www.ninacloak.com Open in urlscan Pro
2606:4700::6811:e421 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ninacloak.com/
Effective URL:
https://www.ninacloak.com/
Submission: On December 12 via manual (December 12th 2020, 12:32:19 am UTC) from AU

Summary HTTP 143 Redirects Behaviour Indicators

Summary

This website contacted 47 IPs in 10 countries across 37 domains to perform 143 HTTP transactions. The main IP is 2606:4700::6811:e421, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ninacloak.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2020. Valid for: a year.

This is the only time www.ninacloak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700::68... 2606:4700::6811:e421	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	2606:4700::68... 2606:4700::6812:d31e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	65.9.68.7 65.9.68.7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
2	2.16.186.163 2.16.186.163	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 2	65.9.73.103 65.9.73.103	16509 (AMAZON-02) (AMAZON-02)
2	54.236.70.156 54.236.70.156	14618 (AMAZON-AES) (AMAZON-AES)
1 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
6	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.51.205.248 52.51.205.248	16509 (AMAZON-02) (AMAZON-02)
1 1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
3 4	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.203.182.162 18.203.182.162	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.106.231 35.156.106.231	16509 (AMAZON-02) (AMAZON-02)
1 2	18.192.150.244 18.192.150.244	16509 (AMAZON-02) (AMAZON-02)
2 2	65.9.73.61 65.9.73.61	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	54.93.159.18 54.93.159.18	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.157.13.124 35.157.13.124	16509 (AMAZON-02) (AMAZON-02)
1	52.52.67.9 52.52.67.9	16509 (AMAZON-02) (AMAZON-02)
1	52.5.0.90 52.5.0.90	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
5	54.91.31.243 54.91.31.243	14618 (AMAZON-AES) (AMAZON-AES)
143	47

6 2606:4700::6811:e421 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ninacloak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2606:4700::6812:d31e (United States)

ASN13335 (CLOUDFLARENET, US)

sources.aopcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.aopcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.7 (Seattle, United States)

ASN16509 (AMAZON-02, US)

2e3b618057a1.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.10.30 (Poland) 1 redirects

ASN203690 (RTB-HOUSE-ASH, US)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ash.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.163 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-163.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.73.103 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.70.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-70-156.compute-1.amazonaws.com

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:f03d:1fa::4000 (United Kingdom) 3 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.205.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-205-248.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.36 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.182.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-182-162.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.106.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.150.244 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-150-244.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.73.61 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.159.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-159-18.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.13.124 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.67.9 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-67-9.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.0.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-0-90.compute-1.amazonaws.com

bd80b02edbc148f6a91b138fa40e8525-2e3b618057a1.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.91.31.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-31-243.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	aopcdn.com sources.aopcdn.com ups.aopcdn.com	4 MB
11	forter.com 1 redirects 2e3b618057a1.cdn4.forter.com cdn9.forter.com cdn3.forter.com bd80b02edbc148f6a91b138fa40e8525-2e3b618057a1.cdn.forter.com cdn0.forter.com	64 KB
11	criteo.com 3 redirects sslwidget.criteo.com widget.us.criteo.com gum.criteo.com dis.criteo.com	7 KB
10	yahoo.com 4 redirects ups.analytics.yahoo.com ads.yahoo.com sp.analytics.yahoo.com	6 KB
6	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	4 KB
6	google.de ampcid.google.de www.google.de	923 B
6	google.com 1 redirects ampcid.google.com www.google.com	1 KB
6	ninacloak.com 1 redirects www.ninacloak.com	53 KB
5	googletagmanager.com www.googletagmanager.com	196 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
3	bing.com bat.bing.com c.bing.com	9 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1014 B
2	openx.net 1 redirects us-u.openx.net	351 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	taboola.com sync.taboola.com sync-t1.taboola.com	450 B
2	smaato.net 2 redirects s.ad.smaato.net	1 KB
2	3lift.com 1 redirects eb2.3lift.com	732 B
2	advertising.com 2 redirects pixel.advertising.com	710 B
2	livechatinc.com cdn.livechatinc.com secure.livechatinc.com	25 KB
2	creativecdn.com 1 redirects us.creativecdn.com ash.creativecdn.com	455 B
2	facebook.com www.facebook.com	400 B
2	facebook.net connect.facebook.net	92 KB
1	rlcdn.com idsync.rlcdn.com	285 B
1	postrelease.com jadserve.postrelease.com	536 B
1	teads.tv criteo-sync.teads.tv	170 B
1	media.net contextual.media.net	711 B
1	sharethrough.com match.sharethrough.com	262 B
1	pubmatic.com simage2.pubmatic.com	873 B
1	revcontent.com trends.revcontent.com	335 B
1	addthis.com cw.addthis.com	425 B
1	rubiconproject.com pixel.rubiconproject.com	787 B
1	turn.com 1 redirects d.turn.com	437 B
1	mediawallahscript.com partner.mediawallahscript.com	367 B
1	googleadservices.com www.googleadservices.com	12 KB
1	criteo.net static.criteo.net	12 KB
1	onesignal.com cdn.onesignal.com	3 KB
143	37

	Domain	Requested by
48	ups.aopcdn.com	www.ninacloak.com sources.aopcdn.com
11	sources.aopcdn.com	www.ninacloak.com sources.aopcdn.com
6	dis.criteo.com
6	www.ninacloak.com	1 redirects www.ninacloak.com sources.aopcdn.com
5	cdn0.forter.com
5	www.google.de	www.ninacloak.com
5	www.google.com	1 redirects www.ninacloak.com
5	www.googletagmanager.com	www.ninacloak.com www.googletagmanager.com
4	secure.adnxs.com	3 redirects
4	sp.analytics.yahoo.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	ads.yahoo.com	3 redirects
3	ups.analytics.yahoo.com	1 redirects
3	gum.criteo.com	2 redirects static.criteo.net
3	www.google-analytics.com	www.ninacloak.com www.google-analytics.com www.googletagmanager.com
2	x.bidswitch.net	1 redirects
2	us-u.openx.net	1 redirects
2	r.casalemedia.com	1 redirects
2	s.ad.smaato.net	2 redirects
2	eb2.3lift.com	1 redirects
2	pixel.advertising.com	2 redirects
2	cdn3.forter.com
2	cdn9.forter.com	1 redirects www.ninacloak.com
2	www.facebook.com	www.ninacloak.com
2	bat.bing.com	www.ninacloak.com
2	connect.facebook.net	www.ninacloak.com connect.facebook.net
1	idsync.rlcdn.com
1	bd80b02edbc148f6a91b138fa40e8525-2e3b618057a1.cdn.forter.com
1	sync-t1.taboola.com
1	jadserve.postrelease.com
1	criteo-sync.teads.tv
1	contextual.media.net
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.taboola.com
1	trends.revcontent.com
1	cw.addthis.com
1	pixel.rubiconproject.com
1	d.turn.com	1 redirects
1	c.bing.com
1	cm.g.doubleclick.net	1 redirects
1	partner.mediawallahscript.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	cdn.livechatinc.com	www.ninacloak.com
1	ash.creativecdn.com	www.ninacloak.com
1	us.creativecdn.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	2e3b618057a1.cdn4.forter.com	www.ninacloak.com
1	widget.us.criteo.com	www.ninacloak.com
1	sslwidget.criteo.com	1 redirects
1	ampcid.google.de	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	static.criteo.net	www.ninacloak.com
1	cdn.onesignal.com	www.ninacloak.com
143	55

This site contains no links.

Subject Issuer	Validity	Valid
www.ninacloak.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.aopcdn.com Encryption Everywhere DV TLS CA - G1	`2020-05-15` - `2021-05-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2020-10-27` - `2021-01-24`	3 months	crt.sh
*.cdn4.forter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-18` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
livechat.com DigiCert Secure Site ECC CA-1	`2020-07-16` - `2021-07-16`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
cdn9.forter.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
cdn3.forter.com DigiCert SHA2 Secure Server CA	`2019-03-24` - `2021-06-16`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
*.mediawallahscript.com Amazon	`2020-06-03` - `2021-07-03`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.cdn.forter.com DigiCert SHA2 Secure Server CA	`2020-09-18` - `2021-07-07`	10 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
cdn0.forter.com DigiCert SHA2 Secure Server CA	`2020-09-20` - `2021-06-13`	9 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.ninacloak.com/
Frame ID: 85ABA16EEE9DF2CF3CBD7424054D2249
Requests: 112 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.ninacloak.com
Frame ID: AEE873C2CBBE0806CB69C5A2287605D2
Requests: 1 HTTP requests in this frame

Frame: https://ash.creativecdn.com/tags?id=pr_T0GLykJOENhEGCpO6qGq_home&tc=1
Frame ID: 6A0FC8E94DE389A37F700E0757DB4D0C
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WlJ9aHR7YegdGBMpsbXrjK-6DpWL8LMbszoDEQ&verify=true
Frame ID: 299AB4DD20EFFBF9351B57EAE91EAE56
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.ninacloak.com/ HTTP 301
https://www.ninacloak.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

143
Requests

99 %
HTTPS

37 %
IPv6

37
Domains

55
Subdomains

47
IPs

10
Countries

4992 kB
Transfer

6834 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ninacloak.com/ HTTP 301
https://www.ninacloak.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://sslwidget.criteo.com/event?a=62945&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=ninacloak.com&dtycbr=93000 HTTP 302
https://widget.us.criteo.com/event?a=62945&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=ninacloak.com&dtycbr=93000

Request Chain 85

https://us.creativecdn.com/tags?id=pr_T0GLykJOENhEGCpO6qGq_home HTTP 302
https://ash.creativecdn.com/tags?id=pr_T0GLykJOENhEGCpO6qGq_home&tc=1

Request Chain 89

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754563760/?random=1607733121803&cv=9&fst=1607733121803&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dpage_view%3Becomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/754563760/?random=1607733121803&cv=9&fst=1607731200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dpage_view%3Becomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&is_vtc=1&random=2907117343&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/754563760/?random=1607733121803&cv=9&fst=1607731200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dpage_view%3Becomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&is_vtc=1&random=2907117343&resp=GooglemKTybQhCsO&ipr=y

Request Chain 103

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/2ceb529b6e4a2e2e6976e11b18a650b9a1ba9f592f8b4e33e9e2610ab7c1c011ac7f4bce641054e4d8f24bd5a478

Request Chain 106

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WlJ9aHR7YegdGBMpsbXrjK-6DpWL8LMbszoDEQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WlJ9aHR7YegdGBMpsbXrjK-6DpWL8LMbszoDEQ&verify=true

Request Chain 107

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay03andHcTNSN1llZ2RHQk1wc2JYcmpLLTZEcFZlNWVmajVNcDJDUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 112

https://secure.adnxs.com/setuid?entity=52&code=k-zD2WenR7YegdGBMpsbXrjK-6DpUsrRR9srwZ5w&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-zD2WenR7YegdGBMpsbXrjK-6DpUsrRR9srwZ5w%26seg%3D95287

Request Chain 113

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/YawycDWvCHOy1uENmuP7MCbtvjQgItiH/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=7374533929954724765

Request Chain 117

https://pixel.advertising.com/ups/55945/sync?uid=k-yjyt3nR7YegdGBMpsbXrjK-6DpXsvw1kbo26RQ&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-yjyt3nR7YegdGBMpsbXrjK-6DpXsvw1kbo26RQ&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-yjyt3nR7YegdGBMpsbXrjK-6DpXsvw1kbo26RQ&_origin=1&apid=UP740b4c6b-3c11-11eb-9f09-027a49f770de

Request Chain 118

https://eb2.3lift.com/xuid?mid=2711&xuid=k-_KbY-HR7YegdGBMpsbXrjK-6DpUjDrM2o2Ecyg&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-_KbY-HR7YegdGBMpsbXrjK-6DpUjDrM2o2Ecyg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 119

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-rjUsk3R7YegdGBMpsbXrjK-6DpUmlYuEO9jHVg HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-rjUsk3R7YegdGBMpsbXrjK-6DpUmlYuEO9jHVg&cookieCheck=1 HTTP 302
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=0d888e1a9716646e4809

Request Chain 121

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5VdM93R7YegdGBMpsbXrjK-6DpU9kvX7etSn-w HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5VdM93R7YegdGBMpsbXrjK-6DpU9kvX7etSn-w&C=1

Request Chain 122

https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-WM3uyXR7YegdGBMpsbXrjK-6DpUhz2LkQJ2sOQ&c=us HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-WM3uyXR7YegdGBMpsbXrjK-6DpUhz2LkQJ2sOQ&c=us

Request Chain 126

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-fDIHk3R7YegdGBMpsbXrjK-6DpV1MxI_KmMtlQ&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-fDIHk3R7YegdGBMpsbXrjK-6DpV1MxI_KmMtlQ&expires=30&user_group=5

Request Chain 131

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5060875964689263846

Request Chain 132

https://ads.yahoo.com/cms/v1?esig=2~d70585acac52c040f8b2016b9137859f8ce8814d&nwid=10022892938&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

Request Chain 134

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=HqBkbZHlDR1xOTYEoPBnHIsOtviWmQNP

Request Chain 136

https://ads.yahoo.com/cms/v1?esig=2~53ef8d479c22b2f64b38b7c8ed96f504cd8e84c6&nwid=10033892938&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

143 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ninacloak.com/
Redirect Chain

http://www.ninacloak.com/
https://www.ninacloak.com/

295 KB
34 KB

493ms
493ms

Document
text/html

2606:4700::6811:e421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e421 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57e9f67a8639356a91af0051be6d2af6ccede84e5a0f0f6e72c14c902070ffab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.ninacloak.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d74688af12cdaa4ed050d270b584a6dc31607733120; expires=Mon, 11-Jan-21 00:32:00 GMT; path=/; domain=.www.ninacloak.com; HttpOnly; SameSite=Lax; Secure locale=en; Path=/ ccy=USD; Path=/ _opu=op_dae4fd8e9d6c53e1_176545c8fc7_372d; Expires=Sun, 12-Dec-2021 00:32:00 GMT; Path=/ _opud=op_39e912599833b624_176545c8fc7_aa80; Expires=Sun, 13-Dec-2020 00:32:00 GMT; Path=/ _odevice=1349176919; Expires=Sun, 12-Dec-2021 00:32:00 GMT; Path=/
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 259200
access-control-allow-headers: X-Requested-With,X_Requested_With,Content-Type
x-frame-options: SAMEORIGIN
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-language: en
cf-cache-status: DYNAMIC
cf-request-id: 06f5f5a75b0000c2ea910df000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 600358855b16c2ea-FRA
content-encoding: br

Redirect headers

Date: Sat, 12 Dec 2020 00:32:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 12 Dec 2020 01:32:00 GMT
Location: https://www.ninacloak.com/
cf-request-id: 06f5f5a7470000e007d2b24000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 600358853df4e007-FRA

GET
H2 200 index-4da8f31f4b.css
sources.aopcdn.com/cloud/opShop/pc/css/ 173 KB
30 KB 35ms
27ms Stylesheet
text/css 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a354b9b5738305ab347b12621f8881e07cb080d6a402879f20b6586de040ca

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
x-oss-request-id: 5FBE080912A71A3131268C81
content-md5: xHbU4kFCc3JD9oquF4XBGg==
age: 1443704
cf-polished: origSize=179127
cf-cache-status: HIT
last-modified: Wed, 25 Nov 2020 06:46:13 GMT
cf-request-id: 06f5f5a9600000062162926000000001
x-oss-object-type: Normal
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 6003588899ce0621-FRA
x-oss-hash-crc64ecma: 17049701916424195591
x-oss-server-time: 3
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 vendor-b9c917faba.css
sources.aopcdn.com/cloud/opShop/pc/css/ 382 KB
51 KB 30ms
23ms Stylesheet
text/css 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/pc/css/vendor-b9c917faba.css
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6062cd053ac3ea85f42652b062a4dc58fff928007ca0876c5fb708a90af5f366

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
x-oss-request-id: 5FBE08094EA1213436019B37
content-md5: lFeuKOuP9aQPdxjMFnHBHw==
age: 1443704
cf-polished: origSize=396354
cf-cache-status: HIT
last-modified: Wed, 25 Nov 2020 06:46:13 GMT
cf-request-id: 06f5f5a9600000062165214000000001
x-oss-object-type: Normal
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 6003588899d10621-FRA
x-oss-hash-crc64ecma: 4819785297765561521
x-oss-server-time: 6
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 vendor-3d7a025d14.js Show response
sources.aopcdn.com/cloud/opShop/script/ 351 KB
96 KB 42ms
36ms Script
application/javascript 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/script/vendor-3d7a025d14.js
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79c244c2dffd8d31e2c77ee1dbd89f63ddef1b801122de6dcd4ac948005ee41

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
x-oss-request-id: 5FBE08098083E7383130F488
content-md5: PXoCXRQIbo3a5X2c3Jqtgg==
age: 1443704
cf-polished: origSize=358973
cf-cache-status: HIT
last-modified: Wed, 25 Nov 2020 06:46:10 GMT
cf-request-id: 06f5f5a9610000062172893000000001
x-oss-object-type: Normal
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 6003588899d20621-FRA
x-oss-hash-crc64ecma: 2894550267979828729
x-oss-server-time: 24
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-754563760

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb8e2720c4ad535c16449e687f8b128ec308f6f51006182f2381da58e6699668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38970
x-xss-protection: 0
last-modified: Sat, 12 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Dec 2020 00:32:01 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 55ms
35ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-582671134

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b6318d4d83ab0553d7947b5bd70849ef4a7906545c23a787679543d105499da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38969
x-xss-protection: 0
last-modified: Sat, 12 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Dec 2020 00:32:01 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 16ms
10ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3297
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 600358891dbf0601-FRA
cf-request-id: 06f5f5a9b30000060115bb8000000001
expires: Sat, 12 Dec 2020 12:32:01 GMT

GET
H2 200 index-0a7cff575d.js Show response
sources.aopcdn.com/cloud/opShop/script/ 72 KB
20 KB 26ms
20ms Script
application/javascript 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/script/index-0a7cff575d.js
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fad8c4f69d1ecaee7d69e909867929322c2c4dfb81ca74267756fb63d5a73790

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
x-oss-request-id: 5FC5FEFA269C563737674887
content-md5: 9NeRd1Lbr7KjHePi6hR2wQ==
age: 921735
cf-polished: origSize=74194
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2020 08:28:27 GMT
cf-request-id: 06f5f5a9610000062131154000000001
x-oss-object-type: Normal
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 6003588899d30621-FRA
x-oss-hash-crc64ecma: 14234042859869288340
x-oss-server-time: 5
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 i7eo.css
www.ninacloak.com/static/common/ 7 KB
5 KB 23ms
18ms Stylesheet
text/css 2606:4700::6811:e421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ninacloak.com/static/common/i7eo.css

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e421 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b439a0ecd90961b79a0dd82f61d6c78ce2152e23b30a4d558db97878963a6c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6059
cf-polished: origSize=7789
cf-request-id: 06f5f5a9610000c2ea4f22d000000001
last-modified: Thu, 10 Dec 2020 01:12:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 259200
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
expires: Sat, 12 Dec 2020 04:32:01 GMT
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 600358889db4c2ea-FRA
access-control-allow-headers: X-Requested-With,X_Requested_With,Content-Type
cf-bgj: minify

GET
H2 200 i7eo.js Show response
www.ninacloak.com/static/common/ 40 KB
13 KB 38ms
34ms Script
application/javascript 2606:4700::6811:e421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ninacloak.com/static/common/i7eo.js

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e421 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2826d00102708c5fd2a1a1701ed32905cd23a79b198c5d072751860a2ef7a89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6059
cf-polished: origSize=63104
cf-request-id: 06f5f5a9620000c2eac0bc7000000001
last-modified: Thu, 10 Dec 2020 01:12:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 259200
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
expires: Sat, 12 Dec 2020 04:32:01 GMT
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 600358889db6c2ea-FRA
access-control-allow-headers: X-Requested-With,X_Requested_With,Content-Type
cf-bgj: minify

GET
H2 200 1143ubf19275363c84c5380d906f6c4072a21.jpg
ups.aopcdn.com/s1013/common/18604/ 161 KB
161 KB 25ms
19ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143ubf19275363c84c5380d906f6c4072a21.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6fa72f9ba04bc017fc2d3a199e4096c1c0ac0f443c1d4faf8921dd566619a3

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FD33BD16135533633DCC028
content-md5: 7cwQHlcZSMVdxRZ66KaKyA==
age: 54192
cf-polished: origSize=206083, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 164395
cf-request-id: 06f5f5a9b40000062127231000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 08:06:52 GMT
server: cloudflare
etag: "EDCC101E571948C55DC5167AE8A68AC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358891a930621-FRA
x-oss-hash-crc64ecma: 858471982576202100
x-oss-server-time: 45
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 72u84e25909272d4f58afe46176d6d9a98b.png
ups.aopcdn.com/s1013/common/17977/ 6 KB
6 KB 23ms
17ms Image
image/png 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/17977/72u84e25909272d4f58afe46176d6d9a98b.png?150
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a39e48ce0eb0ef0fc7ba5b6a4458b3c2ea28f2f4ec5ce2f71da3b9bf474e871

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0817719F7732368A3B93
content-md5: GkBk7puf5ZFo9BDCdtrjCg==
age: 1443690
cf-polished: origSize=7989, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 5801
cf-request-id: 06f5f5a9b50000062102a6b000000001
x-oss-object-type: Normal
last-modified: Fri, 22 Mar 2019 04:02:59 GMT
server: cloudflare
etag: "1A4064EE9B9FE59168F410C276DAE30A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358891a950621-FRA
x-oss-hash-crc64ecma: 9867957575932512677
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ue04287d3e2ae49b7b96bb50b9be87198.jpg
ups.aopcdn.com/s1013/common/18565/ 23 KB
23 KB 20ms
14ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18565/78ue04287d3e2ae49b7b96bb50b9be87198.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8afa2c65faaf8f0fbcf9b9e49f73098583f5a25fdc8508e1ef01dc12d41c1c7

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E68719F7734317551B8
content-md5: E81NItZlQhU2chkJ4rUo4Q==
age: 1442073
cf-polished: origSize=24920, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 23126
cf-request-id: 06f5f5a9b400000621f81f0000000001
x-oss-object-type: Normal
last-modified: Fri, 30 Oct 2020 05:44:11 GMT
server: cloudflare
etag: "13CD4D22D665421536721909E2B528E1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358891a960621-FRA
x-oss-hash-crc64ecma: 2453806019582762980
x-oss-server-time: 3
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u6929f81584134ded834a86eacda19189.jpg
ups.aopcdn.com/s1013/common/18565/ 22 KB
23 KB 23ms
17ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18565/78u6929f81584134ded834a86eacda19189.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baad5e79748bf650e4e70ef9c84ceae3d8b787030ba10dd08f8cf53bd354d1ed

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E684EA121363036195D
content-md5: KFghOC938LFdzqyyZnWBug==
age: 1442073
cf-polished: origSize=24718, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 22999
cf-request-id: 06f5f5a9b40000062113950000000001
x-oss-object-type: Normal
last-modified: Fri, 30 Oct 2020 05:43:06 GMT
server: cloudflare
etag: "285821382F77F0B15DCEACB2667581BA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358891a970621-FRA
x-oss-hash-crc64ecma: 18176564734066235512
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78uf3588eb155be43569760670b830963fe.jpg
ups.aopcdn.com/s1013/common/18565/ 18 KB
19 KB 21ms
15ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18565/78uf3588eb155be43569760670b830963fe.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af056970ae98f2fa8762d4f582a27677daf8af4f5c7b3ac362cf57a2457f2ff

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6812A71A30361530A7
content-md5: HmPb9S942DD7uYBUdBTwLQ==
age: 1442073
cf-polished: origSize=19678, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 18611
cf-request-id: 06f5f5a9b4000006216b270000000001
x-oss-object-type: Normal
last-modified: Fri, 30 Oct 2020 05:45:17 GMT
server: cloudflare
etag: "1E63DBF52F78D830FBB980547414F02D"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358891a9a0621-FRA
x-oss-hash-crc64ecma: 82444761595365527
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ue657702820ae41fea9e7ec5eb297fcf8.gif
ups.aopcdn.com/s1013/common/18519/ 73 KB
73 KB 31ms
25ms Image
image/gif 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18519/78ue657702820ae41fea9e7ec5eb297fcf8.gif
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d68bf1f8510fef5f76139af954625e2f81dc1218fbd3d4bc8196294400ed6a

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E684EA1213433B4195D
content-md5: juSQNQbphgSUvxNb6RsG+g==
age: 1442072
cf-polished: status=not_needed
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 74594
cf-request-id: 06f5f5a9b700000621720af000000001
x-oss-object-type: Normal
last-modified: Mon, 14 Sep 2020 09:50:33 GMT
server: cloudflare
etag: "8EE4903506E9860494BF135BE91B06FA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358891a9b0621-FRA
x-oss-hash-crc64ecma: 15837034869699715038
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ud9cc947fc60e432e8828b3463d40f2e4.gif
ups.aopcdn.com/s1013/common/18519/ 76 KB
76 KB 20ms
15ms Image
image/gif 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18519/78ud9cc947fc60e432e8828b3463d40f2e4.gif
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5c44d38b168c082ac461cbf988a0e2bcaf38f4d63c523e7c36e40164178cd0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6924A34D3636B78B99
content-md5: n5hu0Nt/Q3zHmdpwXmBq/A==
age: 1442072
cf-polished: status=not_needed
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 77549
cf-request-id: 06f5f5a9ca0000062172899000000001
x-oss-object-type: Normal
last-modified: Mon, 14 Sep 2020 09:50:36 GMT
server: cloudflare
etag: "9F986ED0DB7F437CC799DA705E606AFC"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358894ae10621-FRA
x-oss-hash-crc64ecma: 4891255799627707545
x-oss-server-time: 2
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ub2d4785dca004b4e8bb9cb55d65f50ae.jpg
ups.aopcdn.com/s1013/common/18548/ 27 KB
27 KB 18ms
13ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18548/78ub2d4785dca004b4e8bb9cb55d65f50ae.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4da455f94b23c896d54c0b91b07bd6ee687ccc869044529c8a2086455185a472

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E694EA12134322E1C5D
content-md5: /m2GXYGn+NxOWKr2L6mLgA==
age: 1442072
cf-polished: origSize=29017, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 27200
cf-request-id: 06f5f5a9ca000006216292d000000001
x-oss-object-type: Normal
last-modified: Tue, 13 Oct 2020 10:04:08 GMT
server: cloudflare
etag: "FE6D865D81A7F8DC4E58AAF62FA98B80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358894ae20621-FRA
x-oss-hash-crc64ecma: 17564545636224758333
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78uce30f23f5e954c9986a804c52d7e1a02.jpg
ups.aopcdn.com/s1013/common/18548/ 6 KB
7 KB 16ms
13ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18548/78uce30f23f5e954c9986a804c52d7e1a02.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9594d5e3b1f424adf794018406be67067a1db987855bbda796a373a3602d17d

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E69719F773335F255B8
content-md5: /v5vdM7EzFAkiUqFaMflKA==
age: 1442072
cf-polished: origSize=7299, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 6373
cf-request-id: 06f5f5a9cb0000062117135000000001
x-oss-object-type: Normal
last-modified: Tue, 13 Oct 2020 10:28:42 GMT
server: cloudflare
etag: "FEFE6F74CEC4CC5024894A8568C7E528"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358894ae30621-FRA
x-oss-hash-crc64ecma: 15872888663648186284
x-oss-server-time: 4
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u09f9892a3eff4d52a4df59a489d77054.jpg
ups.aopcdn.com/s1013/common/18548/ 5 KB
6 KB 16ms
15ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18548/78u09f9892a3eff4d52a4df59a489d77054.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed20af77cb80ba7b82c98195f13148cb5a245d585c21aff71670c54d43abd84c

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E69719F773131DF56B8
content-md5: 3BnamKeImTl9yi12nauUUQ==
age: 1442072
cf-polished: origSize=6428, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 5565
cf-request-id: 06f5f5a9cb00000621479f2000000001
x-oss-object-type: Normal
last-modified: Tue, 13 Oct 2020 10:28:45 GMT
server: cloudflare
etag: "DC19DA98A78899397DCA2D769DAB9451"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358894ae50621-FRA
x-oss-hash-crc64ecma: 5408283664388091858
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u3d77d8a92fd94cb28256bcb862aeaae6.jpg
ups.aopcdn.com/s1013/common/18548/ 6 KB
6 KB 14ms
14ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18548/78u3d77d8a92fd94cb28256bcb862aeaae6.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3593ca5c5b1c2d4775dba75e81da8a7e754aa93bf487023dab86297ca8c5c2f4

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E695E5EEA393440C73F
content-md5: Cl7MhclxBec7UF/J3/TSLQ==
age: 1442072
cf-polished: origSize=7149, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 6250
cf-request-id: 06f5f5a9ce0000062127233000000001
x-oss-object-type: Normal
last-modified: Tue, 13 Oct 2020 10:08:32 GMT
server: cloudflare
etag: "0A5ECC85C97105E73B505FC9DFF4D22D"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358894ae90621-FRA
x-oss-hash-crc64ecma: 11397818812781558257
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ufff13ae6ba8347d5977ad052b6ddf760.jpg
ups.aopcdn.com/s1013/common/18548/ 6 KB
7 KB 48ms
48ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18548/78ufff13ae6ba8347d5977ad052b6ddf760.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7f6e458c98a3b08ae026f8a15800485854e81e71e04c35c9c416880a8e349c

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E698BA11E36357F87E8
content-md5: WFME5Ba8E4uTieKn3/1PSg==
age: 1442072
cf-polished: origSize=7529, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 6602
cf-request-id: 06f5f5a9d500000621f4b62000000001
x-oss-object-type: Normal
last-modified: Tue, 13 Oct 2020 10:28:48 GMT
server: cloudflare
etag: "585304E416BC138B9389E2A7DFFD4F4A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358895b0a0621-FRA
x-oss-hash-crc64ecma: 3218001894000055612
x-oss-server-time: 2
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u821ed60abd8d44559e4279fc09ba7328.jpg
ups.aopcdn.com/s1013/common/18519/ 62 KB
62 KB 74ms
69ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18519/78u821ed60abd8d44559e4279fc09ba7328.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7725cea8a1e90ff06b5a6481a1c8dfe341d81ad182390740a39428d5c6e654a6

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FD16F45EA9B0D313537FCAF
content-md5: xTH5poBa5c+pBqIV/WiyUw==
age: 172092
cf-polished: origSize=66730, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 63312
cf-request-id: 06f5f5a9f900000621528a1000000001
x-oss-object-type: Normal
last-modified: Mon, 14 Sep 2020 10:51:52 GMT
server: cloudflare
etag: "C531F9A6805AE5CFA906A215FD68B253"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bec0621-FRA
x-oss-hash-crc64ecma: 3600487182082755546
x-oss-server-time: 45
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u4d9202ca241a4502aac47a7eacf6bedd.jpg
ups.aopcdn.com/s1013/common/18519/ 45 KB
46 KB 72ms
71ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18519/78u4d9202ca241a4502aac47a7eacf6bedd.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71b83083b02082fc5dbc62a6288b3dac992aab808a4fd92fe1eec019ace5774

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6912A71A3936BB35A7
content-md5: WqjKrlDbOPc5xNkUFcX8dA==
age: 1442072
cf-polished: origSize=49633, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 46344
cf-request-id: 06f5f5a9fa000006210c891000000001
x-oss-object-type: Normal
last-modified: Mon, 14 Sep 2020 10:52:52 GMT
server: cloudflare
etag: "5AA8CAAE50DB38F739C4D91415C5FC74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bed0621-FRA
x-oss-hash-crc64ecma: 15282476604339145445
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ub854c15c529246bb859bef871ee255a1.jpg
ups.aopcdn.com/s1013/common/18519/ 58 KB
59 KB 71ms
70ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18519/78ub854c15c529246bb859bef871ee255a1.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42a170332cdbb575a8c3e7300e1c79bdbd978e18765f458b1d5633e6ecd6ecd9

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E699E0E753630020E30
content-md5: p6j+HlSSyqzi7ppfy3znuw==
age: 1442071
cf-polished: origSize=61741, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 59619
cf-request-id: 06f5f5a9fa000006216b276000000001
x-oss-object-type: Normal
last-modified: Mon, 14 Sep 2020 10:55:17 GMT
server: cloudflare
etag: "A7A8FE1E5492CAACE2EE9A5FCB7CE7BB"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bef0621-FRA
x-oss-hash-crc64ecma: 11070460395807404956
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ucf908ee033bc450bbfb6d75482f09ef0.jpg
ups.aopcdn.com/s1013/common/18507/ 11 KB
11 KB 65ms
63ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78ucf908ee033bc450bbfb6d75482f09ef0.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3665ef3cbe19ef16171874fe37b6cbdad1ad20a3af2d704797bfed06ec080454

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6912A71A38383836A7
content-md5: bWH1qRde7+idHNR4JDQihQ==
age: 1442071
cf-polished: origSize=12311, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 11337
cf-request-id: 06f5f5a9fb00000621f52d5000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:08:40 GMT
server: cloudflare
etag: "6D61F5A9175EEFE89D1CD47824342285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bf40621-FRA
x-oss-hash-crc64ecma: 15896827935013148581
x-oss-server-time: 16
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u81c88b02c8634a67bd6777bc9ec5b92e.jpg
ups.aopcdn.com/s1013/common/18507/ 13 KB
13 KB 14ms
12ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u81c88b02c8634a67bd6777bc9ec5b92e.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8f749fca5ea9e02270989853ad6543eb55a3f80b4343f6d014d5d7de999eef

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6924A34D37361B8F99
content-md5: 6ab6kNHa8KbGXrBuyZ9VUQ==
age: 1442071
cf-polished: origSize=14492, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 13285
cf-request-id: 06f5f5aa2b0000062143119000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:11:41 GMT
server: cloudflare
etag: "E9A6FA90D1DAF0A6C65EB06EC99F5551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 60035889dc7d0621-FRA
x-oss-hash-crc64ecma: 11442046486496075265
x-oss-server-time: 45
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ua943d309d5014e51a5a4e7c290b107ff.jpg
ups.aopcdn.com/s1013/common/18507/ 14 KB
15 KB 16ms
15ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78ua943d309d5014e51a5a4e7c290b107ff.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b239489375a819de17b84655eb1d7705dabd77d59bf8d231d42c998cbf6a9f07

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A9E0E753639650E30
content-md5: uoaL62AmgdyXeapQEN7lcA==
age: 1442071
cf-polished: origSize=15862, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 14688
cf-request-id: 06f5f5aa2b000006212216f000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:13:19 GMT
server: cloudflare
etag: "BA868BEB602681DC9779AA5010DEE570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 60035889dc7f0621-FRA
x-oss-hash-crc64ecma: 7021664953972351370
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u9f1a21cf504e43c8bc85aee120b2615d.jpg
ups.aopcdn.com/s1013/common/18507/ 11 KB
11 KB 15ms
14ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u9f1a21cf504e43c8bc85aee120b2615d.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ec2ad3cb8d73004fdfc565ef6348a85c8155d643fa5c91fab5f3bea5366757

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A9E0E753735731030
content-md5: 6NM9EpTQz0WNsVYy+7/mIQ==
age: 1442071
cf-polished: origSize=12187, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 11150
cf-request-id: 06f5f5aa2b000006210c894000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:19:46 GMT
server: cloudflare
etag: "E8D33D1294D0CF458DB15632FBBFE621"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 60035889dc800621-FRA
x-oss-hash-crc64ecma: 16851884900266784978
x-oss-server-time: 3
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ue308b598bba6477c96e4312b0f3e84c1.gif
ups.aopcdn.com/s1013/common/18519/ 33 KB
34 KB 13ms
13ms Image
image/gif 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18519/78ue308b598bba6477c96e4312b0f3e84c1.gif
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7a1ab867fdb3e3fdbf96d0a01693a332784e58172caba6528ce804d7f0cb3ff

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A5E5EEA38389ECC3F
content-md5: 87G9L8V0xDLVlDaIWg9gxA==
age: 1442071
cf-polished: origSize=34185, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 34177
cf-request-id: 06f5f5aa2b00000621fd330000000001
x-oss-object-type: Normal
last-modified: Mon, 14 Sep 2020 10:39:49 GMT
server: cloudflare
etag: "F3B1BD2FC574C432D59436885A0F60C4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 60035889dc810621-FRA
x-oss-hash-crc64ecma: 6810734353096043005
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u6895e45813154fae9e77a79f49bbccd9.jpg
ups.aopcdn.com/s1013/common/18519/ 34 KB
34 KB 16ms
14ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18519/78u6895e45813154fae9e77a79f49bbccd9.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 235a7f4988dc549f40dfa09a802f4695fe9b3c0566240652e3b11ce57f662ced

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A4EA121333787215D
content-md5: Z4H0H7bL5LMwZ2erI4QUNw==
age: 1442071
cf-polished: origSize=36643, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 34438
cf-request-id: 06f5f5aa3b000006211e3c0000000001
x-oss-object-type: Normal
last-modified: Mon, 14 Sep 2020 10:43:15 GMT
server: cloudflare
etag: "6781F41FB6CBE4B3306767AB23841437"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 60035889fc9b0621-FRA
x-oss-hash-crc64ecma: 11587920840821568306
x-oss-server-time: 3
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u6ec095e76b36468ca1c642e84bdedb86.jpg
ups.aopcdn.com/s1013/common/18529/ 37 KB
38 KB 14ms
14ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18529/78u6ec095e76b36468ca1c642e84bdedb86.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3da6ee431ce0ba9c023f635279667388dbc5855e9344a9f1f8cbc30685955cd8

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A24A34D34381E9299
content-md5: rOMX/Lj/NsBIc9FbsdUs2w==
age: 1442071
cf-polished: origSize=40349, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 38012
cf-request-id: 06f5f5aa3b000006212723c000000001
x-oss-object-type: Normal
last-modified: Thu, 24 Sep 2020 10:21:24 GMT
server: cloudflare
etag: "ACE317FCB8FF36C04873D15BB1D52CDB"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 60035889fc9c0621-FRA
x-oss-hash-crc64ecma: 17470444470813123239
x-oss-server-time: 11
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143u6646817473c3451c9d5f3a1681b7c5b5.jpg
ups.aopcdn.com/s1013/common/18575/ 47 KB
48 KB 16ms
15ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18575/1143u6646817473c3451c9d5f3a1681b7c5b5.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008c05738e583f4d704ebbd5d22f76a2a23322a2491829952e0518edf5cd4a2b

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A4EA1213433A5225D
content-md5: ZQw+sdu9zaDtEjTeCEoC5A==
age: 1442071
cf-polished: origSize=49653, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 48329
cf-request-id: 06f5f5aa3b00000621728a3000000001
x-oss-object-type: Normal
last-modified: Mon, 09 Nov 2020 07:29:12 GMT
server: cloudflare
etag: "650C3EB1DBBDCDA0ED1234DE084A02E4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 60035889fc9e0621-FRA
x-oss-hash-crc64ecma: 12564741050553136143
x-oss-server-time: 2
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u89a82f642a91492a98ddc0a8bd17cc5c.jpg
ups.aopcdn.com/s1013/common/18507/ 22 KB
23 KB 16ms
16ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u89a82f642a91492a98ddc0a8bd17cc5c.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fec788786d895ac07ab3fb3f341a9e86773c4d0a2b17620f0cd68163fc25bf3

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A8083E73835ACCBAE
content-md5: FNgqz3OH9IE7Aeuzo5XffA==
age: 1442071
cf-polished: origSize=24369, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 22774
cf-request-id: 06f5f5aa3c000006216a086000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:36:59 GMT
server: cloudflare
etag: "14D82ACF7387F4813B01EBB3A395DF7C"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 60035889fc9f0621-FRA
x-oss-hash-crc64ecma: 1997347855533705634
x-oss-server-time: 26
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u88be1d05e8164c3a9cbe94f2510debde.jpg
ups.aopcdn.com/s1013/common/18507/ 19 KB
20 KB 16ms
15ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u88be1d05e8164c3a9cbe94f2510debde.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f079cc293009ee3adc0a67500e0f474c55d8f8e8b47f6ef42094bc9a8fc5ade

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A8083E7383739CCAE
content-md5: 4jAzfMiYLCLHo1aJzp/sGA==
age: 1442071
cf-polished: origSize=21188, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 19764
cf-request-id: 06f5f5aa490000062128982000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:30:44 GMT
server: cloudflare
etag: "E230337CC8982C22C7A35689CE9FEC18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a0cc20621-FRA
x-oss-hash-crc64ecma: 6495588506595103694
x-oss-server-time: 2
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u160e203ecef94e82881da24b61d23e60.jpg
ups.aopcdn.com/s1013/common/18507/ 16 KB
16 KB 16ms
15ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u160e203ecef94e82881da24b61d23e60.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f58b69c0c71b2737b87cd33da2281bbe123a48a41a5859ca621a81f1d500ec

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6A269C563834A11EA6
content-md5: 1HqiklBD3jJhCZLURYnmOA==
age: 1442071
cf-polished: origSize=17236, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 15994
cf-request-id: 06f5f5aa490000062108a7d000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:32:40 GMT
server: cloudflare
etag: "D47AA2925043DE32610992D44589E638"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a0cc50621-FRA
x-oss-hash-crc64ecma: 9121055803301403494
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78udc3134a6142745d392ea205d9967da84.jpg
ups.aopcdn.com/s1013/common/18507/ 19 KB
20 KB 14ms
13ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78udc3134a6142745d392ea205d9967da84.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857f589521d59aa4fd898ba944d84e9b0f07b69612018d8f611d2616c10c500d

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B269C5638349220A6
content-md5: 6zAymcS1wRzSa08RZLiznA==
age: 1442070
cf-polished: origSize=20995, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 19689
cf-request-id: 06f5f5aa4a00000621509f5000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:34:15 GMT
server: cloudflare
etag: "EB303299C4B5C11CD26B4F1164B8B39C"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a0ccc0621-FRA
x-oss-hash-crc64ecma: 14954814659664250377
x-oss-server-time: 2
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78uab79bf7dce2e47bf81c35a5f12b99944.jpg
ups.aopcdn.com/s1013/common/18507/ 47 KB
47 KB 17ms
17ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78uab79bf7dce2e47bf81c35a5f12b99944.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1dd391a09780bec623e664b1e83c2438ae98869cc18a69c61483b3dc0cd637

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B4EA12134369A265D
content-md5: fW1G8JEqrgLISZ2n/UMNpw==
age: 1442070
cf-polished: origSize=51844, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 48177
cf-request-id: 06f5f5aa50000006216b27b000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 09:23:40 GMT
server: cloudflare
etag: "7D6D46F0912AAE02C8499DA7FD430DA7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a1cd50621-FRA
x-oss-hash-crc64ecma: 4051328981868985928
x-oss-server-time: 27
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78uf44817e584c840368b314ec38139e0c7.jpg
ups.aopcdn.com/s1013/common/18507/ 15 KB
15 KB 15ms
14ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78uf44817e584c840368b314ec38139e0c7.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cd3c29623208e12c535ad6bb8ab30207628dc3a7f15c25458507f5dc6e0005a

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6BEA9B0D32358EBAC5
content-md5: 7YsRiK+KO2w6imA/tKX5ng==
age: 1442070
cf-polished: origSize=16605, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 15340
cf-request-id: 06f5f5aa5900000621f4b6b000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 09:11:47 GMT
server: cloudflare
etag: "ED8B1188AF8A3B6C3A8A603FB4A5F99E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a2cea0621-FRA
x-oss-hash-crc64ecma: 16274955599205860485
x-oss-server-time: 27
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u84505e80ceb84680b4d61ee5dc4746a7.jpg
ups.aopcdn.com/s1013/common/18507/ 26 KB
27 KB 17ms
16ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u84505e80ceb84680b4d61ee5dc4746a7.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8beb01839e0cecf3e3194c0cbc3ad7fc13478d1be28db4b2bbf0a47347f67ad4

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B12A71A30316A3EA7
content-md5: flkrat8SUSyojcbZKTFpdQ==
age: 1442070
cf-polished: origSize=28923, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 27011
cf-request-id: 06f5f5aa5f0000062158adc000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 09:12:45 GMT
server: cloudflare
etag: "7E592B6ADF12512CA88DC6D929316975"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a3cf40621-FRA
x-oss-hash-crc64ecma: 8047416487576193709
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u2d55c1a0226a4b2cb18383caec5fe0a0.jpg
ups.aopcdn.com/s1013/common/18507/ 19 KB
19 KB 16ms
16ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u2d55c1a0226a4b2cb18383caec5fe0a0.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6be8510307346a53d6f3dc1ffb55a48469c7533d57bb282d973b5062838f268

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B269C5638379921A6
content-md5: wyP6e6E1WZ7Ugs/5rVIDlQ==
age: 1442070
cf-polished: origSize=21226, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 19507
cf-request-id: 06f5f5aa60000006216a087000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 08:57:15 GMT
server: cloudflare
etag: "C323FA7BA135599ED482CFF9AD520395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a3cf50621-FRA
x-oss-hash-crc64ecma: 11521724306390382449
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u975008a7b4e54033a7116a7d8b8083aa.jpg
ups.aopcdn.com/s1013/common/18507/ 26 KB
26 KB 15ms
15ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u975008a7b4e54033a7116a7d8b8083aa.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 008995c8e445e6af3940b9f822564586b6e9f6556b9866f029e650d1d1327c9e

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B12A71A3932A43EA7
content-md5: bcNRvNUG8zFBbtnDKVnZYg==
age: 1442070
cf-polished: origSize=27897, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 26150
cf-request-id: 06f5f5aa6200000621728a5000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 09:14:23 GMT
server: cloudflare
etag: "6DC351BCD506F331416ED9C32959D962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a3cf70621-FRA
x-oss-hash-crc64ecma: 10833030468221169064
x-oss-server-time: 31
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u9182a00dd85c484fac8656433c3aaf9b.jpg
ups.aopcdn.com/s1013/common/18507/ 48 KB
48 KB 15ms
15ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78u9182a00dd85c484fac8656433c3aaf9b.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86331684b37b51e65d18c1b1cc5956e5b2b2eadca0e9a7e0fe95fe4bcc5111eb

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6BEA9B0D3238D8BCC5
content-md5: VSVPswV62/mTGrU4o2JKKw==
age: 1442070
cf-polished: origSize=52001, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 48716
cf-request-id: 06f5f5aa6a000006214311e000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 09:43:12 GMT
server: cloudflare
etag: "55254FB3057ADBF9931AB538A3624A2B"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a4d020621-FRA
x-oss-hash-crc64ecma: 1357416634263168432
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78ubc9c7d6f8bf94dd4964a8f7725a64bd6.jpg
ups.aopcdn.com/s1013/common/18507/ 26 KB
26 KB 25ms
24ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78ubc9c7d6f8bf94dd4964a8f7725a64bd6.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d9cae9db6fe1b355f94c6013467e2082b95bc2365949681783d1f687f8f429e

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B8BA11E33324694E8
content-md5: CBZNDgl81qiDKCChMpVwkw==
age: 1442070
cf-polished: origSize=28525, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 26442
cf-request-id: 06f5f5aa720000062125965000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 09:28:48 GMT
server: cloudflare
etag: "08164D0E097CD6A8832820A132957093"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a4d130621-FRA
x-oss-hash-crc64ecma: 16951394418452668861
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78uc41fc69a0b204735a944504a67289da3.jpg
ups.aopcdn.com/s1013/common/18507/ 33 KB
34 KB 28ms
27ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18507/78uc41fc69a0b204735a944504a67289da3.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a80100522e57aeed99b49b1fc8d4a506157117b1f2ce567d2a133dacedf9e1

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B719F773131DC63B8
content-md5: klsgVAumFW2IzPgCw/ekFA==
age: 1442070
cf-polished: origSize=36592, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 34138
cf-request-id: 06f5f5aa720000062102a7c000000001
x-oss-object-type: Normal
last-modified: Wed, 02 Sep 2020 09:32:18 GMT
server: cloudflare
etag: "925B20540BA6156D88CCF802C3F7A414"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a4d150621-FRA
x-oss-hash-crc64ecma: 7263357842449713187
x-oss-server-time: 19
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u82cfe994ee89438d95ffd6052ba6d053.jpg
ups.aopcdn.com/s1013/common/18561/ 27 KB
28 KB 17ms
16ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18561/78u82cfe994ee89438d95ffd6052ba6d053.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3695cc9a746d19d2fe3f3b0c2510f4e114c28d9d869791bbc93640ecc6b0990

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B4EA12133322E2A5D
content-md5: 2YtWZVOU0eMtam5yt40qkg==
age: 1442070
cf-polished: origSize=29544, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 27845
cf-request-id: 06f5f5aa7200000621f4b6d000000001
x-oss-object-type: Normal
last-modified: Mon, 26 Oct 2020 09:45:15 GMT
server: cloudflare
etag: "D98B56655394D1E32D6A6E72B78D2A92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a4d170621-FRA
x-oss-hash-crc64ecma: 8034537898231944464
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 78u139f907dbf4948ad9e8294f508c355dd.jpg
ups.aopcdn.com/s1013/common/18561/ 25 KB
25 KB 35ms
35ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18561/78u139f907dbf4948ad9e8294f508c355dd.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f368b9bd8b690454413a9c2159322abafda8dd6d6197481b7f68b7b16085a509

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E6B6135533834562EDE
content-md5: IpmGfpt7oIjOoNa4NkIvWQ==
age: 1442070
cf-polished: origSize=27471, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 25651
cf-request-id: 06f5f5aa7b00000621728a7000000001
x-oss-object-type: Normal
last-modified: Mon, 26 Oct 2020 09:58:03 GMT
server: cloudflare
etag: "2299867E9B7BA088CEA0D6B836422F59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a5d340621-FRA
x-oss-hash-crc64ecma: 10736419744156792813
x-oss-server-time: 3
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143u0fe3b6aba7f94d1d925a569dde8fefc3.jpg
ups.aopcdn.com/s1013/common/18604/ 707 KB
708 KB 44ms
40ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143u0fe3b6aba7f94d1d925a569dde8fefc3.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b86eac98e04ec905875f9bcbbd9a9e8af9ed5057193f7fbe62c8a77fae31a19

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FD33BD16135533737F6C228
content-md5: sI7BEkIJFjtrPxk9uEYo3A==
age: 54192
cf-polished: origSize=796045, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 723857
cf-request-id: 06f5f5a9f9000006210f031000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 03:27:38 GMT
server: cloudflare
etag: "B08EC1124209163B6B3F193DB84628DC"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bea0621-FRA
x-oss-hash-crc64ecma: 17007337539201665093
x-oss-server-time: 47
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143u82a546f849a8413f8a90f6dac1f5e399.png
ups.aopcdn.com/s1013/common/18604/ 257 KB
257 KB 46ms
46ms Image
image/png 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143u82a546f849a8413f8a90f6dac1f5e399.png
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be483d1b4e0011db3b0199a9a9fa9443cf842390dfa6d51a413fed4ec044e610

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FCF364B12A71A313039BC50
content-md5: OMGkLdwygU+dA1OoseEONw==
age: 317749
cf-polished: origSize=264903, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 262995
cf-request-id: 06f5f5a9fc000006211cb3b000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 03:34:13 GMT
server: cloudflare
etag: "38C1A42DDC32814F9D0353A8B1E10E37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896c000621-FRA
x-oss-hash-crc64ecma: 5371012799123834155
x-oss-server-time: 23
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143u47eddf358eca46b3b255a218c3876a0f.png
ups.aopcdn.com/s1013/common/18604/ 355 KB
355 KB 25ms
25ms Image
image/png 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143u47eddf358eca46b3b255a218c3876a0f.png
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7aa9df1445419914d34264dc1fb067a4db7840ad4c09313da918b40fb100dbb

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FD33BD112A71A3933A0E4FC
content-md5: mrcsRRw+tCL/NkcAnpRvkg==
age: 54192
cf-polished: origSize=371341, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 363359
cf-request-id: 06f5f5a9fb00000621f81f9000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 03:40:25 GMT
server: cloudflare
etag: "9AB72C451C3EB422FF3647009E946F92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bf90621-FRA
x-oss-hash-crc64ecma: 1019376155125352888
x-oss-server-time: 38
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143u7f6b6254a8974510b49745a5e49cce3f.png
ups.aopcdn.com/s1013/common/18604/ 120 KB
120 KB 46ms
45ms Image
image/png 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143u7f6b6254a8974510b49745a5e49cce3f.png
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b8097f606b9e4539deccabe916824f7558e379f34951b76aea3e012543dd3b8

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FD33BD16135533635F7C228
content-md5: jOo5VHRAapoV8I3XVyqLUw==
age: 54192
cf-polished: origSize=123361, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 122412
cf-request-id: 06f5f5a9fc000006214c3b1000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 03:43:39 GMT
server: cloudflare
etag: "8CEA395474406A9A15F08DD7572A8B53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896c020621-FRA
x-oss-hash-crc64ecma: 1538176361548458684
x-oss-server-time: 125
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143u1dd225045c7e4412abeda214cf27141f.png
ups.aopcdn.com/s1013/common/18604/ 471 KB
472 KB 44ms
44ms Image
image/png 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143u1dd225045c7e4412abeda214cf27141f.png
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2f4afa534a9d8a642316f47626258e9a713cb8f223baed57638f4bd8f8b8a4

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FCF364C12A71A3037B8BC50
content-md5: T134NV1CymRW8Da/fUELng==
age: 317749
cf-polished: origSize=490100, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 482052
cf-request-id: 06f5f5a9fb00000621720b8000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 03:46:18 GMT
server: cloudflare
etag: "4F5DF8355D42CA6456F036BF7D410B9E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bf60621-FRA
x-oss-hash-crc64ecma: 9292916824381042561
x-oss-server-time: 75
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143uba4cf868453d4b45a1e4a882a6221690.png
ups.aopcdn.com/s1013/common/18604/ 590 KB
591 KB 47ms
46ms Image
image/png 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143uba4cf868453d4b45a1e4a882a6221690.png
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c56b62a0bf4c08024f7b23f266c1526e39e0d10f58155488b5afb5bd679e5c5c

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FD33BD19E0E753832C5677E
content-md5: 4GSykDNld/0+Fbr99sIfKw==
age: 54192
cf-polished: origSize=605505, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 604556
cf-request-id: 06f5f5a9fc0000062148a54000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 03:51:58 GMT
server: cloudflare
etag: "E064B290336577FD3E15BAFDF6C21F2B"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bf80621-FRA
x-oss-hash-crc64ecma: 14097719469610802401
x-oss-server-time: 68
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143ua4169f6d72ad476a97bbae2efd1c1b7a.jpg
ups.aopcdn.com/s1013/common/18604/ 62 KB
62 KB 46ms
45ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143ua4169f6d72ad476a97bbae2efd1c1b7a.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 760be25d91413396bab6dcc3b253208a716c91e8e040efae6e120a10691abfd6

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FD33BD1719F773431D0920B
content-md5: jQItSgbz3Rv81M6x8DXdcA==
age: 54192
cf-polished: origSize=70222, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 63562
cf-request-id: 06f5f5a9fb00000621479fb000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 03:59:05 GMT
server: cloudflare
etag: "8D022D4A06F3DD1BFCD4CEB1F035DD70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bfb0621-FRA
x-oss-hash-crc64ecma: 14850679192792875624
x-oss-server-time: 34
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 1143u09ecadf5757f496395972b6acd52e5cf.jpg
ups.aopcdn.com/s1013/common/18604/ 265 KB
266 KB 52ms
51ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143u09ecadf5757f496395972b6acd52e5cf.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3449da9ea0fc1f7cbef1a3b74d69489fd77ba50b2543c6baed31c0cfc16d224b

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FCF364C24A34D34369A3E44
content-md5: iVpamNXXC9yTMWi1CsTILw==
age: 317749
cf-polished: origSize=287609, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 271281
cf-request-id: 06f5f5a9ff0000062156322000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 05:34:03 GMT
server: cloudflare
etag: "895A5A98D5D70BDC933168B50AC4C82F"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358896bfd0621-FRA
x-oss-hash-crc64ecma: 12764884360080001744
x-oss-server-time: 21
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 credit_card2-1988e566f9.png
sources.aopcdn.com/cloud/default/images/ 16 KB
16 KB 18ms
16ms Image
image/webp 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sources.aopcdn.com/cloud/default/images/credit_card2-1988e566f9.png
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57609ba8cb55eb86ba52d15cf7d61b0b3723bc28175dc5d74694a76a5e3e233e

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FC9B3A59E0E753636F3CAC0
content-md5: GYjlZvlhU5+YAggQMXLahg==
age: 678876
cf-polished: origFmt=png, origSize=39715
cf-cache-status: HIT
content-disposition: inline; filename="credit_card2-1988e566f9.webp"
content-length: 16000
cf-request-id: 06f5f5a9b5000006214011b000000001
x-oss-object-type: Normal
last-modified: Thu, 03 Dec 2020 07:56:08 GMT
server: cloudflare
etag: "1988E566F961539F980208103172DA86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 12 Jan 2021 00:32:01 GMT
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358891a9d0621-FRA
x-oss-hash-crc64ecma: 13209857298693110632
x-oss-server-time: 2
cf-bgj: imgq:100,h2pri

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 39ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 13:03:43 GMT
server: nginx
etag: W/"5f5f6a2f-90a2"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 13 Dec 2020 00:32:01 GMT

GET
H2 200 op-analytics-bff0c71f14.js Show response
sources.aopcdn.com/cloud/default/script-pc/ 5 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/default/script-pc/op-analytics-bff0c71f14.js
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c12821150fbccd90c95f7197c50844bb23717ad641407d7c42a6c3edf9f0a3

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
x-oss-request-id: 5FBE080512A71A3934017781
content-md5: v/DHHxTSG7c/uuOstbylsQ==
age: 1443707
cf-cache-status: HIT
last-modified: Wed, 25 Nov 2020 06:46:08 GMT
cf-request-id: 06f5f5a99300000621fa320000000001
x-oss-object-type: Normal
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 60035888ea440621-FRA
x-oss-hash-crc64ecma: 2111129783365124007
x-oss-server-time: 3
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2485
date: Fri, 11 Dec 2020 23:50:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 12 Dec 2020 01:50:36 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 79 KB
30 KB 53ms
37ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGJPDTP

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d093cab6867ceb3665eedc6609b8a234ccf54f912722961a473b8aa303d0879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31158
x-xss-protection: 0
last-modified: Sat, 12 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Dec 2020 00:32:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-xss-protection: 0
pragma: public
x-fb-debug: haeSX2p7k1R2/WzYLr4Z3yPEm7frVZbtQtWYUIEJjYp1KWxlEjNC9ioVPSObn3byChGPwnVZ4Riqx0ecDyPlgQ==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Sat, 12 Dec 2020 00:32:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1143ua8b683083c3f47c7a8374106ee5f764e.jpg
ups.aopcdn.com/s1013/common/18604/ 97 KB
98 KB 24ms
23ms Image
image/jpeg 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18604/1143ua8b683083c3f47c7a8374106ee5f764e.jpg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904f8d2f93a047dce413e9f61d24c5abf495ed9991cccc7a72fdb5603d31f0f2

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FCF364461355336335CC67C
content-md5: dM06YnuQE0RH8YlkMNSdQA==
age: 317757
cf-polished: origSize=118334, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 99777
cf-request-id: 06f5f5a9bc000006213b9a5000000001
x-oss-object-type: Normal
last-modified: Tue, 08 Dec 2020 08:13:59 GMT
server: cloudflare
etag: "74CD3A627B90134447F1896430D49D40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358892aba0621-FRA
x-oss-hash-crc64ecma: 16003232113893503684
x-oss-server-time: 2
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 currencyLang-526b46b4dc.png
sources.aopcdn.com/cloud/opShop/images/ 31 KB
31 KB 14ms
13ms Image
image/webp 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sources.aopcdn.com/cloud/opShop/images/currencyLang-526b46b4dc.png
Requested by: Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2bdd4ccbc25d615fc887fe43a4148239c7e75cc99c9913e5c231f13d06b82a

Request headers

Referer: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FD293CA269C5637391E126D
content-md5: UmtGtNzLd1zsNa9y1sjNCw==
age: 97207
cf-polished: origFmt=png, origSize=34781
cf-cache-status: HIT
content-disposition: inline; filename="currencyLang-526b46b4dc.webp"
content-length: 31442
cf-request-id: 06f5f5a9bb0000062176b69000000001
x-oss-object-type: Normal
last-modified: Thu, 10 Dec 2020 09:14:57 GMT
server: cloudflare
etag: "526B46B4DCCB775CEC35AF72D6C8CD0B"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 12 Jan 2021 00:32:01 GMT
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358892ab90621-FRA
x-oss-hash-crc64ecma: 15547061298182206180
x-oss-server-time: 1
cf-bgj: imgq:100,h2pri

GET
H2 200 NotoSans-Regular-81a8568cac.woff2
sources.aopcdn.com/cloud/opShop/pc/fonts/ 115 KB
116 KB 19ms
18ms Font
application/octet-stream 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/pc/fonts/NotoSans-Regular-81a8568cac.woff2
Requested by: Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ead29aeed6c8e27fe8958ac49637d8332e5e79f71b4e03543ffb33d573ea9a8

Request headers

Origin: https://www.ninacloak.com
Referer: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE0E64EA9B0D31369094C5
content-md5: C9L9Le64i1+zODpmfvKNLA==
age: 1442077
cf-cache-status: HIT
content-length: 118220
cf-request-id: 06f5f5a9b600002bc69ab7b000000001
x-oss-object-type: Normal
last-modified: Tue, 14 Apr 2020 13:41:44 GMT
server: cloudflare
etag: "0BD2FD2DEEB88B5FB3383A667EF28D2C"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 600358892af72bc6-FRA
x-oss-hash-crc64ecma: 18394001928825784870
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 icon-search-e6e3f31fd1.svg
sources.aopcdn.com/cloud/opShop/images/ 797 B
759 B 23ms
19ms Image
image/svg+xml 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sources.aopcdn.com/cloud/opShop/images/icon-search-e6e3f31fd1.svg
Requested by: Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ddff9611a19127864bb3f767bcc5b94a7f7cc454e674bf4f4ef2ac0d6778f67

Request headers

Referer: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
x-oss-request-id: 5FBE08098083E739308DF688
content-md5: 5uPzH9GkKBzt4FeqaM0BPw==
age: 1443704
cf-cache-status: HIT
cf-request-id: 06f5f5a9ca0000062106335000000001
x-oss-object-type: Normal
last-modified: Wed, 25 Nov 2020 06:46:10 GMT
server: cloudflare
etag: W/"E6E3F31FD1A4281CEDE057AA68CD013F"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 600358894ade0621-FRA
x-oss-hash-crc64ecma: 5574513850971279347
x-oss-server-time: 15
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 icon-close-2c35f757a2.svg
sources.aopcdn.com/cloud/opShop/images/ 2 KB
1 KB 16ms
12ms Image
image/svg+xml 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sources.aopcdn.com/cloud/opShop/images/icon-close-2c35f757a2.svg
Requested by: Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a7462be5298a96296f5eef63e39fff8a7d4adbc109794c144976860f193929

Request headers

Referer: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
x-oss-request-id: 5FBE0809719F7731305FE792
content-md5: LDX3V6JcGhtILydE2dcKAA==
age: 1443704
cf-cache-status: HIT
cf-request-id: 06f5f5a9ca0000062137a9f000000001
x-oss-object-type: Normal
last-modified: Wed, 25 Nov 2020 06:46:10 GMT
server: cloudflare
etag: W/"2C35F757A25C1A1B482F2744D9D70A00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 600358894ae00621-FRA
x-oss-hash-crc64ecma: 14896798593729343591
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a8b77ab352a45b7838efd3df7ec52251e0f8763fcf78c715690efae5fe079e5

Request headers

Origin: https://www.ninacloak.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
161 B 13ms
13ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ninacloak.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 2291125804477058 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2291125804477058?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1a40621372e5a6303e9f0ed54800850834c1ba212b43449660e74f932ee12f0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70210
x-fb-rlafr: 0
pragma: public
x-fb-debug: IGi6zUGV4SoNzWMQpE8uy6tho9O/LPdOLN4HwkiR5DX7faON/7RAFTvcluYVoytKkW8ZpMJGYCvnSarBIi0mcg==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 12 Dec 2020 00:32:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 362709452
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 33ms
33ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-754563760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

4a5c6bbe25f10b8c56a9d58bb7a3a957992fc1800b633dd010df58b55f558dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12179
x-xss-protection: 0
server: cafe
etag: 494165680877134304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 12 Dec 2020 00:32:01 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-582671134&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-754563760

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37e4e24ceb5722204fea1962745f4af68245a5a04ff5070160b45833fef3d7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38984
x-xss-protection: 0
last-modified: Sat, 12 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Dec 2020 00:32:01 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
90 B 14ms
12ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ninacloak.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 1143u423090fb45ef4fc78f4289eb2650b553.png
ups.aopcdn.com/s1013/common/18603/ 2 KB
2 KB 16ms
16ms Image
image/png 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s1013/common/18603/1143u423090fb45ef4fc78f4289eb2650b553.png
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59af659bf2b3c887db08b6f79155e9bdc7ddfd30367d8227c34ee35ee755c5e3

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FCF329C6135533637CC2368
content-md5: NPFDHkCRAYHttX83T2P/aw==
age: 318692
cf-polished: origSize=2820, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 1793
cf-request-id: 06f5f5aa51000006210c896000000001
x-oss-object-type: Normal
last-modified: Mon, 07 Dec 2020 10:32:31 GMT
server: cloudflare
etag: "34F1431E40910181EDB57F374F63FF6B"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a1cd90621-FRA
x-oss-hash-crc64ecma: 11565859977722228985
x-oss-server-time: 2
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 38u62522d8d1b254d6fa76e6418f8999367.png
ups.aopcdn.com/s167/common/18183/ 166 B
529 B 13ms
13ms Image
image/png 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s167/common/18183/38u62522d8d1b254d6fa76e6418f8999367.png
Requested by: Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8938bb56c608f8f5e6b7c5a79a33856cec5b93c4073563db7f2db5830a3be30b

Request headers

Referer: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4da8f31f4b.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
x-oss-request-id: 5FBE08058BA11E3732FEC9C2
content-md5: kuWUXjJvRv3rjfYwIRI/nQ==
age: 1443708
cf-polished: origSize=302, status=vary_header_present
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
content-length: 166
cf-request-id: 06f5f5aa5200000621fd332000000001
x-oss-object-type: Normal
last-modified: Mon, 14 Oct 2019 07:59:06 GMT
server: cloudflare
etag: "92E5945E326F46FDEB8DF63021123F9D"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 6003588a1cda0621-FRA
x-oss-hash-crc64ecma: 11224555104244235304
x-oss-server-time: 1
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
H2 200 icon-email-white-d8a41e5374.svg
sources.aopcdn.com/cloud/default/images/ 385 B
625 B 15ms
12ms Image
image/svg+xml 2606:4700::6812:d31e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sources.aopcdn.com/cloud/default/images/icon-email-white-d8a41e5374.svg
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d31e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1040f8603399ba6aa6dd9ae01892db70d9f441d37ccaa9be00714642910b03

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
x-oss-request-id: 5FBE0820269C563832C01A81
content-md5: 2KQeU3R1nlU31D3pWBYLpQ==
age: 1443681
cf-cache-status: HIT
cf-request-id: 06f5f5aa22000006211e3bf000000001
x-oss-object-type: Normal
last-modified: Wed, 25 Nov 2020 06:46:09 GMT
server: cloudflare
etag: W/"D8A41E5374759E5537D43DE958160BA5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 60035889dc690621-FRA
x-oss-hash-crc64ecma: 541924840995577028
x-oss-server-time: 2
expires: Tue, 12 Jan 2021 00:32:01 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70f0bf9725cbed5fcefbfab9b542c67941434be1f22c9fbabe74b1380ec05b91

Request headers

Origin: https://www.ninacloak.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 29ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: D603FEC9F00C4F2C963D2F7DB1514D03 Ref B: FRAEDGE1313 Ref C: 2020-12-12T00:32:01Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 cart.json Show response
www.ninacloak.com/ 245 B
250 B 221ms
220ms XHR
application/json 2606:4700::6811:e421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ninacloak.com/cart.json

Requested by

Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/script/vendor-3d7a025d14.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e421 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647c80b22f805ed0ab9c235170b3294c8fb8d7dbbf17d88dbe746cfe71437f7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ninacloak.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
cf-request-id: 06f5f5aa720000c2ea4b9c1000000001
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 259200
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6003588a5f12c2ea-FRA
access-control-allow-headers: X-Requested-With,X_Requested_With,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 quantity.json Show response
www.ninacloak.com/cart/ 46 B
482 B 212ms
211ms XHR
application/json 2606:4700::6811:e421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ninacloak.com/cart/quantity.json?_=1607733121655

Requested by

Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/script/vendor-3d7a025d14.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e421 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df7eb497ebea720f0ad85ef07a7bb56bc00cd77c5c3668514728b3d7b4733a67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.ninacloak.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
cf-request-id: 06f5f5aa790000c2ea3987e000000001
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 259200
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6003588a5f1dc2ea-FRA
access-control-allow-headers: X-Requested-With,X_Requested_With,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
49 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=422205061&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ninacloak.com%2F&ul=en-us&de=UTF-8&dt=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=1448216106&gjid=630733525&cid=167344759.1607733122&tid=UA-136678998-1&_gid=1383924989.1607733122&_r=1&_slc=1&cd1=&cd2=home&cd3=&z=1890065357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ninacloak.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=62945&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=ninacloak.com&dtycbr=93000
https://widget.us.criteo.com/event?a=62945&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=ninacloak.com&dtycbr=93000

7 KB
4 KB

430ms
203ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=62945&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=ninacloak.com&dtycbr=93000
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 76e9352e558374a8886632d24adf603f4bf9b17908ade45b03a22a05cb1bc3dd

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
server-processing-duration-in-ticks: 158609
timing-allow-origin: *
content-length: 3604
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
location: https://widget.us.criteo.com/event?a=62945&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=ninacloak.com&dtycbr=93000
cache-control: no-cache
server-processing-duration-in-ticks: 1624
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 script.js Show response
2e3b618057a1.cdn4.forter.com/sn/2e3b618057a1/ 160 KB
60 KB 33ms
33ms Script
application/javascript 65.9.68.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://2e3b618057a1.cdn4.forter.com/sn/2e3b618057a1/script.js

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.7 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

adfb1cfbb33ec34fd91aca7240d93d9e7af2af7a0054cf75a1a6e04ee8d19695

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 10:07:18 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 483883
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 06 Dec 2020 10:07:18 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/2e3b618057a1/84032687589
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript; charset=utf-8
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: private, max-age=300
x-amz-cf-pop: FRA56-C1
timing-allow-origin: *
x-amz-cf-id: vb3jf33q6P-yF2t2L9CCdv2WwaBqsHpmQDrei4SJMOOPkMGzYFCpbg==
expires: Sun, 06 Dec 2020 10:12:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
69 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-136678998-1&cid=167344759.1607733122&jid=1448216106&gjid=630733525&_gid=1383924989.1607733122&_u=YEBAAEAAAAQCAC~&z=1937465856

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 12 Dec 2020 00:32:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.ninacloak.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame AEE8 0
0 54ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.ninacloak.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.ninacloak.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ninacloak.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ninacloak.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 796
date: Sat, 12 Dec 2020 00:32:00 GMT
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
254 B 22ms
22ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2291125804477058&ev=PageView&dl=https%3A%2F%2Fwww.ninacloak.com%2F&rl=&if=false&ts=1607733121737&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1607733121736.903986721&it=1607733121513&coo=false&rqm=GET

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 12 Dec 2020 00:32:01 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-19XXZPZ863&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-754563760

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c6efcb9b11ce5a7a0a2da8bc143a5878c2b8837296ece78195c17d606714d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52277
x-xss-protection: 0
expires: Sat, 12 Dec 2020 00:32:01 GMT

GET
H2

200

tags
ash.creativecdn.com/ Frame 6A0F
Redirect Chain

https://us.creativecdn.com/tags?id=pr_T0GLykJOENhEGCpO6qGq_home
https://ash.creativecdn.com/tags?id=pr_T0GLykJOENhEGCpO6qGq_home&tc=1

0
0

195ms
194ms

Document
text/html

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://ash.creativecdn.com/tags?id=pr_T0GLykJOENhEGCpO6qGq_home&tc=1
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, US),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: ash.creativecdn.com
:scheme: https
:path: /tags?id=pr_T0GLykJOENhEGCpO6qGq_home&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ninacloak.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=JJbvAhGn68U3g23QKuuf; ts=1607733121
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ninacloak.com/

Response headers

date: Sat, 12 Dec 2020 00:32:02 GMT Sat, 12 Dec 2020 00:32:02 GMT
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
content-length: 129

Redirect headers

date: Sat, 12 Dec 2020 00:32:01 GMT
set-cookie: u=JJbvAhGn68U3g23QKuuf;Path=/;Domain=.creativecdn.com;Expires=Sun, 12-Dec-2021 00:32:01 GMT;Max-Age=31536000;Secure;SameSite=None ts=1607733121;Path=/;Domain=.creativecdn.com;Expires=Sun, 12-Dec-2021 00:32:01 GMT;Max-Age=31536000;Secure;SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ash.creativecdn.com/tags?id=pr_T0GLykJOENhEGCpO6qGq_home&tc=1
content-length: 0

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 76 KB
24 KB 116ms
30ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.163 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 75177d5d01d5c7e3ef021fdd3ece0a52ca274029797eb0da64b04f58a0add2d9

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _SqKJ1gLfLtNB4apFY0Z4..pMQ56oAql
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 12:23:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"43ef3abb5e5c39d06ba8208b825280b7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Sat, 12 Dec 2020 00:32:01 GMT
content-length: 23757
x-amz-cf-id: OdkZUDmw-47YvAAAe7Swvqqj8NpatlE7IvLUSk9vvMH9sAYAHFnkrQ==
expires: Sat, 12 Dec 2020 08:32:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/754563760/ 2 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754563760/?random=1607733121801&cv=9&fst=1607733121801&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b3dce34b5637ed8b4a164bcabc8d95214bf6b0be6520715c135d46ef7f145b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/754563760/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754563760/?random=1607733121803&cv=9&fst=1607733121803&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dpage_view%3Becomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1319df9a623d3eb8e91720a0024a65b5c2e2563344dc7a2589973a5ba0cd17ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/754563760/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/754563760/?random=1607733121803&cv=9&fst=1607733121803&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_...
https://www.google.com/pagead/1p-user-list/754563760/?random=1607733121803&cv=9&fst=1607731200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u...
https://www.google.de/pagead/1p-user-list/754563760/?random=1607733121803&cv=9&fst=1607731200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_...

42 B
66 B

33ms
33ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/754563760/?random=1607733121803&cv=9&fst=1607731200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dpage_view%3Becomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&is_vtc=1&random=2907117343&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/754563760/?random=1607733121803&cv=9&fst=1607731200000&num=1&fmt=3&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dpage_view%3Becomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&is_vtc=1&random=2907117343&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 17ms
16ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-136678998-1&cid=167344759.1607733122&jid=1448216106&_u=YEBAAEAAAAQCAC~&z=1917287240

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 55ms
54ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-136678998-1&cid=167344759.1607733122&jid=1448216106&_u=YEBAAEAAAAQCAC~&z=1917287240

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
92 B 55ms
55ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25071011&Ver=2&mid=664e316f-b582-4d5c-bf63-b2a67b4b4e30&sid=5e0ba0403c1111eb98eb617aa2a5089a&vid=5e0c0b003c1111eb88b9798e601877d2&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&kw=Trendy%20Women%27s%20Clothing,%20Cute%20Clothes%20for%20Women,%20Cheap%20Trendy%20Women%27s%20Clothing,%20Clothing%20Sales,%20Sexy%20Clothing&p=https%3A%2F%2Fwww.ninacloak.com%2F&r=&lt=820&evt=pageLoad&msclkid=N&sv=1&rn=498473
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 78278FE3B09049239728770BD3B095D1 Ref B: FRAEDGE1313 Ref C: 2020-12-12T00:32:01Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/582671134/ 2 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/582671134/?random=1607733121812&cv=9&fst=1607733121812&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ac6423386b52e048f04678a840805521df750b1541f28dbb1ff06761618d0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
21 B 13ms
12ms Other
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-19XXZPZ863&gtm=2oebu0&_p=422205061&sr=1600x1200&ul=en-us&cid=167344759.1607733122&_s=1&dl=https%3A%2F%2Fwww.ninacloak.com%2F&dr=&dt=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&uid=&sid=1607733121&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-19XXZPZ863&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ninacloak.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK fb4ffc00-541b-4f87-9bdc-57e557f029cb
https://www.ninacloak.com/ 3 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ninacloak.com/fb4ffc00-541b-4f87-9bdc-57e557f029cb
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 771118cee14f20a9af98ffb1ac58a30210cc8bde54288643552c04b7f2915c64

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 2584
Content-Type: application/javascript

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/754563760/ 42 B
66 B 19ms
18ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/754563760/?random=1607733121801&cv=9&fst=1607731200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&fmt=3&is_vtc=1&random=3753737818&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/754563760/ 42 B
66 B 47ms
34ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/754563760/?random=1607733121801&cv=9&fst=1607731200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&fmt=3&is_vtc=1&random=3753737818&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/754563760/ 42 B
66 B 39ms
39ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/754563760/?random=1607733121803&cv=9&fst=1607731200000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dpage_view%3Becomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&fmt=3&is_vtc=1&random=2519827581&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/754563760/ 42 B
66 B 46ms
35ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/754563760/?random=1607733121803&cv=9&fst=1607731200000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dpage_view%3Becomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&fmt=3&is_vtc=1&random=2519827581&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/582671134/ 42 B
66 B 28ms
28ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/582671134/?random=1607733121812&cv=9&fst=1607731200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&fmt=3&is_vtc=1&random=1705750636&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/582671134/ 42 B
529 B 33ms
32ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/582671134/?random=1607733121812&cv=9&fst=1607731200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ninacloak.com%2F&tiba=Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak&async=1&fmt=3&is_vtc=1&random=1705750636&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get_dynamic_config.js Show response
secure.livechatinc.com/licence/12388986/v2/ 1 KB
1 KB 223ms
221ms Script
application/javascript 2.16.186.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/12388986/v2/get_dynamic_config.js?t=1607733121936&url=https%3A%2F%2Fwww.ninacloak.com%2F&referrer=&channel_type=code&jsonp=__t3tlfcnfj
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.163 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-163.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a4aef7e56e6b1ee9712b706ac2364ffc3e7fad51dcc714cbb1d729e03320eff4

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 544
expires: Sat, 12 Dec 2020 00:32:02 GMT

GET
H2

200

2ceb529b6e4a2e2e6976e11b18a650b9a1ba9f592f8b4e33e9e2610ab7c1c011ac7f4bce641054e4d8f24bd5a478 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/2ceb529b6e4a2e2e6976e11b18a650b9a1ba9f592f8b4e33e9e2610ab7c1c011ac7f4bce641054e4d8f24bd5a478

0
321 B

114ms
114ms

XHR
text/plain

65.9.73.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/2ceb529b6e4a2e2e6976e11b18a650b9a1ba9f592f8b4e33e9e2610ab7c1c011ac7f4bce641054e4d8f24bd5a478

Requested by

Host: www.ninacloak.com
URL: https://www.ninacloak.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.103 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:02 GMT
via: 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: wAk6Ryawl7tUOonJShHvs2zBMd8XoNpnxW25RIN9h1ldW0gLlxajxw==

Redirect headers

date: Sat, 12 Dec 2020 00:32:02 GMT
via: 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
location: https://cdn9.forter.com/vchk2/v1/2ceb529b6e4a2e2e6976e11b18a650b9a1ba9f592f8b4e33e9e2610ab7c1c011ac7f4bce641054e4d8f24bd5a478
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: Gia38YihZIfTQmyf0B5t2Z5UWlXDgnAkVMZ839cshGJ2j4C-F54EEQ==

GET
BLOB 200
OK 5b3584fc-e470-4704-bd94-1b7586b4e153
https://www.ninacloak.com/ 12 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ninacloak.com/5b3584fc-e470-4704-bd94-1b7586b4e153
Requested by: Host: www.ninacloak.com
URL: https://www.ninacloak.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7c28f515d9b8cc70496bf4854cf91c813b5216477600410efe31b0690efd474

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 11959
Content-Type: application/javascript

POST
H2 200 events
cdn3.forter.com/ 0
241 B 127ms
126ms Other
text/plain 54.236.70.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.70.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-70-156.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
vary: Origin
access-control-allow-origin: https://www.ninacloak.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/58301/ Frame 299A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WlJ9aHR7YegdGBMpsbXrjK-6DpWL8LMbszoDEQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WlJ9aHR7YegdGBMpsbXrjK-6DpWL8LMbszoDEQ&verify=true

0
657 B

60ms
30ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WlJ9aHR7YegdGBMpsbXrjK-6DpWL8LMbszoDEQ&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WlJ9aHR7YegdGBMpsbXrjK-6DpWL8LMbszoDEQ&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/rightmedia/ Frame 299A
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0

43 B
333 B

43ms
42ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:01 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 3591
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 12 Dec 2020 00:32:02 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 299A 43 B
964 B 57ms
50ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Sat, 12 Dec 2020 00:32:02 GMT

GET
H/1.1 200
OK /
partner.mediawallahscript.com/ Frame 299A 32 B
367 B 51ms
45ms Image
image/png 52.51.205.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-7jwGq3R7YegdGBMpsbXrjK-6DpVe5efj5Mp2CQ&custom=&tag_format=img&tag_action=sync&custom=&cb=85722f8a-02fc-464b-bb90-c5fcd2d95ee4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.205.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-205-248.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
Server: nginx/1.12.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 32
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 299A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay03andHcTNSN1llZ2RHQk1wc2JYcmpLLTZEcFZlNWVmajVNcDJDUQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
332 B

121ms
41ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 588
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.gif
c.bing.com/ Frame 299A 42 B
170 B 36ms
30ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-zD2WenR7YegdGBMpsbXrjK-6DpUsrRR9srwZ5w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
etag: "2e03fa8fcad61:0"
last-modified: Fri, 04 Dec 2020 22:44:35 GMT
x-msedge-ref: Ref A: C10ED0A7709A4AFB905D07018E6D4D64 Ref B: FRAEDGE1313 Ref C: 2020-12-12T00:32:02Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 299A
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-zD2WenR7YegdGBMpsbXrjK-6DpUsrRR9srwZ5w&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-zD2WenR7YegdGBMpsbXrjK-6DpUsrRR9srwZ5w%26seg%3D95287

43 B
1 KB

30ms
29ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-zD2WenR7YegdGBMpsbXrjK-6DpUsrRR9srwZ5w%26seg%3D95287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:02 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.74:80
AN-X-Request-Uuid: aca050ba-fb9f-48d0-9a8f-f2a90692dae6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:02 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.155:80
AN-X-Request-Uuid: 4966a2ef-2f78-404c-9eaa-42dba58e27fb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-zD2WenR7YegdGBMpsbXrjK-6DpUsrRR9srwZ5w%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 299A
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/YawycDWvCHOy1uENmuP7MCbtvjQgItiH/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=7374533929954724765

43 B
333 B

42ms
42ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=7374533929954724765
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 3277
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=7374533929954724765
pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: Apache-Coyote/1.1
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 299A 42 B
787 B 30ms
24ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-XvO0IXR7YegdGBMpsbXrjK-6DpVAVsc6jIO6uA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H2 204 t.gif
cw.addthis.com/ Frame 299A 0
425 B 175ms
124ms Image
text/plain 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-XvO0IXR7YegdGBMpsbXrjK-6DpVAVsc6jIO6uA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 12 Dec 2020 00:32:02 GMT

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 299A 35 B
335 B 152ms
54ms Image
image/gif 18.203.182.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-8lQ0r3R7YegdGBMpsbXrjK-6DpWK5NPujiGjvw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.182.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-182-162.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:02 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55945/ Frame 299A
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-yjyt3nR7YegdGBMpsbXrjK-6DpXsvw1kbo26RQ&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-yjyt3nR7YegdGBMpsbXrjK-6DpXsvw1kbo26RQ&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-yjyt3nR7YegdGBMpsbXrjK-6DpXsvw1kbo26RQ&_origin=1&apid=UP740b4c6b-3c11-11eb-9f09-027a49f770de

0
964 B

35ms
30ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-yjyt3nR7YegdGBMpsbXrjK-6DpXsvw1kbo26RQ&_origin=1&apid=UP740b4c6b-3c11-11eb-9f09-027a49f770de

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-yjyt3nR7YegdGBMpsbXrjK-6DpXsvw1kbo26RQ&_origin=1&apid=UP740b4c6b-3c11-11eb-9f09-027a49f770de
date: Sat, 12 Dec 2020 00:32:02 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

xuid
eb2.3lift.com/ Frame 299A
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-_KbY-HR7YegdGBMpsbXrjK-6DpUjDrM2o2Ecyg&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-_KbY-HR7YegdGBMpsbXrjK-6DpUjDrM2o2Ecyg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

27ms
27ms

Image
image/gif

18.192.150.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-_KbY-HR7YegdGBMpsbXrjK-6DpUjDrM2o2Ecyg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.150.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-150-244.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-_KbY-HR7YegdGBMpsbXrjK-6DpUjDrM2o2Ecyg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Sat, 12 Dec 2020 00:32:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 299A
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-rjUsk3R7YegdGBMpsbXrjK-6DpUmlYuEO9jHVg
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-rjUsk3R7YegdGBMpsbXrjK-6DpUmlYuEO9jHVg&cookieCheck=1
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=0d888e1a9716646e4809

0
225 B

34ms
33ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=0d888e1a9716646e4809
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.117:10213
date: Sat, 12 Dec 2020 00:32:02 GMT
server: nginx
x-fastly-to-nlb-rtt: 15378

Redirect headers

date: Sat, 12 Dec 2020 00:32:02 GMT
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=0d888e1a9716646e4809
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Dd9NqBp3kQv6nUJltvpVFt4Xi14X1DcjXKSWyczv9ewW0O9LuEELBQ==

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 299A 42 B
873 B 31ms
31ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-PdtCnXR7YegdGBMpsbXrjK-6DpWcUde7S5HVSQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:02 GMT
X-lat: Pug22049:0:522
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 299A
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5VdM93R7YegdGBMpsbXrjK-6DpU9kvX7etSn-w
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5VdM93R7YegdGBMpsbXrjK-6DpU9kvX7etSn-w&C=1

43 B
1 KB

42ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5VdM93R7YegdGBMpsbXrjK-6DpU9kvX7etSn-w&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 12 Dec 2020 00:32:02 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5VdM93R7YegdGBMpsbXrjK-6DpU9kvX7etSn-w&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Sat, 12 Dec 2020 00:32:02 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 299A
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-WM3uyXR7YegdGBMpsbXrjK-6DpUhz2LkQJ2sOQ&c=us
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-WM3uyXR7YegdGBMpsbXrjK-6DpUhz2LkQJ2sOQ&c=us

43 B
105 B

26ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-WM3uyXR7YegdGBMpsbXrjK-6DpUhz2LkQJ2sOQ&c=us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.198.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
via: 1.1 google
server: OXGW/16.198.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=k-WM3uyXR7YegdGBMpsbXrjK-6DpUhz2LkQJ2sOQ&c=us
date: Sat, 12 Dec 2020 00:32:02 GMT
via: 1.1 google
server: OXGW/16.198.2
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 299A 68 B
262 B 72ms
24ms Image
image/png 54.93.159.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-YgxBvHR7YegdGBMpsbXrjK-6DpXbEoT_e0bjsg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.159.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-159-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:02 GMT
content-length: 68
content-type: image/png

GET
H2 200 cksync.php
contextual.media.net/ Frame 299A 46 B
711 B 116ms
57ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-S4CLSnR7YegdGBMpsbXrjK-6DpVpoa1puPYSCw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sat, 12 Dec 2020 00:32:02 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Sat, 12 Dec 2020 00:32:02 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame 299A 23 B
170 B 121ms
69ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-AZEm5HR7YegdGBMpsbXrjK-6DpUoTabMrukk9Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 12 Dec 2020 00:32:02 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 299A
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-fDIHk3R7YegdGBMpsbXrjK-6DpV1MxI_KmMtlQ&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-fDIHk3R7YegdGBMpsbXrjK-6DpV1MxI_KmMtlQ&expires=30&user_group=5

43 B
409 B

29ms
29ms

Image
image/gif

35.157.13.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-fDIHk3R7YegdGBMpsbXrjK-6DpV1MxI_KmMtlQ&expires=30&user_group=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.13.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-13-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-fDIHk3R7YegdGBMpsbXrjK-6DpV1MxI_KmMtlQ&expires=30&user_group=5
date: Sat, 12 Dec 2020 00:32:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 299A 43 B
536 B 191ms
191ms Image
image/gif 52.52.67.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-ULrO_XR7YegdGBMpsbXrjK-6DpW52FisbJCLnA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 299A 0
225 B 33ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-bB9M2nR7YegdGBMpsbXrjK-6DpXuN_KJpzmUgA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.20.9:10213
date: Sat, 12 Dec 2020 00:32:02 GMT
server: nginx
x-fastly-to-nlb-rtt: 15378

POST
H/1.1 200
OK prop.json
bd80b02edbc148f6a91b138fa40e8525-2e3b618057a1.cdn.forter.com/ 2 B
625 B 383ms
121ms Other
application/json 52.5.0.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bd80b02edbc148f6a91b138fa40e8525-2e3b618057a1.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.0.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-0-90.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Fri, 11 Dec 2020 12:05:23 GMT
Server: Apache
ETag: "2-5b62f1b6ffdde"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ninacloak.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 299A 43 B
964 B 50ms
50ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=39872&js=no

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Sat, 12 Dec 2020 00:32:02 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 299A
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5060875964689263846

43 B
333 B

42ms
42ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5060875964689263846
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 2775
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:02 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.48:80
AN-X-Request-Uuid: 2d1c9c38-87c0-49d4-b025-1d533618535f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5060875964689263846
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/yahoogemini/ Frame 299A
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=2~d70585acac52c040f8b2016b9137859f8ce8814d&nwid=10022892938&sigv=1
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

43 B
333 B

42ms
41ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 1988
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 12 Dec 2020 00:32:02 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 299A 43 B
964 B 51ms
51ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=39872

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Sat, 12 Dec 2020 00:32:02 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 299A
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=HqBkbZHlDR1xOTYEoPBnHIsOtviWmQNP

42 B
285 B

32ms
32ms

Image
image/gif

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=HqBkbZHlDR1xOTYEoPBnHIsOtviWmQNP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 12 Dec 2020 00:32:02 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=HqBkbZHlDR1xOTYEoPBnHIsOtviWmQNP
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2031
date: Sat, 12 Dec 2020 00:32:01 GMT
content-length: 197
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame 299A 43 B
964 B 51ms
51ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10028862

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 00:32:02 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Sat, 12 Dec 2020 00:32:02 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/yahoogemini/ Frame 299A
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=2~53ef8d479c22b2f64b38b7c8ed96f504cd8e84c6&nwid=10033892938&sigv=1
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

43 B
333 B

42ms
41ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:02 GMT
server: Microsoft-IIS/10.0
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
server-processing-duration-in-ticks: 2176
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 12 Dec 2020 00:32:02 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2291125804477058&ev=Microdata&dl=https%3A%2F%2Fwww.ninacloak.com%2F&rl=&if=false&ts=1607733123242&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cheap%20%26%20Fashion%20Clothes%20for%20Women%20Online%20-%20Ninacloak%22%2C%22meta%3Adescription%22%3A%22Ninacloak.com%20dedicates%20to%20be%20your%20personal%20wardrobe%20online!%20Plenty%20of%20fashion%20clothes%20of%20high%20quality%20and%20at%20reasonable%20prices%20are%20selected%20for%20you!%20Start%20your%20journey%20now!%22%2C%22meta%3Akeywords%22%3A%22Trendy%20Women%27s%20Clothing%2C%20Cute%20Clothes%20for%20Women%2C%20Cheap%20Trendy%20Women%27s%20Clothing%2C%20Clothing%20Sales%2C%20Sexy%20Clothing%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.30&r=stable&ec=1&o=30&fbp=fb.1.1607733121736.903986721&it=1607733121513&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 00:32:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 12 Dec 2020 00:32:03 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/ 20 B
361 B 451ms
215ms XHR
application/json 54.91.31.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/prop.json?_=1607733123315
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.31.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-31-243.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:03 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ninacloak.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/ 20 B
361 B 117ms
116ms XHR
application/json 54.91.31.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/prop.json?_=1607733123769
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.31.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-31-243.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:03 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ninacloak.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/ 20 B
361 B 117ms
116ms XHR
application/json 54.91.31.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/prop.json?_=1607733123987
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.31.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-31-243.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:04 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ninacloak.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/ 20 B
418 B 117ms
117ms XHR
application/json 54.91.31.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.31.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-31-243.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 12 Dec 2020 00:32:04 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ninacloak.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/ Frame 0
0 117ms
116ms Other 54.91.31.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/2e3b618057a1/bd80b02edbc148f6a91b138fa40e8525/wpt.json
Protocol: HTTP/1.1
Server: 54.91.31.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-31-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.ninacloak.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Content-Length: 0
Date: Sat, 12 Dec 2020 00:32:04 GMT
Connection: keep-alive

POST
H2 200 events
cdn3.forter.com/ 0
241 B 137ms
137ms Other
text/plain 54.236.70.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.70.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-70-156.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.ninacloak.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Sat, 12 Dec 2020 00:32:10 GMT
vary: Origin
access-control-allow-origin: https://www.ninacloak.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.creativecdn.com/	1970-01-19 23:21:09	Name: ts Value: 1607733121
.creativecdn.com/	1970-01-19 23:21:09	Name: u Value: JJbvAhGn68U3g23QKuuf
.ninacloak.com/	1970-01-21 10:23:33	Name: ftr_ncd Value: 6
.ninacloak.com/	1970-01-20 08:06:45	Name: _ga_19XXZPZ863 Value: GS1.1.1607733121.1.0.1607733121.0
.ninacloak.com/	1970-01-21 10:23:33	Name: forterToken Value: bd80b02edbc148f6a91b138fa40e8525_1607733121630__UDF43_9ck
.ninacloak.com/	1970-01-19 14:58:57	Name: _uetvid Value: 5e0c0b003c1111eb88b9798e601877d2
.ninacloak.com/	1970-01-19 14:36:59	Name: _uetsid Value: 5e0ba0403c1111eb98eb617aa2a5089a
.ninacloak.com/	1970-01-19 16:45:09	Name: _gcl_au Value: 1.1.110016072.1607733122
.ninacloak.com/	1970-01-19 16:45:09	Name: _fbp Value: fb.1.1607733121736.903986721
.ninacloak.com/	1970-01-19 14:35:33	Name: _gat Value: 1
.ninacloak.com/	1970-01-19 14:36:59	Name: _gid Value: GA1.2.1383924989.1607733122
.ninacloak.com/	1970-01-20 08:06:45	Name: _ga Value: GA1.1.167344759.1607733122
www.ninacloak.com/	1970-01-19 14:36:59	Name: _opud Value: op_39e912599833b624_176545c8fc7_aa80
www.ninacloak.com/	1970-01-19 23:21:09	Name: _opu Value: op_dae4fd8e9d6c53e1_176545c8fc7_372d
www.ninacloak.com/	1969-12-31 23:59:59	Name: ccy Value: USD
.ninacloak.com/	1970-01-19 14:35:36	Name: AMP_TOKEN Value: %24NOT_FOUND
www.ninacloak.com/	1970-01-19 23:21:09	Name: _odevice Value: 1349176919
www.ninacloak.com/	1969-12-31 23:59:59	Name: locale Value: en
.criteo.com/	1970-01-19 23:57:09	Name: uid Value: aa39f3ad-45cb-4d15-be10-3313cb5570ae
.www.ninacloak.com/	1970-01-19 15:18:45	Name: __cfduid Value: d74688af12cdaa4ed050d270b584a6dc31607733120

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://www.ninacloak.com/(Line 4851) Message: NAVS: [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api	log	URL: https://www.ninacloak.com/(Line 4854) Message: HELPGROUPS: [object Object],[object Object],[object Object]
console-api	log	URL: https://sources.aopcdn.com/cloud/opShop/script/index-0a7cff575d.js(Line 1) Message: Header
console-api	log	URL: https://sources.aopcdn.com/cloud/opShop/script/index-0a7cff575d.js(Line 1) Message: old add
console-api	log	URL: https://sources.aopcdn.com/cloud/opShop/script/index-0a7cff575d.js(Line 1) Message: [object Object] json

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2e3b618057a1.cdn4.forter.com
ads.yahoo.com
ampcid.google.com
ampcid.google.de
ash.creativecdn.com
bat.bing.com
bd80b02edbc148f6a91b138fa40e8525-2e3b618057a1.cdn.forter.com
c.bing.com
cdn.livechatinc.com
cdn.onesignal.com
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
dis.criteo.com
eb2.3lift.com
googleads.g.doubleclick.net
gum.criteo.com
idsync.rlcdn.com
jadserve.postrelease.com
match.sharethrough.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
r.casalemedia.com
s.ad.smaato.net
secure.adnxs.com
secure.livechatinc.com
simage2.pubmatic.com
sources.aopcdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.taboola.com
trends.revcontent.com
ups.analytics.yahoo.com
ups.aopcdn.com
us-u.openx.net
us.creativecdn.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ninacloak.com
x.bidswitch.net
104.75.88.112
104.75.89.75
141.226.228.48
172.217.22.66
178.250.0.163
178.250.2.151
18.156.0.31
18.192.150.244
18.203.182.162
185.184.10.30
185.64.189.110
2.16.186.163
2.18.234.21
2.18.235.93
212.82.100.181
216.58.208.34
2606:4700::6811:e421
2606:4700::6812:d31e
2606:4700::6812:e134
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:808::2003
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::2004
2a00:1450:4001:820::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.207.148
35.156.106.231
35.157.13.124
35.244.159.8
37.252.172.36
46.228.164.13
52.5.0.90
52.51.205.248
52.52.67.9
54.236.70.156
54.91.31.243
54.93.159.18
65.9.68.7
65.9.73.103
65.9.73.61
69.173.144.138
74.119.119.150
008995c8e445e6af3940b9f822564586b6e9f6556b9866f029e650d1d1327c9e
008c05738e583f4d704ebbd5d22f76a2a23322a2491829952e0518edf5cd4a2b
07c12821150fbccd90c95f7197c50844bb23717ad641407d7c42a6c3edf9f0a3
0b86eac98e04ec905875f9bcbbd9a9e8af9ed5057193f7fbe62c8a77fae31a19
0c6efcb9b11ce5a7a0a2da8bc143a5878c2b8837296ece78195c17d606714d0a
0d9cae9db6fe1b355f94c6013467e2082b95bc2365949681783d1f687f8f429e
0e2bdd4ccbc25d615fc887fe43a4148239c7e75cc99c9913e5c231f13d06b82a
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f079cc293009ee3adc0a67500e0f474c55d8f8e8b47f6ef42094bc9a8fc5ade
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1319df9a623d3eb8e91720a0024a65b5c2e2563344dc7a2589973a5ba0cd17ae
235a7f4988dc549f40dfa09a802f4695fe9b3c0566240652e3b11ce57f662ced
2af056970ae98f2fa8762d4f582a27677daf8af4f5c7b3ac362cf57a2457f2ff
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3449da9ea0fc1f7cbef1a3b74d69489fd77ba50b2543c6baed31c0cfc16d224b
3593ca5c5b1c2d4775dba75e81da8a7e754aa93bf487023dab86297ca8c5c2f4
3665ef3cbe19ef16171874fe37b6cbdad1ad20a3af2d704797bfed06ec080454
36f58b69c0c71b2737b87cd33da2281bbe123a48a41a5859ca621a81f1d500ec
37e4e24ceb5722204fea1962745f4af68245a5a04ff5070160b45833fef3d7c0
3b439a0ecd90961b79a0dd82f61d6c78ce2152e23b30a4d558db97878963a6c2
3c1dd391a09780bec623e664b1e83c2438ae98869cc18a69c61483b3dc0cd637
3d2f4afa534a9d8a642316f47626258e9a713cb8f223baed57638f4bd8f8b8a4
3da6ee431ce0ba9c023f635279667388dbc5855e9344a9f1f8cbc30685955cd8
42a170332cdbb575a8c3e7300e1c79bdbd978e18765f458b1d5633e6ecd6ecd9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a5c6bbe25f10b8c56a9d58bb7a3a957992fc1800b633dd010df58b55f558dae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd3c29623208e12c535ad6bb8ab30207628dc3a7f15c25458507f5dc6e0005a
4da455f94b23c896d54c0b91b07bd6ee687ccc869044529c8a2086455185a472
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4ddff9611a19127864bb3f767bcc5b94a7f7cc454e674bf4f4ef2ac0d6778f67
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ead29aeed6c8e27fe8958ac49637d8332e5e79f71b4e03543ffb33d573ea9a8
4fec788786d895ac07ab3fb3f341a9e86773c4d0a2b17620f0cd68163fc25bf3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57609ba8cb55eb86ba52d15cf7d61b0b3723bc28175dc5d74694a76a5e3e233e
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
57e9f67a8639356a91af0051be6d2af6ccede84e5a0f0f6e72c14c902070ffab
59af659bf2b3c887db08b6f79155e9bdc7ddfd30367d8227c34ee35ee755c5e3
5b3dce34b5637ed8b4a164bcabc8d95214bf6b0be6520715c135d46ef7f145b5
5d093cab6867ceb3665eedc6609b8a234ccf54f912722961a473b8aa303d0879
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6062cd053ac3ea85f42652b062a4dc58fff928007ca0876c5fb708a90af5f366
647c80b22f805ed0ab9c235170b3294c8fb8d7dbbf17d88dbe746cfe71437f7b
6ac6423386b52e048f04678a840805521df750b1541f28dbb1ff06761618d0cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b8097f606b9e4539deccabe916824f7558e379f34951b76aea3e012543dd3b8
70f0bf9725cbed5fcefbfab9b542c67941434be1f22c9fbabe74b1380ec05b91
75177d5d01d5c7e3ef021fdd3ece0a52ca274029797eb0da64b04f58a0add2d9
760be25d91413396bab6dcc3b253208a716c91e8e040efae6e120a10691abfd6
76e9352e558374a8886632d24adf603f4bf9b17908ade45b03a22a05cb1bc3dd
771118cee14f20a9af98ffb1ac58a30210cc8bde54288643552c04b7f2915c64
7725cea8a1e90ff06b5a6481a1c8dfe341d81ad182390740a39428d5c6e654a6
77a80100522e57aeed99b49b1fc8d4a506157117b1f2ce567d2a133dacedf9e1
7e5c44d38b168c082ac461cbf988a0e2bcaf38f4d63c523e7c36e40164178cd0
80ec2ad3cb8d73004fdfc565ef6348a85c8155d643fa5c91fab5f3bea5366757
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
857f589521d59aa4fd898ba944d84e9b0f07b69612018d8f611d2616c10c500d
86331684b37b51e65d18c1b1cc5956e5b2b2eadca0e9a7e0fe95fe4bcc5111eb
86a7462be5298a96296f5eef63e39fff8a7d4adbc109794c144976860f193929
8938bb56c608f8f5e6b7c5a79a33856cec5b93c4073563db7f2db5830a3be30b
8a8b77ab352a45b7838efd3df7ec52251e0f8763fcf78c715690efae5fe079e5
8b6318d4d83ab0553d7947b5bd70849ef4a7906545c23a787679543d105499da
8beb01839e0cecf3e3194c0cbc3ad7fc13478d1be28db4b2bbf0a47347f67ad4
904f8d2f93a047dce413e9f61d24c5abf495ed9991cccc7a72fdb5603d31f0f2
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a39e48ce0eb0ef0fc7ba5b6a4458b3c2ea28f2f4ec5ce2f71da3b9bf474e871
9e8f749fca5ea9e02270989853ad6543eb55a3f80b4343f6d014d5d7de999eef
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2826d00102708c5fd2a1a1701ed32905cd23a79b198c5d072751860a2ef7a89
a4aef7e56e6b1ee9712b706ac2364ffc3e7fad51dcc714cbb1d729e03320eff4
a7a1ab867fdb3e3fdbf96d0a01693a332784e58172caba6528ce804d7f0cb3ff
ad1040f8603399ba6aa6dd9ae01892db70d9f441d37ccaa9be00714642910b03
adfb1cfbb33ec34fd91aca7240d93d9e7af2af7a0054cf75a1a6e04ee8d19695
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b239489375a819de17b84655eb1d7705dabd77d59bf8d231d42c998cbf6a9f07
b3695cc9a746d19d2fe3f3b0c2510f4e114c28d9d869791bbc93640ecc6b0990
b79c244c2dffd8d31e2c77ee1dbd89f63ddef1b801122de6dcd4ac948005ee41
b7c28f515d9b8cc70496bf4854cf91c813b5216477600410efe31b0690efd474
baad5e79748bf650e4e70ef9c84ceae3d8b787030ba10dd08f8cf53bd354d1ed
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be483d1b4e0011db3b0199a9a9fa9443cf842390dfa6d51a413fed4ec044e610
c56b62a0bf4c08024f7b23f266c1526e39e0d10f58155488b5afb5bd679e5c5c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8e2720c4ad535c16449e687f8b128ec308f6f51006182f2381da58e6699668
cf7f6e458c98a3b08ae026f8a15800485854e81e71e04c35c9c416880a8e349c
d1d68bf1f8510fef5f76139af954625e2f81dc1218fbd3d4bc8196294400ed6a
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
d71b83083b02082fc5dbc62a6288b3dac992aab808a4fd92fe1eec019ace5774
d8a354b9b5738305ab347b12621f8881e07cb080d6a402879f20b6586de040ca
dc6fa72f9ba04bc017fc2d3a199e4096c1c0ac0f443c1d4faf8921dd566619a3
df7eb497ebea720f0ad85ef07a7bb56bc00cd77c5c3668514728b3d7b4733a67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8afa2c65faaf8f0fbcf9b9e49f73098583f5a25fdc8508e1ef01dc12d41c1c7
ed20af77cb80ba7b82c98195f13148cb5a245d585c21aff71670c54d43abd84c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a40621372e5a6303e9f0ed54800850834c1ba212b43449660e74f932ee12f0
f368b9bd8b690454413a9c2159322abafda8dd6d6197481b7f68b7b16085a509
f6be8510307346a53d6f3dc1ffb55a48469c7533d57bb282d973b5062838f268
f7aa9df1445419914d34264dc1fb067a4db7840ad4c09313da918b40fb100dbb
f9594d5e3b1f424adf794018406be67067a1db987855bbda796a373a3602d17d
fad8c4f69d1ecaee7d69e909867929322c2c4dfb81ca74267756fb63d5a73790

www.ninacloak.com Open in urlscan Pro 2606:4700::6811:e421 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

99 %HTTPS

37 %IPv6

37 Domains

55 Subdomains

47 IPs

10 Countries

4992 kBTransfer

6834 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ninacloak.com Open in urlscan Pro
2606:4700::6811:e421 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

99 %
HTTPS

37 %
IPv6

37
Domains

55
Subdomains

47
IPs

10
Countries

4992 kB
Transfer

6834 kB
Size

20
Cookies

143 HTTP transactions
2 data transactions