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

715e4d5c1ce323d3e747ef17dec1b05637a1b2dc93cda86ea88bd38495221a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
expires: -1

GET
H/1.1 200
OK Settings.jsonp Show response
d.la1-core1.sfdc-58ktaz.salesforceliveagent.com/chat/rest/Visitor/ Frame 3134 352 B
649 B 328ms
100ms Script
text/javascript 3.97.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-core1.sfdc-58ktaz.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735w000000GPUu]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725w000000GNbJ&org_id=00D5w000003HZgL&version=48

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.97.95.115 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-97-95-115.ca-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

e1685605e403154b0ed6cb044452235672fac978c567a054c5556097a2b24bea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deciem.my.salesforce-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
expires: -1

GET icon24.png
gighmmpiobklfepjocnamgkkbiglidom/icons/ Frame 379D 0
0

GET close-icon.svg
ihcjicgdanjaechkgeegckofjjedodee/app/assets/ Frame D120 0
0

GET
H2 200 logo_small.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
279 B 47ms
8ms Image
image/gif 2600:9000:266e:d600:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_small.gif?dfpadname=&check=1707445192380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:d600:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:52 GMT
via: 1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: gePQhsuVkpJXzFMXS49C-V9VexxQMs-32pEBTNy9hc6_x-LyavV7tA==

GET
H2 200 logo_medium.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
277 B 48ms
9ms Image
image/gif 2600:9000:266e:d600:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_medium.gif?check=1707445192380&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:d600:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:52 GMT
via: 1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: 5awAIrJJpmllNb19Lpop-SUiAlce2ISofgf4gJBaV6mcDWWd8putPg==

GET
H2 200 logo_large.gif
d3nocrch4qti4v.cloudfront.net/ 48 B
281 B 45ms
7ms Image
image/gif 2600:9000:266e:d600:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_large.gif?1707445192380&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:d600:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theordinary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:19:52 GMT
via: 1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: 1EvEWN-3NXg5Pby3NvlTCQvVayKxNsI76yZ5gyL-EPGvchveetPmuQ==

GET icon16.png
mlomiejdfkolichcflejclcbmpeaniij/app/images/ Frame 1B0F 0
0

POST
H2 200 aura Show response
deciem.my.salesforce-sites.com/liveAgentSetupFlow/ Frame 3134 1 KB
997 B 152ms
152ms XHR
application/json 52.60.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deciem.my.salesforce-sites.com/liveAgentSetupFlow/aura?r=1&aura.ApexAction.execute=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.60.165.90 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-90.ca-central-1.compute.amazonaws.com

Software

Resource Hash

7321f4129fb00d9bfd5e11e8df60bf07c4efd88453228f40dc80c2ee14f65486

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deciem.my.salesforce-sites.com/liveAgentSetupFlow
X-SFDC-LDS-Endpoints: ApexActionController.execute:PullAgentAvail.PullAgentAvailInRegion
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 09 Feb 2024 02:19:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Feb 2023 02:19:52 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json;charset=UTF-8
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
server-timing: Total;dur=46
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 09 Feb 2023 02:19:52 GMT

POST
H2 200 events
cdn3.forter.com/ 0
421 B 301ms
301ms Ping
text/plain 99.84.88.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-110.muc50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://theordinary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 02:19:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 47b2ce4c0cbd550c326fba9b552b2176.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://theordinary.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2VRy58RoxJ4HWuXDPyNJY3rLmDva9XQXjyvuQynYaKolMr8mRNGA4g==
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gighmmpiobklfepjocnamgkkbiglidom
URL: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png

Domain: ihcjicgdanjaechkgeegckofjjedodee
URL: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg

Domain: mlomiejdfkolichcflejclcbmpeaniij
URL: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 18:18:51	Name: X-AB Value: 0e7c1af40516408db47e00ecc6f3ad69
theordinary.com/	1969-12-31 23:59:59	Name: dwac_293b1c68ed64803efcdd8a9cb2 Value: A9NQ9VFGxP0SCEmB1KmqAkDBoMEmjcBH7Ak%3D\|dw-only\|\|\|USD\|false\|Canada%2FEastern\|true
theordinary.com/	1969-12-31 23:59:59	Name: cquid Value: \|\|
theordinary.com/	1969-12-31 23:59:59	Name: sid Value: A9NQ9VFGxP0SCEmB1KmqAkDBoMEmjcBH7Ak
.theordinary.com/	1970-01-21 03:03:01	Name: consent Value: marketing
theordinary.com/	1970-01-20 22:36:37	Name: dwpersonalization_e6127764d033023f3e29a8ce18b4fbbb Value: 2768f26db64213afa579e052e120240301050000000
theordinary.com/	1970-01-20 22:36:37	Name: dwanonymous_e6127764d033023f3e29a8ce18b4fbbb Value: ab5rCtGPNNgH1w3a2DxjNIJboL
.theordinary.com/	1970-01-21 03:03:01	Name: shippingCountry Value: DE
theordinary.com/	1969-12-31 23:59:59	Name: dwsid Value: KqrsF3KvzWdeAYdJtWZiL2m4HCMFZMndoADH1VS41bJiLjbocTWnZCIeD_LTXgNcB0V6cxmC22OHIAKADH2X5w==
theordinary.com/	1969-12-31 23:59:59	Name: dwac_aa97ccc54bc3ccdfc4920b1f68 Value: A9NQ9VFGxP0SCEmB1KmqAkDBoMEmjcBH7Ak%3D\|dw-only\|\|\|EUR\|false\|Canada%2FEastern\|true
theordinary.com/	1969-12-31 23:59:59	Name: cqcid Value: bcaNkr2WvEZDs3VZm7njTYxxPT
theordinary.com/	1970-01-20 22:36:37	Name: dwpersonalization_c89ed50662a479b16c167dc68820dc6c Value: 19a456c54cf8f548a5e9bd127220240301050000000
theordinary.com/	1970-01-20 22:36:37	Name: dwanonymous_c89ed50662a479b16c167dc68820dc6c Value: bcaNkr2WvEZDs3VZm7njTYxxPT
theordinary.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 0
theordinary.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 0
.theordinary.com/	1970-01-20 20:27:01	Name: _gcl_au Value: 1.1.1515123092.1707445190
.theordinary.com/	1970-01-20 20:27:01	Name: _rdt_uuid Value: 1707445190128.5db51ceb-cec9-4fdb-bf5e-4fe040111828
.theordinary.com/	1970-01-21 03:53:25	Name: _ga Value: GA1.2.1347880378.1707445190
.theordinary.com/	1970-01-20 18:18:51	Name: _gid Value: GA1.2.757110138.1707445190
.theordinary.com/	1970-01-20 18:17:25	Name: _gat_UA-143004606-3 Value: 1
.theordinary.com/	1970-01-21 03:53:25	Name: ftr_ncd Value: 6
.doubleclick.net/	1970-01-20 18:17:26	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 22:36:37	Name: receive-cookie-deprecation Value: 1
.flashtalking.com/	1970-01-21 03:46:49	Name: flashtalkingad1 Value: "GUID=588311BB60E716"
tags.srv.stackadapt.com/	1970-01-21 03:03:01	Name: sa-user-id Value: s%3A0-2a3b3f42-d67b-53e2-7c07-614fc66f83cf.hoyUdIpc5fa3ursQ%2FqlLKGA39ooPcyEnFT6ufYB6NLU
.srv.stackadapt.com/	1970-01-21 03:03:01	Name: sa-user-id Value: s%3A0-2a3b3f42-d67b-53e2-7c07-614fc66f83cf.hoyUdIpc5fa3ursQ%2FqlLKGA39ooPcyEnFT6ufYB6NLU
tags.srv.stackadapt.com/	1970-01-21 03:03:01	Name: sa-user-id-v2 Value: s%3AKjs_QtZ7U-J8B2FPxm-Dz1D_Css.d32xM%2BuluxMvp1Ve0kxZKY4lkjbg2Uj00JE8lapQnXo
.srv.stackadapt.com/	1970-01-21 03:03:01	Name: sa-user-id-v2 Value: s%3AKjs_QtZ7U-J8B2FPxm-Dz1D_Css.d32xM%2BuluxMvp1Ve0kxZKY4lkjbg2Uj00JE8lapQnXo
tags.srv.stackadapt.com/	1970-01-21 03:03:01	Name: sa-user-id-v3 Value: s%3AAQAKIOTojqAKskm9SwghyW7iS2kL7uOc0u-80B12XNCUFm0NEHwYBCDGl5auBjABOgRZmQvUQgQ773nX.Y3nTHqtLR9aWjJxe%2BhEiw2f2VUTWQ5CHA8dEUQtNOAQ
.srv.stackadapt.com/	1970-01-21 03:03:01	Name: sa-user-id-v3 Value: s%3AAQAKIOTojqAKskm9SwghyW7iS2kL7uOc0u-80B12XNCUFm0NEHwYBCDGl5auBjABOgRZmQvUQgQ773nX.Y3nTHqtLR9aWjJxe%2BhEiw2f2VUTWQ5CHA8dEUQtNOAQ
.theordinary.com/	1970-01-21 03:47:11	Name: _scid Value: efbe927e-e54d-4fc7-a46a-00dfa73b45a6
.theordinary.com/	1970-01-21 03:47:11	Name: _scid_r Value: efbe927e-e54d-4fc7-a46a-00dfa73b45a6
.theordinary.com/	1970-01-20 18:18:51	Name: _uetsid Value: b3df4510c6f111ee83b5931fdad6bf00
.theordinary.com/	1970-01-21 03:39:01	Name: _uetvid Value: b3df4bd0c6f111ee8957d396e29517dd
.bing.com/	1970-01-21 03:39:01	Name: MUID Value: 1BF198F4C1A56DB636E98CD4C0096CFE
.theordinary.com/	1970-01-21 03:03:01	Name: _hjSessionUser_1434794 Value: eyJpZCI6ImFmY2U0N2QwLTE1MzUtNTU1ZS04Y2IwLTYwOTNmMDFkZjI5NyIsImNyZWF0ZWQiOjE3MDc0NDUxOTAyNjksImV4aXN0aW5nIjpmYWxzZX0=
.theordinary.com/	1970-01-20 18:17:26	Name: _hjSession_1434794 Value: eyJpZCI6IjgyNTc5NjI3LTMzMWMtNDFhZS04NzUyLWM1OWMwNGE5Y2Y3MSIsImMiOjE3MDc0NDUxOTAyNjksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
theordinary.com/	1970-01-21 03:03:01	Name: sa-user-id Value: s%253A0-2a3b3f42-d67b-53e2-7c07-614fc66f83cf.hoyUdIpc5fa3ursQ%252FqlLKGA39ooPcyEnFT6ufYB6NLU
theordinary.com/	1970-01-21 03:03:01	Name: sa-user-id-v2 Value: s%253AKjs_QtZ7U-J8B2FPxm-Dz1D_Css.d32xM%252BuluxMvp1Ve0kxZKY4lkjbg2Uj00JE8lapQnXo
theordinary.com/	1970-01-21 03:03:01	Name: sa-user-id-v3 Value: s%253AAQAKIOTojqAKskm9SwghyW7iS2kL7uOc0u-80B12XNCUFm0NEHwYBCDGl5auBjABOgRZmQvUQgQ773nX.Y3nTHqtLR9aWjJxe%252BhEiw2f2VUTWQ5CHA8dEUQtNOAQ
.theordinary.com/	1970-01-20 20:27:01	Name: _fbp Value: fb.1.1707445190293.1824231338
.quantserve.com/	1970-01-21 03:47:39	Name: mc Value: 65c58bc6-460a5-1d1d2-913f7
.theordinary.com/	1970-01-21 03:41:53	Name: __qca Value: P0-358074775-1707445190156
.tiktok.com/	1970-01-21 03:39:01	Name: _ttp Value: 2c6wAEjGatEHmZIBi33FO7EeU5R
.pinterest.com/	1970-01-21 03:03:01	Name: ar_debug Value: 1
.theordinary.com/	1970-01-21 03:03:01	Name: _pin_unauth Value: dWlkPU4yUXpNekEyTkdNdE1qSXhNaTAwWm1VM0xUbGhNemN0WVdNM01qZGtOVGhtTnpSbQ
.theordinary.com/	1970-01-21 03:39:01	Name: _tt_enable_cookie Value: 1
.theordinary.com/	1970-01-21 03:39:01	Name: _ttp Value: ZCl3TjzOyOqI26PQk5ymOL507FP
.ct.pinterest.com/	1970-01-21 03:03:01	Name: _pinterest_ct_ua Value: "TWc9PSZOaWpWUVBqamF3RFJBdm14cW5lMkliVlBQQ3gzQkVHajR2YjdNRkxaeC95emFnZjRNSlMxdkhKN2VXTSs5RlhMcEFidGlXODVOU010Ri9RRmFmS01BQkN3d01pdG5MdzkwTTMrZFNtN0xUZz0mTHF4c3ZZTmttT2RrS2JVc0ZFM3FNYmo3bWxvPQ=="
.cquotient.com/	1970-01-21 03:46:13	Name: uuid Value: bcaNkr2WvEZDs3VZm7njTYxxPT
.theordinary.com/	1970-01-21 03:46:13	Name: __cq_uuid Value: bcaNkr2WvEZDs3VZm7njTYxxPT
deciem.my.salesforce-sites.com/	1970-01-21 03:03:01	Name: BrowserId_sec Value: tCR0asbxEe6Fs6f2jkrF7g
.force.com/	1970-01-21 03:03:01	Name: BrowserId_sec Value: tIaRpcbxEe66_1fWRVPQHQ
.theordinary.com/	1970-01-21 03:53:25	Name: _ga_K1WHNF7H93 Value: GS1.1.1707445190.1.0.1707445191.59.0.0
.theordinary.com/	1970-01-21 03:53:25	Name: forterToken Value: 20690ba8a7264ee69bc444faa0915668_1707445189879__UDF43-m4_9ck_

72 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cdn2.gbqofs.com/deciem/p/detector-dom.min.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: (program):2 Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/918069964921567?v=2.9.145&r=stable&domain=theordinary.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://theordinary.com/en-de Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

110006539.collect.igodigital.com
11373437.fls.doubleclick.net
13759042.fls.doubleclick.net
20690ba8a7264ee69bc444faa0915668-aa873949f74d.cdn.forter.com
aa873949f74d.cdn4.forter.com
adservice.google.com
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
bat.bing.com
cdn.cquotient.com
cdn0.forter.com
cdn2.gbqofs.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
ct.pinterest.com
d.la1-c2-ia4.salesforceliveagent.com
d.la1-core1.sfdc-58ktaz.salesforceliveagent.com
d3nocrch4qti4v.cloudfront.net
deciem.my.salesforce-sites.com
deciemchatbuild.secure.force.com
e.cquotient.com
gighmmpiobklfepjocnamgkkbiglidom
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
p.cquotient.com
pixel.quantserve.com
publicfiles10em.blob.core.windows.net
region1.analytics.google.com
rules.quantcount.com
s.pinimg.com
sc-static.net
script.hotjar.com
secure.quantserve.com
servedby.flashtalking.com
service.force.com
static.hotjar.com
static.lightning.force.com
static.myshlf.us
stats.g.doubleclick.net
tags.srv.stackadapt.com
theordinary.com
tr.snapchat.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
gighmmpiobklfepjocnamgkkbiglidom
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
104.120.210.154
104.19.145.121
13.109.184.55
13.32.27.21
13.32.29.156
142.250.181.230
143.204.207.250
143.204.98.64
151.101.129.140
18.245.60.103
18.245.60.77
18.66.97.10
2.19.96.162
2001:4860:4802:34::36
23.206.208.183
23.215.22.232
2600:9000:214f:5a00:f:8ce2:fb80:93a1
2600:9000:223c:d400:6:44e3:f8c0:93a1
2600:9000:266e:d600:7:bffe:c3c0:21
2606:4700::6812:190d
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9b
2a02:26f0:3500:89a::38e9
2a02:26f0:480:592::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::396
3.234.25.89
3.96.182.255
3.97.95.115
34.192.191.43
35.157.194.178
35.190.43.134
52.239.221.36
52.60.165.90
54.145.98.26
79.125.24.105
85.222.147.21
99.84.88.110
00ad995b09469a157a6ddc7961080491d432c89a7a5f44c9c77f3870fe7f3bb6
01611bacab0bec0ff5d71c5f9bdbf7a29f5fa4537257528d09d8f869f28e7ffd
0336e5baa591c718d7715a7901fdc498b9b2de55c4271f48c074cb1f3715ba2e
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
05f0deddcdd56b05ca434e6ac2f8e602e4e62b161dc857075544e0876ad08d89
0788c2f27d3c80a9e4cb799e5cafe979c382cc7683bc06422703406a90a781f6
093e67a009a34d2a0049f6ec2f3a722a601ff8f235f064638c96d69403c08895
09b12961a196f2c69ae3c1e75546d47b54655d12f91cc9b6aeb9df1465a5cc1d
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
0d209f47cf87a5f4e3aba738e77c973b5d3e44a835563e56ceabaced5d6429a1
135cc2fb726f9d5ba840faf6e0ff280e2bd7b6b28a2736bd6092c807cfbea88c
14a5db39ccfbf8006165d86c3ac66b1569ca7284d0bbda30077be3935bcf4afc
16cdbae19eafd4314fa19996b2eeaef5c6660fc43269d7d538854e81e213d95a
1a18c7d97100ebfda148b980d3edb247332788b8b023aca91b28c7edc7308cd2
23ab88071d48d3f736784ca6ceb409473771f5d864f9c5175538c522064bfec7
24ec300ca34c4fa1aed08e5a1fe88c8532298135c361b00933ea640b2fc860e4
27cf680ace881bcdbca064ab11ad951b69922451b4efd5a2168be5ae3298a87e
280812c22af4d153c169a7326891471ff0069e0c4520396214d7e4c115b9e068
2940e0f14379fe794c3f9f42ea5b659fc998b5f6948b1a692789880a9add94a5
2dc42a20cd2e7a09b72cb3f7f0e9871dbeece524e96bc66a25a3cd8d1c25f07b
2eaf21223b517884e61dce4306eb0214a2c5bf9c14321356e9c6ceb0760985c2
33e4d53f0d4ee67a20f0038c9cfaba9b595ceec36b35096793c6d028965614ee
3548e08b4ab3c9c1f4c896ae70f5707486deb31f9b6f9cc5cf6fd5d8dccb8676
35a3077584fae7249cd4c52c61b6382cfa06243a9ef0a6ff1c46559c62f1006a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
380d50cc899d0aadee0b196b7d5be1f1ee2000f08d9eee542aeefc492b86aadc
3813fc413958e1b37026ee2e691a2ae6d834084c7df33be4f435cf97180591ad
39fa8d9c58db985ce8f03707c67970ca171321b7b112764057569c9aacde625b
3c2693819e53905035cb5880801b6ab7b8ac3691b4900481ceb630ee94aecec8
3d7676fb1a857205651c1ad44a869193886877a7ada6cb1ada2d20a72b40f104
3f8e47df1b26e4c9275d56c82ee82c9bfe7479b1231ffd582d55ccae8003bc3d
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e
43d04af47e07ec175f22903793a79c673bb93015ae1f96a5b4a6a6f24fbb5b96
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d42c1263c3ea673d2af85a9ba042da865f4772d658324b1561c7383319f51b
455eb995c7a6d4af3cd5ec37e1f93da6751ed13901f05fc0d918cd434e61a89c
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
45aa0639364311fbbda9f36acc7b3f59af60c924586894c08424ccfb3226e43a
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
490d6b7bfd6aee946e047d10e1ab8d97c004399c496625076ed016111328f1f9
4b6ebfc54a99c0252d22b86fd5629011a0a84d5806c0676b031b6dcd87b2fd1d
4bae38610dc93749bdb7f6255d16d61dec5637abd6598f38e72144efa9dd3dcd
4f926f4c58c2491bf4d7a3c066e43daa15315303c833d7ed97035e241d1a5b69
5005a57736600dff609a04ba89a80eb076722e1f8a23d8b2ad5cfcb1231ae30e
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
5b4cae9ab01592b26949eb3cbcb0d15b89c51568942c87d9abfc45ca01424b15
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e9871bb0784f760f1b43a303555e93356fe5ef935904b7e272e3e7746ccac7b
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
5f8c5c4243962dba74d36be7825b6e50f7730829bfe1278c981aeb4aa68aef61
608fa20f5c636ea35a8d7f4939f4aa1101d531df29f858af3839b849dd62747d
66c4421cc7f9c9af827c4269a5aa65fe8cb009d044eeed5878d6471d6f11597f
6903d61b1cc414c444950c4aab5ceb178c35269902df7acf00057c3317098083
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d66a0462824222aaa8713d18cb11f2d0c36cb0dfa5a4d59736708fcb82b6544
6dc0c894d32caefabb595efb5ddc0c91bef062a271667b056be21f1f5113f8f8
715e4d5c1ce323d3e747ef17dec1b05637a1b2dc93cda86ea88bd38495221a1c
7321f4129fb00d9bfd5e11e8df60bf07c4efd88453228f40dc80c2ee14f65486
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
758e7c49f56cb58d592ee0536aaff4e846a66b99b82c4080f50bbd398aac5934
77460919f3fc28b2a0e45d98e1c0936daffa4d551bdd793d0b1046042bc665a2
776bdffbfa8463da673a3edb26ac95e2dba8f9ea09967685e4e6c2c59b73ff85
77c26258af8d7b8525ffe5be4b62cbcacb2bf9a2315c0617d9b3b31cc7991341
78bb6fd88bd659d9e49f1c40a0ddc75d4f9df25bc686294ef0a0700a728e137e
798e56973f3dd6b3cf503ad57d7a9643073cdf574a6aa81e2a2515b7bd9343f5
7990b42444f5019a6fe4d828c931248444f943097a1bff4c3b577881ce6680be
7a839a8b106f495a63d8e4ead1bf648b90f3c97150c7a97adfa094fb8f6d0740
7b238c5b1d4721202df086cef4e95c6186800649afc6e49707d0f3c3e97ad961
7f75d85a2a371d1d194fb4668ff64d814ae1e882804388580b1b6810323090c0
8440273b6470e7d97333add30f1d86d04be0d781cdd988a51d66b0029edbf0f3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8644ffbdcfdcf2fb91162c8ae42fd388b1da8f11239f9fd08083ef32ec5a2da5
87b2aa3db7807ba502b83ecf3f5bb314b28caa7c47d0751039a472948a8cc07f
8840219a50fb8cede51a7bc090d528f130dbd7e5761a62b7a189563b25a7deb5
8abea80ff465a0f952c82a3d4b82027045a1a34c95b78227536275e194c4b4ad
8d290d6ab1f11071876d2313114be38025b648b6dd0540855254481cd8c969fe
8f1c242f8ab56e926271c58a17f0bcc42afb5496960cac798b66c551ea3fa150
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
97223d2d4bf5dc81d4dab5b8cfcd1030bcb2f283e571a88e7dd84d938cff7520
978dbd2b44c49004a0dc12b906ab394766cbf6eb2edeeee5763b710db3826819
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a713761be2c3c12881a59ac5da8f6cc0e34a5e9a57137cd16ce61cc98d87fabf
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a839c0acc85b6e474988fe5a37a678542ae443d1afc1c9a585af90d6d8fe4b24
aafe4c70c93efa67b43e3e1f50fa48f9cad9dcd369722eb79e39b9f17791b4e6
ab4c6c213dea5bbfb5d836bfa5e19fd035ca43c9f74550a91b35eaf07b330381
ab6a244b8280559b1c1e0b8cf9166aa448cb57cb9fd5a35eae20aa35504423e1
ab87844ef3e1a87e7d484904702276ec4425416746ff434983435b3749914873
ac3f3d5e19e3b2accfa53fea5aa5cf197a102b18ade76f2461e207a884c8afbb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1312c9c8c324e53193dff61a0c784da7048655a2b43f5cfdaca886ed3ce85c6
b23b1ae457fa87fb29541e045ccf0de3f1abab79a97803f0ec952f79a6fb1255
b306b09654fe82ddf9f380fb188d3b957efcc472f0d44142e440c3fd6689e67a
baf559b2680a925d050b64d374236e5a24520567ff3f4b2d3dd7c62a1f3178a1
bc77e58076d7a8bbed8e0f89c151ef555c9b31d96fe978a714da5b11fef98782
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
be766333fba21f1cc1bc6aaa1e2090736ae8762650af97d2b01982089ef0a3fb
cc9125fbd36b8ab16e2b162263204334339037364d3aa1f6242ec61c5eeff7d6
ce7cac07547c83a26354a466726c6659d7aab42772aa70b302afffd4d8282709
cecc2396c967d5b1267653339c86dbe9e9d851790c66a5a39d3b33ed6aa7bba8
cee0f7c3fc5985ee29d396c528d093e2840d95b53b358d0a8030f3aef39fc39f
d0721ac91b973b019d6f365bafb54fe794c973f88277924c036e25a077f5feaa
d1cca0dc098dad86b2a4d0968ee003921b8db4db3eb8558f7f593eed050ba2ed
d1d1e8a14364e07860871b9a85268df856270fea92d85af309e0c44d86880a80
d738a4d2d97c0a38ec8daa5a4fe018fd92915eb4b5b77fd4e68c05748961f7c5
d74049199475a34a044aad4781c77889e68c343095b5298414db0a29252b6168
ddacc3618c70d111c0ad8ac3060fd21c36846929db812678ceea34fcb23dc9fe
ddd60963b341f05865b760547bfe8c19e89d4759a80132f81d4f1670a40db4d7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1685605e403154b0ed6cb044452235672fac978c567a054c5556097a2b24bea
e25b95455e7fb1949815ca9634790871682f9499c5785d52e3a8202116543349
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b7d18292034245d199f395242c6f37f572087f2bfbe51fc1a81dd78879e2a9
eabed4f1131111fd10b5bc90848516989ffdb8d47eb657774e89861d80171098
eb7e538ff5ac49c340b99abcdf2d07cd5e7bffe03579a9510b06dc3096dadf85
edda0f93d08cec001ae5318b2ad3bb2029b6d13684f2fe0ea695b3ba560b6d38
ee1386bedb462b955c227a70d912100ca6e6c7a71f7caca76b95c2648f94b9f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c0b481f97a8ebeee75690c5235e0a45c0658dd88d1325435026042fc4cc42
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
f3901cf4a72592458111bf765cc7a0fddd45fc18d0e85d5b3a52ce078d9f9c9f
f4ba2fba12feb37c18e6e88cffee2d9157108725c476e6b153fb4d4f5ad7692c
f541b09d3f169b333fecf7d94459e7ad60a4fe96e4d57dc794d26bc4d1087d84
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82552e9826700d3910287a32eea0ddef4aa0fc39d1d91a84f8b6538f9b845e9
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f92854412bfd9859858770aa385986604dd115ea5b46568bce2f5674cd398ebf
f96852d0b4e46507d54289bfe34041eddf3e546e154e26eea3045aa958d28403
faabf9ec248142e093f8ed4a4e823cbc42c09968ea89363118f9f73219348f9c

theordinary.com Open in urlscan Pro 104.19.145.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

96 %HTTPS

41 %IPv6

35 Domains

52 Subdomains

46 IPs

7 Countries

4766 kBTransfer

14233 kBSize

55 Cookies

4 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theordinary.com Open in urlscan Pro
104.19.145.121 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

96 %
HTTPS

41 %
IPv6

35
Domains

52
Subdomains

46
IPs

7
Countries

4766 kB
Transfer

14233 kB
Size

55
Cookies

160 HTTP transactions
2 data transactions