www.ninavonc.de Open in urlscan Pro
194.97.158.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tracking.ninavonc.de/
Effective URL:
https://www.ninavonc.de/
Submission: On September 26 via automatic, source certstream-suspicious (September 26th 2021, 1:26:22 am UTC) — Scanned from DE

Summary HTTP 123 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 26 domains to perform 123 HTTP transactions. The main IP is 194.97.158.1, located in Munich, Germany and belongs to SPACENET SpaceNET AG, DE. The main domain is www.ninavonc.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 24th 2021. Valid for: a year.

This is the only time www.ninavonc.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1 29	194.97.158.1 194.97.158.1	5539 (SPACENET ...) (SPACENET SpaceNET AG)
3	35.190.14.188 35.190.14.188	15169 (GOOGLE) (GOOGLE)
9	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	35.241.3.184 35.241.3.184	15169 (GOOGLE) (GOOGLE)
1	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1	34.120.28.121 34.120.28.121	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
3	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
1	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
1	142.250.185.118 142.250.185.118	15169 (GOOGLE) (GOOGLE)
2	34.120.238.166 34.120.238.166	15169 (GOOGLE) (GOOGLE)
1	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
2	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	52.31.175.22 52.31.175.22	16509 (AMAZON-02) (AMAZON-02)
2	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
1	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
1	74.125.140.155 74.125.140.155	15169 (GOOGLE) (GOOGLE)
1 2	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1 2	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
3	104.26.11.209 104.26.11.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	212.48.120.130 212.48.120.130	8893 (ARTFILES-...) (ARTFILES-AS Artfiles New Media GmbH)
2	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
4	104.22.58.173 104.22.58.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.193.40 13.224.193.40	16509 (AMAZON-02) (AMAZON-02)
4	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
5 18	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
7 12	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
4	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4	108.128.28.141 108.128.28.141	16509 (AMAZON-02) (AMAZON-02)
2	52.95.117.174 52.95.117.174	16509 (AMAZON-02) (AMAZON-02)
123	37

3 84.200.5.215 (Germany) 1 redirects

ASN31400 (ACCELERATED-IT, DE)

tracking.ninavonc.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lacmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 194.97.158.1 (Munich, Germany) 1 redirects

ASN5539 (SPACENET SpaceNET AG, DE)
PTR: sammelfrontend.pl2.spacenet.de

www.ninavonc.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images3.ninavonc.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images2.ninavonc.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images1.ninavonc.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.3.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.28.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.28.120.34.bc.googleusercontent.com

aggregator.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.118 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.238.166 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 166.238.120.34.bc.googleusercontent.com

graphql.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.175.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-22.eu-west-1.compute.amazonaws.com

smct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.145 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.11.209 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.48.120.130 (Lübeck, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: lb.usemaxserver.de

www.usemaxserver.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.usemax.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.22.58.173 (None, )

ASN13335 (CLOUDFLARENET, US)

js.smct.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipb.smct.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-40.fra2.r.cloudfront.net

d31bfnnwekbny6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.4.40 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.74.198 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

6837390.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6635505.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.128.28.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-28-141.eu-west-1.compute.amazonaws.com

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.117.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

firehose.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	ninavonc.de 2 redirects tracking.ninavonc.de www.ninavonc.de images3.ninavonc.de images2.ninavonc.de images1.ninavonc.de	1 MB
20	adform.net 5 redirects track.adform.net s2.adform.net	65 KB
18	doubleclick.net 8 redirects googleads.g.doubleclick.net static.doubleclick.net stats.g.doubleclick.net bid.g.doubleclick.net 6837390.fls.doubleclick.net 5994599.fls.doubleclick.net ad.doubleclick.net 6635505.fls.doubleclick.net	7 KB
9	google.com www.google.com adservice.google.com	14 KB
9	youtube.com www.youtube.com	683 KB
7	usercentrics.eu app.usercentrics.eu api.usercentrics.eu aggregator.service.usercentrics.eu graphql.usercentrics.eu	286 KB
6	amazonaws.com cognito-identity.eu-west-1.amazonaws.com firehose.eu-west-1.amazonaws.com	3 KB
4	adition.com ad13.adfarm1.adition.com	1 KB
4	mathtag.com pixel.mathtag.com	4 KB
4	smct.io js.smct.io ipb.smct.io	31 KB
3	ad4m.at ad4m.at as.ad4m.at	15 KB
3	smct.co smct.co	8 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
2	facebook.com www.facebook.com	404 B
2	usemaxserver.de www.usemaxserver.de	2 KB
2	redintelligence.net 1 redirects hal9000.redintelligence.net	2 KB
2	ad-srv.net 1 redirects ad.ad-srv.net	2 KB
2	facebook.net connect.facebook.net	170 KB
2	lacmp.net www.lacmp.net	9 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	usemax.de www.usemax.de	552 B
1	cloudfront.net d31bfnnwekbny6.cloudfront.net	556 B
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	63 KB
1	ytimg.com i.ytimg.com	58 KB
1	ggpht.com yt3.ggpht.com	2 KB
123	26

	Domain	Requested by
18	track.adform.net	5 redirects www.usemaxserver.de www.ninavonc.de track.adform.net
10	images3.ninavonc.de	www.ninavonc.de images3.ninavonc.de
9	www.youtube.com	www.ninavonc.de www.youtube.com
8	www.ninavonc.de	1 redirects www.ninavonc.de
7	images1.ninavonc.de	www.ninavonc.de
6	adservice.google.com	ad.ad-srv.net 5994599.fls.doubleclick.net 6837390.fls.doubleclick.net 6635505.fls.doubleclick.net
4	cognito-identity.eu-west-1.amazonaws.com	js.smct.io
4	6635505.fls.doubleclick.net	2 redirects www.usemaxserver.de
4	ad13.adfarm1.adition.com	ad.ad-srv.net
4	5994599.fls.doubleclick.net	2 redirects hal9000.redintelligence.net
4	pixel.mathtag.com	hal9000.redintelligence.net
4	images2.ninavonc.de	www.ninavonc.de
3	js.smct.io	smct.co js.smct.io
3	smct.co	www.googletagmanager.com js.smct.io
3	www.google.com	www.youtube.com
3	googleads.g.doubleclick.net	1 redirects www.youtube.com www.googleadservices.com
3	app.usercentrics.eu	www.ninavonc.de app.usercentrics.eu
2	firehose.eu-west-1.amazonaws.com	js.smct.io
2	ad.doubleclick.net	2 redirects
2	6837390.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	s2.adform.net	hal9000.redintelligence.net ad.ad-srv.net
2	www.facebook.com
2	www.usemaxserver.de	www.ninavonc.de www.usemaxserver.de
2	ad4m.at	www.ninavonc.de ad4m.at
2	hal9000.redintelligence.net	1 redirects www.ninavonc.de
2	ad.ad-srv.net	1 redirects www.ninavonc.de
2	connect.facebook.net	www.ninavonc.de connect.facebook.net
2	www.lacmp.net	www.ninavonc.de www.lacmp.net
2	www.google-analytics.com	www.googletagmanager.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	graphql.usercentrics.eu	app.usercentrics.eu
1	as.ad4m.at	www.ninavonc.de
1	ipb.smct.io	js.smct.io
1	www.usemax.de	www.usemaxserver.de
1	d31bfnnwekbny6.cloudfront.net	www.ninavonc.de
1	bid.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.ninavonc.de
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	aggregator.service.usercentrics.eu	app.usercentrics.eu
1	fonts.gstatic.com	www.youtube.com
1	api.usercentrics.eu	app.usercentrics.eu
1	tracking.ninavonc.de	1 redirects
123	46

This site contains links to these domains. Also see Links.

Domain
www.ninavonc.eu
www.instagram.com
www.facebook.com
www.youtube.com
www.primefashionads.com
usercentrics.com

Subject Issuer	Validity	Valid
*.ninavonc.de Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-27`	a year	crt.sh
app.usercentrics.eu GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
api.usercentrics.eu GTS CA 1D4	`2021-08-29` - `2021-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
aggregator.service.usercentrics.eu GTS CA 1D4	`2021-08-18` - `2021-11-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
graphql.usercentrics.eu GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
smct.co Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
www.lacmp.net R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-06` - `2021-10-04`	3 months	crt.sh
ad-srv.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
redintelligence.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
usemaxserver.de Sectigo RSA Domain Validation Secure Server CA	`2021-06-09` - `2022-07-10`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
usemax.de Sectigo RSA Domain Validation Secure Server CA	`2019-11-04` - `2021-11-07`	2 years	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon	`2021-07-07` - `2022-08-05`	a year	crt.sh
firehose.eu-west-1.amazonaws.com Amazon	`2021-08-10` - `2022-08-03`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.ninavonc.de/
Frame ID: E1F66D066FBD9D3EB3F700CC19868ECF
Requests: 56 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
Frame ID: B7A1373E021A6786148D16DE1F6BC21A
Requests: 18 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 2564070A987C7259A4D2A5A20438D17F
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1
Frame ID: A08BFB8A74C645F6752F52661927F035
Requests: 15 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1
Frame ID: 5F72383483D7645E58089387D75CF5BB
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/ud8bgp9p.js
Frame ID: 7C5E8A314FE65BCDA9A9B0134B692BF2
Requests: 4 HTTP requests in this frame

Frame: https://d31bfnnwekbny6.cloudfront.net/customers/17832.html
Frame ID: B82BC9917EFE596C9D0DF9C33D5377F3
Requests: 1 HTTP requests in this frame

Frame: https://www.usemaxserver.de/rt.php?campaign_id=37516&iframe=1&ext_domain=1&place=1&product_id=&checkout_amount=&checkout_order_id=&referrer=&host=www.ninavonc.de&loc=https%3A%2F%2Fwww.ninavonc.de%2F&iframe=1&k0=0&ci=
Frame ID: 3C6C10B82A52FD79C86ACECBAF1E8AF8
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5E33A06AC948D237ADE2B1378CCF5D4E
Requests: 1 HTTP requests in this frame

Frame: https://6837390.fls.doubleclick.net/activityi;dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026
Frame ID: 1CE5EE0CC38B06565F9C0ED3E71D2C0D
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5680784466722.14
Frame ID: B548CA795B25F57CA1069A558F2F4C45
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936397293915.0464
Frame ID: F0FD6A3D8E6A2FB6413937D18EEB4323
Requests: 2 HTTP requests in this frame

Frame: https://6635505.fls.doubleclick.net/activityi;dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: 2BA1C5A17BD5F79A25AE1BC2F995F320
Requests: 2 HTTP requests in this frame

Frame: https://6635505.fls.doubleclick.net/activityi;dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: 60ABF73B6E279FD6264543BDFC9944C8
Requests: 2 HTTP requests in this frame

Frame: https://www.usemax.de/rt.php?ext_i=3582876582
Frame ID: EDC0ADE5E7C3281C0378455645DA4D94
Requests: 1 HTTP requests in this frame

Frame: https://smct.co/lse1.0.html
Frame ID: E60F48812E7F14AF72AB36428756720B
Requests: 1 HTTP requests in this frame

Frame: https://smct.co/lse1.0.html
Frame ID: 83FE6DE63849E3AD949DBE51B118E328
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BHs, Slips, Panty, String, Tops oder Hemdchen | Nina von C.Usercentrics Consent Management Platform Logo

Page URL History Show full URLs

https://tracking.ninavonc.de/ HTTP 302
http://www.ninavonc.de/ HTTP 301
https://www.ninavonc.de/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

100 %
HTTPS

0 %
IPv6

26
Domains

46
Subdomains

37
IPs

5
Countries

2686 kB
Transfer

7007 kB
Size

32
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ninavonc.eu/
Title: Company

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ninavonc_official

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ninavonc.underwear

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Nina-von-C-677593539054860/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ninavoncalbstadt

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ninavonc_official/

Search URL Search Domain Scan URL

URL: https://www.primefashionads.com/de/partner/programme/1294/

Search URL Search Domain Scan URL

URL: https://usercentrics.com/?utm_source=cmp&utm_medium=powered_by
Title: Usercentrics Consent Management Platform Logo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tracking.ninavonc.de/ HTTP 302
http://www.ninavonc.de/ HTTP 301
https://www.ninavonc.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 64

https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1

Request Chain 65

https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent= HTTP 302
https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1

Request Chain 78

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 79

https://6837390.fls.doubleclick.net/activityi;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026 HTTP 302
https://6837390.fls.doubleclick.net/activityi;dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026

Request Chain 80

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5680784466722.14 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5680784466722.14

Request Chain 81

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936397293915.0464 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936397293915.0464

Request Chain 86

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 87

https://ad.doubleclick.net/ddm/activity/src=9858635;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=2991420244049.596 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9858635;dc_pre=CI3v9u-9m_MCFVEYGwodOh0Piw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=2991420244049.596 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CI3v9u-9m_MCFVEYGwodOh0Piw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=2991420244049.596

Request Chain 88

https://6635505.fls.doubleclick.net/activityi;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://6635505.fls.doubleclick.net/activityi;dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 89

https://6635505.fls.doubleclick.net/activityi;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://6635505.fls.doubleclick.net/activityi;dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 91

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C0%7CNinavonC._0&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7CNinavonC._0&ADFdivider=|

Request Chain 92

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C1%7CNinavonC._1&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C1%7CNinavonC._1&ADFdivider=|

Request Chain 95

https://track.adform.net/Serving/TrackPoint/?pm=1481813&ADFPageName=Retargeting%20All&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1481813&ADFPageName=Retargeting%20All&ADFdivider=|

123 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ninavonc.de/
Redirect Chain

https://tracking.ninavonc.de/
http://www.ninavonc.de/
https://www.ninavonc.de/

50 KB
11 KB

93ms
65ms

Document
text/html

194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ninavonc.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),

Reverse DNS

sammelfrontend.pl2.spacenet.de

Software

Apache /

Resource Hash

505637c5f9aaee6cfd1c047982bfbb260b5c7d99c7b85e030a447a9d1bde8570

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.ninavonc.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src https: 'unsafe-inline' 'unsafe-eval'
set-cookie: NinaVonCSID=72f3f610e3da6f88375f46aa0ee9b636; expires=Mon, 27-Sep-2021 01:26:16 GMT; Max-Age=86400; path=/; domain=www.ninavonc.de; secure; HttpOnly SIDshopserver=app3; path=/; Secure
vary: Accept-Encoding
content-encoding: gzip
content-length: 10699
content-type: text/html; charset=utf-8

Redirect headers

date: Sun, 26 Sep 2021 01:26:16 GMT
server: Apache
location: https://www.ninavonc.de/
content-length: 232
content-type: text/html; charset=iso-8859-1
set-cookie: SIDshopserver=app3; path=/; Secure
cache-control: private

GET
H2 200 main.js Show response
app.usercentrics.eu/latest/ 26 KB
9 KB 64ms
17ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/latest/main.js

Requested by

Host: www.ninavonc.de
URL: https://www.ninavonc.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

49958c1a45bfd46c8a02c8b5bb265b5392830f3d32ce509a437e1c7f2f721a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 19:59:46 GMT
content-encoding: gzip
x-goog-meta-version: 2.12.0
age: 19590
x-guploader-uploadid: ADPycdvUhp-IsjgqvuOWNrg2_jw-q8MyN1BW_HQ9XJ_CLCBszoCusFyXwIc5zqG6ij2ewIr7rLtYKukNLVzEl1U6ZCs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8306
last-modified: Mon, 09 Aug 2021 11:42:03 GMT
server: UploadServer
etag: "2975273afaf3d018bcc8c2f0499488f0"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=4C0Oag==, md5=KXUnOvrz0Bi8yMLwSZSI8A==
x-goog-generation: 1628509323365197
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400, no-transform
x-goog-stored-content-length: 8306
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Sep 2021 19:59:46 GMT

GET
H2 200 fonts.css
images3.ninavonc.de/fonts/ 4 KB
721 B 54ms
22ms Stylesheet
text/css 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://images3.ninavonc.de/fonts/fonts.css
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: c205af8713074107208ad76ddeaabf980f40d8b9f98e2c532eadb6ed383e9665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 00:24:00 GMT
via: 1.1 varnish (Varnish/5.1)
content-type: text/css
last-modified: Wed, 26 Apr 2017 09:50:19 GMT
server: Apache
age: 3736
vary: Accept-Encoding
x-varnish: 167936430 160268801
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: gzip
expires: Tue, 26 Oct 2021 00:24:00 GMT

GET
H2 200 main.min.css
www.ninavonc.de/dist/styles/ 278 KB
52 KB 42ms
41ms Stylesheet
text/css 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ninavonc.de/dist/styles/main.min.css
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: b7fbb0f2b6be3ff6c73dd9dfd5ad2155cd0e3dc50f330884d7e09e6a6b2dd666

Request headers

:path: /dist/styles/main.min.css
pragma: no-cache
cookie: NinaVonCSID=72f3f610e3da6f88375f46aa0ee9b636; SIDshopserver=app3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ninavonc.de
referer: https://www.ninavonc.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 11:20:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 settings.css
images2.ninavonc.de/global-assets/cms/slider/5.4.7/assets/css/ 38 KB
11 KB 42ms
20ms Stylesheet
text/css 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://images2.ninavonc.de/global-assets/cms/slider/5.4.7/assets/css/settings.css
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: eb2ffac7bd025d687b9c0a334610a62f9ef509682ec5f07667bca2c7e76ef82a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:07:12 GMT
via: 1.1 varnish (Varnish/5.1)
content-type: text/css
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 1144
vary: Accept-Encoding
x-varnish: 165118511 161678137
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: gzip
expires: Tue, 26 Oct 2021 01:07:12 GMT

GET
H2 200 cms.min.css
www.ninavonc.de/dist/styles/ 53 KB
8 KB 29ms
28ms Stylesheet
text/css 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ninavonc.de/dist/styles/cms.min.css
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: f80f2760f11788ccad566fa2bc4a6badf82994150c5dfc2eff69a3ef9499d182

Request headers

:path: /dist/styles/cms.min.css
pragma: no-cache
cookie: NinaVonCSID=72f3f610e3da6f88375f46aa0ee9b636; SIDshopserver=app3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ninavonc.de
referer: https://www.ninavonc.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 11:20:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7674
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 modernizr.min.js Show response
www.ninavonc.de/dist/scripts/ 37 KB
38 KB 30ms
29ms Script
application/javascript 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ninavonc.de/dist/scripts/modernizr.min.js
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 302e8037d8fd07c42c15cb555d246d6a2a3dbaca6b0bed5360485743455123f1

Request headers

:path: /dist/scripts/modernizr.min.js
pragma: no-cache
cookie: NinaVonCSID=72f3f610e3da6f88375f46aa0ee9b636; SIDshopserver=app3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ninavonc.de
referer: https://www.ninavonc.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
last-modified: Tue, 31 Aug 2021 11:20:26 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 38359
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 nina-von-c_320x39.png
images1.ninavonc.de/ 3 KB
4 KB 56ms
24ms Image
image/png 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ninavonc.de/nina-von-c_320x39.png
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 14635c6c99973cc20cda016300033ff103cb8668871434c8a70d301de0f82ac6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:24:20 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Wed, 26 Apr 2017 11:25:41 GMT
server: Apache
age: 116
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 163381588 165642487
accept-ranges: bytes
content-length: 3531
expires: Tue, 26 Oct 2021 01:24:20 GMT

GET
H2 200 03_Slider.jpg
images3.ninavonc.de/cms/sites/8/2021/09/ 215 KB
215 KB 40ms
37ms Image
image/jpeg 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.ninavonc.de/cms/sites/8/2021/09/03_Slider.jpg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 114cd45e3825a4319e5e0e0ef1c04f3644ffbba41408032b1a17f22d86445e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Fri, 10 Sep 2021 11:04:28 GMT
server: Apache
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 167019277
accept-ranges: bytes
content-length: 219688
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 06_Teaser.jpg
images3.ninavonc.de/cms/sites/8/2021/09/ 80 KB
81 KB 48ms
45ms Image
image/jpeg 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.ninavonc.de/cms/sites/8/2021/09/06_Teaser.jpg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 04b0a41cc1e482e56addbee652d9d6c4373cf34e309ca5765ac5d6920543126f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Fri, 10 Sep 2021 11:04:30 GMT
server: Apache
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 165118513
accept-ranges: bytes
content-length: 82366
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 08_Teaser.jpg
images3.ninavonc.de/cms/sites/8/2021/09/ 59 KB
59 KB 55ms
52ms Image
image/jpeg 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.ninavonc.de/cms/sites/8/2021/09/08_Teaser.jpg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: c894222666e9bda7e2a0022e9cabe4729915d9ee5cfab66e3618c197d9632eeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Fri, 10 Sep 2021 11:04:32 GMT
server: Apache
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 168100503
accept-ranges: bytes
content-length: 60387
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 10_Teaser.jpg
images3.ninavonc.de/cms/sites/8/2021/09/ 62 KB
62 KB 39ms
36ms Image
image/jpeg 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.ninavonc.de/cms/sites/8/2021/09/10_Teaser.jpg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 76242032562cf31161d64291ffd55f21dfbf413b82674ef22dd9a83fa9977f1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Fri, 10 Sep 2021 11:04:33 GMT
server: Apache
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 163381585
accept-ranges: bytes
content-length: 63639
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 14_Teaser.jpg
images3.ninavonc.de/cms/sites/8/2021/09/ 161 KB
161 KB 47ms
45ms Image
image/jpeg 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.ninavonc.de/cms/sites/8/2021/09/14_Teaser.jpg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 31df296dd15b6d19369964a87ac91dc8a2307930fd20768ed0427020c0e1c7b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Fri, 10 Sep 2021 11:04:35 GMT
server: Apache
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 165282098
accept-ranges: bytes
content-length: 164863
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 16_Teaser.jpg
images3.ninavonc.de/cms/sites/8/2021/09/ 144 KB
145 KB 34ms
31ms Image
image/jpeg 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.ninavonc.de/cms/sites/8/2021/09/16_Teaser.jpg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 8a4d999062ab59a3601019775b8c924884425773839899cccb72a8c7a9cfc304

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Fri, 10 Sep 2021 11:04:37 GMT
server: Apache
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 165314896
accept-ranges: bytes
content-length: 147697
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 kar-x24.svg
images1.ninavonc.de/global-assets/payments/img/x24/ 5 KB
6 KB 56ms
24ms Image
image/svg+xml 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ninavonc.de/global-assets/payments/img/x24/kar-x24.svg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 6253908bd70c94b3432eab258b5a5bc52271eb94d53a9ea6516a9dbede2e3f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 0
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 165118516
accept-ranges: bytes
content-length: 5531
expires: Tue, 26 Oct 2021 01:26:17 GMT

GET
H2 200 vorkasse-x24.svg
images2.ninavonc.de/global-assets/payments/img/x24/ 7 KB
8 KB 19ms
16ms Image
image/svg+xml 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.ninavonc.de/global-assets/payments/img/x24/vorkasse-x24.svg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: ebab07ae2d325de05cfaf79c3822ac2eb7503eb1bfb2b96dac182d3d10668a49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 23:32:02 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 6854
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 163381590 151617590
accept-ranges: bytes
content-length: 7673
expires: Mon, 25 Oct 2021 23:32:02 GMT

GET
H2 200 paypal-x24.svg
images2.ninavonc.de/global-assets/payments/img/x24/ 4 KB
4 KB 21ms
18ms Image
image/svg+xml 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.ninavonc.de/global-assets/payments/img/x24/paypal-x24.svg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 9e384ad8395b62f70f542c41a1277053531cd37a983bfd182749427c40666e27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:25:13 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 63
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 168100506 168263994
accept-ranges: bytes
content-length: 3896
expires: Tue, 26 Oct 2021 01:25:13 GMT

GET
H2 200 mastercard-x24.svg
images1.ninavonc.de/global-assets/payments/img/x24/ 4 KB
4 KB 19ms
17ms Image
image/svg+xml 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ninavonc.de/global-assets/payments/img/x24/mastercard-x24.svg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: a3d95ae748751a4a7b587dc612924cbc2e9d7b9ec5c2b5b0e92bef231e93dd26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 23:37:08 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 6548
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 165118519 152436780
accept-ranges: bytes
content-length: 3940
expires: Mon, 25 Oct 2021 23:37:08 GMT

GET
H2 200 visa-x24.svg
images1.ninavonc.de/global-assets/payments/img/x24/ 2 KB
2 KB 20ms
18ms Image
image/svg+xml 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ninavonc.de/global-assets/payments/img/x24/visa-x24.svg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: d1f373371bd6643ba887dd0f0f5401a133ea797de42e80f13cc4536751f124de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 00:23:39 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 3757
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 168329339 158433534
accept-ranges: bytes
content-length: 2217
expires: Tue, 26 Oct 2021 00:23:39 GMT

GET
H2 200 amazon-pay-x24.svg
images1.ninavonc.de/global-assets/payments/img/x24/ 5 KB
5 KB 21ms
19ms Image
image/svg+xml 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ninavonc.de/global-assets/payments/img/x24/amazon-pay-x24.svg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 67e08395256b0427f89337900dc2ccc721523adfb275c65e1f738d9a92f5ce9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:25:16 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 60
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 165380268 163447221
accept-ranges: bytes
content-length: 4723
expires: Tue, 26 Oct 2021 01:25:16 GMT

GET
H2 200 dhl.svg
images1.ninavonc.de/global-assets/shippings/img/x24/ 1 KB
2 KB 16ms
12ms Image
image/svg+xml 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ninavonc.de/global-assets/shippings/img/x24/dhl.svg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 0c3a553b18e4ef0be468c6564b87bcf29d8c446d3d144f9e12656071b270e8b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:07:12 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 1144
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 165380270 161678145
accept-ranges: bytes
content-length: 1441
expires: Tue, 26 Oct 2021 01:07:12 GMT

GET
H2 200 primefashion_132x60.jpg
images3.ninavonc.de/global-assets/affiliate/assets/img/ 5 KB
5 KB 20ms
20ms Image
image/jpeg 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images3.ninavonc.de/global-assets/affiliate/assets/img/primefashion_132x60.jpg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: d4f7078661521e468ca8214e4f94db38e5058b40cdefffe1e7b6572e35ff3dff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
via: 1.1 varnish (Varnish/5.1)
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-varnish: 161547436
accept-ranges: bytes
content-length: 4963
expires: Tue, 26 Oct 2021 01:26:17 GMT

GET
H2 200 jquery.min.js Show response
www.ninavonc.de/dist/scripts/ 87 KB
87 KB 21ms
21ms Script
application/javascript 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ninavonc.de/dist/scripts/jquery.min.js
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 33ae67cbb9b33172aaf79d819887880359753d274a8d4372d27e87f7f0debf4b

Request headers

:path: /dist/scripts/jquery.min.js
pragma: no-cache
cookie: NinaVonCSID=72f3f610e3da6f88375f46aa0ee9b636; SIDshopserver=app3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ninavonc.de
referer: https://www.ninavonc.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
last-modified: Tue, 31 Aug 2021 11:20:26 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 88708
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 plugins.min.js Show response
www.ninavonc.de/dist/scripts/ 114 KB
114 KB 21ms
21ms Script
application/javascript 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ninavonc.de/dist/scripts/plugins.min.js
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 260307541e1674838c63f9d7a4922e1176fac1f8199436b8f777cb69b34500e6

Request headers

:path: /dist/scripts/plugins.min.js
pragma: no-cache
cookie: NinaVonCSID=72f3f610e3da6f88375f46aa0ee9b636; SIDshopserver=app3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ninavonc.de
referer: https://www.ninavonc.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
last-modified: Tue, 31 Aug 2021 11:20:26 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 116835
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 jquery.themepunch.tools.min.js Show response
images2.ninavonc.de/global-assets/cms/slider/5.4.7/assets/js/ 108 KB
43 KB 32ms
29ms Script
text/javascript 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://images2.ninavonc.de/global-assets/cms/slider/5.4.7/assets/js/jquery.themepunch.tools.min.js
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 9a865189efd70c8f19439a428e6da65a64296fb2fff2fdee604f654e671c9f72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
via: 1.1 varnish (Varnish/5.1)
content-type: text/javascript
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 0
vary: Accept-Encoding
x-varnish: 163447355
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: gzip
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 jquery.themepunch.revolution.min.js Show response
images1.ninavonc.de/global-assets/cms/slider/5.4.7/assets/js/ 63 KB
21 KB 61ms
28ms Script
text/javascript 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://images1.ninavonc.de/global-assets/cms/slider/5.4.7/assets/js/jquery.themepunch.revolution.min.js
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 21635b2c5730c4023c7fde3ae9ac6d40ec36aebbae1013bd4e1f52fe498c1ead

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
via: 1.1 varnish (Varnish/5.1)
content-type: text/javascript
last-modified: Tue, 10 Aug 2021 09:24:54 GMT
server: Apache
age: 0
vary: Accept-Encoding
x-varnish: 167936432
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: gzip
expires: Tue, 26 Oct 2021 01:26:17 GMT

GET
H2 200 main.min.js Show response
www.ninavonc.de/dist/scripts/ 12 KB
12 KB 27ms
24ms Script
application/javascript 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ninavonc.de/dist/scripts/main.min.js
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 7f86954a0212278ef87cdda1efc4339f8a0a7b5e9b3d222aa57a9a4c68debf84

Request headers

:path: /dist/scripts/main.min.js
pragma: no-cache
cookie: NinaVonCSID=72f3f610e3da6f88375f46aa0ee9b636; SIDshopserver=app3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ninavonc.de
referer: https://www.ninavonc.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:16 GMT
last-modified: Tue, 31 Aug 2021 11:20:26 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 12216
expires: Tue, 26 Oct 2021 01:26:16 GMT

GET
H2 200 bundle.js Show response
app.usercentrics.eu/latest/ 1 MB
259 KB 19ms
17ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/latest/bundle.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8a26b07ff11420141f850cd68241fa5faf912583ae0b374d29bd5b1b78e26b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 22:09:37 GMT
content-encoding: gzip
x-goog-meta-version: 2.12.0
age: 11799
x-guploader-uploadid: ADPycduuvR6jrQfPDD_w92YFKe7TS9O8l836QvytkwOcE_mrUXIYJmCeeSMfHU53q54r9bh-C623kFp400bGi3iSrspiWzYKXw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 264611
last-modified: Mon, 09 Aug 2021 11:42:03 GMT
server: UploadServer
etag: "a27b9c4c119c1861d20e72ae03942cc7"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=wtgTuw==, md5=onucTBGcGGHSDnKuA5Qsxw==
x-goog-generation: 1628509323345935
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400, no-transform
x-goog-stored-content-length: 264611
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Sep 2021 22:09:37 GMT

GET
H2 200 zM3RMZUjVGU Show response
www.youtube.com/embed/ Frame B7A1 57 KB
25 KB 91ms
48ms Document
text/html 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Requested by

Host: www.ninavonc.de
URL: https://www.ninavonc.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

a38387f31771679b3a3751bce8669553b3897f85de8de9058ad3d5239b0c3ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ninavonc.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 26 Sep 2021 01:26:17 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=20fjBqijt9A; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=EAkq4TdBaM4; Domain=.youtube.com; Expires=Fri, 25-Mar-2022 01:26:17 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ninavonc.woff2
images3.ninavonc.de/fonts/ 5 KB
5 KB 43ms
13ms Font
application/octet-stream 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://images3.ninavonc.de/fonts/ninavonc.woff2
Requested by: Host: images3.ninavonc.de
URL: https://images3.ninavonc.de/fonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 5050b7448761753e8744f15eaab2d14b2ae79b8efff5ecc130ad105b48b900b0

Request headers

Referer: https://images3.ninavonc.de/fonts/fonts.css
Origin: https://www.ninavonc.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 00:23:39 GMT
via: 1.1 varnish (Varnish/5.1)
content-type: text/plain
last-modified: Thu, 13 Sep 2018 10:57:23 GMT
server: Apache
age: 3757
vary: Accept-Encoding
x-varnish: 165118521 156762835
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: gzip
expires: Tue, 26 Oct 2021 00:23:39 GMT

GET
H2 200 playfairdisplay-regular-webfont.woff2
images3.ninavonc.de/fonts/ 31 KB
31 KB 43ms
14ms Font
application/octet-stream 194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://images3.ninavonc.de/fonts/playfairdisplay-regular-webfont.woff2
Requested by: Host: images3.ninavonc.de
URL: https://images3.ninavonc.de/fonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Munich, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 7c9dfe985977251dc81c7a1a6695e3dd3091073ddf80b1a93d70a7248cad2b10

Request headers

Referer: https://images3.ninavonc.de/fonts/fonts.css
Origin: https://www.ninavonc.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:25:43 GMT
via: 1.1 varnish (Varnish/5.1)
content-type: text/plain
last-modified: Wed, 26 Apr 2017 09:36:36 GMT
server: Apache
age: 33
vary: Accept-Encoding
x-varnish: 168329341 168100471
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: gzip
expires: Tue, 26 Oct 2021 01:25:43 GMT

GET
H2 200 de.json Show response
api.usercentrics.eu/settings/Sm566o6Rq/latest/ 26 KB
8 KB 85ms
37ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/Sm566o6Rq/latest/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

3c5091266798b1ab6280ae9907f7565f138d08516858ea73c85ea81f7897e056

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvw31QscwR29rCxulZsqk-IdOgaBV8X-6SDWEl1uKzyYXlOh-LizXk1_x32vOeLWyCUL4xDKivpNNAwwZQymOY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 7804
last-modified: Fri, 24 Sep 2021 10:36:25 GMT
server: UploadServer
etag: "ed5f1b0b3680c33bd9fcf7270fc82aa7"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=yGMoAg==, md5=7V8bCzaAwzvZ/PcnD8gqpw==
x-goog-generation: 1632479785694173
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 7804
accept-ranges: bytes
content-type: application/json
expires: Sun, 26 Sep 2021 01:26:27 GMT

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
840 B 16ms
16ms Image
image/png 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=Sm566o6Rq

Requested by

Host: www.ninavonc.de
URL: https://www.ninavonc.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:14:00 GMT
content-encoding: gzip
age: 737
x-guploader-uploadid: ADPycdsu3g8zfA0yyvROtX2kG8KhxnhP3kmjPS-57E4k6mLP1qhMKwEVBRrnePHSg9cGRDSSm5yTa3BueHT0wAMo30I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
strict-transport-security: max-age=7776000
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
x-goog-generation: 1588928773413784
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Sep 2021 01:44:00 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/d82ca80e/ Frame B7A1 330 KB
46 KB 8ms
6ms Stylesheet
text/css 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

98246f79b1495fa4d547fc6bdff6a3de6cf8064d5cb9e5d877adee9171a7f99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46472
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:28:43 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/ Frame B7A1 201 KB
66 KB 25ms
24ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

045fd4ce57343257588e028026d314db88e7cc03aa84ec98ead1197bafe8c598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67318
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:28:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame B7A1 2 MB
507 KB 11ms
10ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

8ac79395ad2c8c0efaf5a734544089eab4a8dce163f3b97f86d08921df5faafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 518228
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:37:40 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/ Frame B7A1 8 KB
3 KB 22ms
22ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:28:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B7A1 15 KB
15 KB 33ms
6ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 09:07:47 GMT
x-content-type-options: nosniff
age: 404310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 09:07:47 GMT

GET
H2 200 de Show response
aggregator.service.usercentrics.eu/aggregate/ 58 KB
9 KB 40ms
7ms Fetch
application/json 34.120.28.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aggregator.service.usercentrics.eu/aggregate/de?templates=HJI5SmLm7@4.0.18,H1Vl5NidjWX@40.16.37,B1-UecVodj-7@5.2.0,vVYl9VVLK@1.0.0,S1pcEj_jZX@21.8.3,S1_9Vsuj-Q@15.7.10,BJCc9EouiZm@5.3.2,rJ6D5Eous-Q@12.5.1,HJrGqEs_i-Q@7.2.6,euTxF4hQ@2.0.0,ko1w5PpFl@23.11.14,Hko_qNsui-Q@14.4.15,BJ59EidsWQ@25.6.24,HkocEodjb7@52.11.30,BkeKqEjuoZQ@9.3.5,eWpJcUPjz@1.0.0,B1SI9Nsus-Q@8.5.2,HJxLc4odiWQ@10.3.1,SkL3gqEiujbX@5.2.0,HkPv9Es_jbQ@6.2.0,g4cu7oq5C@6.3.1

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.28.121 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

121.28.120.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

e3ce8b6e55aaa9a9202e75c7299da80bfdb23ee0fda770ce88d5f5d9daed899a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 15:58:22 GMT
content-encoding: br
server: Google Frontend
age: 34075
etag: "1hhis70"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: bf4b23e08dbccaf829457551b82523c0
cache-control: public,max-age=86400
strict-transport-security: max-age=7776000
alt-svc: clear
content-length: 8917
via: 1.1 google

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B7A1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

43ms
22ms

XHR
application/json

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

8f328d8f29364a94f8ab9e5b94c85e649a72e6816f6da252520ef59a69cc8dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B7A1 29 B
609 B 82ms
14ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:21:50 GMT
x-content-type-options: nosniff
age: 267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 Sep 2021 01:36:50 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame B7A1 95 KB
29 KB 9ms
8ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

62b97aca219dc9aa7b073a1871afc7e9af2f5beea5df283c94841f53a264042c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29952
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:37:40 GMT

GET
H2 200 EhtG_94iehnKzbpb0ZP_cXwu_teREljuRPBK4VQXoHY.js Show response
www.google.com/js/th/ Frame B7A1 34 KB
13 KB 57ms
17ms Script
text/javascript 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EhtG_94iehnKzbpb0ZP_cXwu_teREljuRPBK4VQXoHY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

sffe /

Resource Hash

121b46ffde227a19cacdba5bd193ff717c2efed7911258ee44f04ae15417a076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13037
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 24 Sep 2022 13:45:56 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame B7A1 25 KB
7 KB 8ms
7ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

5cf2d602e6a7b16bf2a0b1866e945e014d8d08ecb9603a36943b8da90499a96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7358
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:39:36 GMT

GET
DATA 200
OK truncated
/ Frame B7A1 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSivvrswgn3EEvqGiCluA8USe9cxnkKG5WSByV0=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B7A1 1 KB
2 KB 91ms
30ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSivvrswgn3EEvqGiCluA8USe9cxnkKG5WSByV0=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

fife /

Resource Hash

48303509dff674232a432fa318ade5a96ebd717d7f882b3b3506f485990ed9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
server: fife
etag: "v6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 09:10:18 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/zM3RMZUjVGU/ Frame B7A1 58 KB
58 KB 58ms
17ms Image
image/webp 142.250.185.118
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/zM3RMZUjVGU/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.118 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f22.1e100.net

Software

sffe /

Resource Hash

ab34cdf9289a972cb6938fa868db57c63334b35e4dda6b161edcf6c398e289e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 23:48:50 GMT
x-content-type-options: nosniff
age: 5847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59018
x-xss-protection: 0
server: sffe
etag: "1620038995"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 26 Sep 2021 01:48:50 GMT

OPTIONS
H2 204 graphql
graphql.usercentrics.eu/ Frame 0
0 46ms
9ms Preflight 34.120.238.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Protocol: H2
Server: 34.120.238.166 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.238.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Origin: https://www.ninavonc.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: clear

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
63 KB 60ms
37ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPZ2BTR

Requested by

Host: www.ninavonc.de
URL: https://www.ninavonc.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0548899f470a3afb67e3030754d1b834728e98c6043f4c112347356f18bd9e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64062
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Sep 2021 01:26:17 GMT

POST
H2 200 graphql Show response
graphql.usercentrics.eu/ 1 KB
815 B 12ms
11ms Fetch
application/json 34.120.238.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.238.166 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.238.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: dc900160cbd1b98f8756dbed47e23c6cb135ea09c607795c710fbc5f869f828f

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://www.ninavonc.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Request-ID: c99a3f67-a7ae-4fab-8237-9d332f409cc9
Content-Type: application/json

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
etag: W/"535-hWmDW5hB7duowk9r2pG3/fkwFLE"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B7A1 4 KB
3 KB 46ms
24ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Sun, 26 Sep 2021 01:26:17 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame B7A1 0
9 B 8ms
6ms Image
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?YfjKzg
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame B7A1 52 KB
15 KB 34ms
13ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 14:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15346
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 17:05:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Sun, 26 Sep 2021 14:49:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPZ2BTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2057
date: Sun, 26 Sep 2021 00:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 26 Sep 2021 02:52:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 39ms
16ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPZ2BTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

936790ccabd26acddebd039c54120623734e2aa82310def49cc535912338fc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14166
x-xss-protection: 0
server: cafe
etag: 5348393372526461885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Sep 2021 01:26:17 GMT

GET
H/1.1 200
OK / Show response
smct.co/tm/ 23 KB
7 KB 160ms
43ms Script
application/javascript 52.31.175.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smct.co/tm/?t=ninavonc.de
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPZ2BTR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-22.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 37e5636d5373bd872f7a8e465e91e13009eae47d2150a3729405057f6842da06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: cache
Date: Sun, 26 Sep 2021 01:26:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=900
Connection: keep-alive
Content-Length: 7188
Expires: Sun, 26 Sep 2021 01:41:17 GMT

GET
H2 200 lila.js Show response
www.lacmp.net/ 16 KB
5 KB 41ms
8ms Script
application/javascript 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lacmp.net/lila.js

Requested by

Host: www.ninavonc.de
URL: https://www.ninavonc.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 13:24:42 GMT
server: nginx
etag: W/"5f7c701a-3f97"
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 21ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ninavonc.de
URL: https://www.ninavonc.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: fkwSR3FR8ovdLmGQKJOXkXG/CD1gc8HfoMQmugSdNIX2eDe7Mf7pXjs8H5GGUp5irGr+FYmM9BzworcoIQ8+AA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 26 Sep 2021 01:26:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 188892518382566 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 74ms
66ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/188892518382566?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

93a96419235accd6cc94bc3de8bde70bafa9ea5a29922bac1bdc2ecd9da4a92b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: dJHlSJAqWWooXQL+3UqODM0ltROiHoT8PZKJOHhIx8DJxRdvg1qPrSMK2Zi64YJPdIwQab+uGKagfLWH5bpjCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 26 Sep 2021 01:26:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
461 B 72ms
23ms XHR
text/plain 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-37652826-1&cid=1975541607.1632619578&jid=1309252752&gjid=1292290268&_gid=1769573763.1632619578&_u=YGBAgAABAAAAAE~&z=411320119

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ninavonc.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Sep 2021 01:26:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.ninavonc.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
7ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1832958947&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ninavonc.de%2F&ul=en-us&de=UTF-8&dt=BHs%2C%20Slips%2C%20Panty%2C%20String%2C%20Tops%20oder%20Hemdchen%20%7C%20Nina%20von%20C.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1309252752&gjid=1292290268&cid=1975541607.1632619578&tid=UA-37652826-1&_gid=1769573763.1632619578&gtm=2wg9m0PPZ2BTR&z=1414437531

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:19:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72418
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/995957869/ 2 KB
1 KB 28ms
28ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/995957869/?random=1632619577621&cv=9&fst=1632619577621&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ninavonc.de%2F&tiba=BHs%2C%20Slips%2C%20Panty%2C%20String%2C%20Tops%20oder%20Hemdchen%20%7C%20Nina%20von%20C.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

97c0d53a4eb0bfaf76774e440f5035670610079f6da444ab9f6d3c83403400aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 2564 0
455 B 74ms
18ms Document
text/html 74.125.140.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bid.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=KAE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ninavonc.de/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnILn11Y86FePCe-bYAcE3-5iM2KIDKF3wqNqk8JyA8bTZqcUPDdOJAt2Oo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 26 Sep 2021 01:26:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lila.php Show response
www.lacmp.net/ 16 KB
4 KB 30ms
15ms XHR
text/html 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lacmp.net/lila.php?id=poIjopSKjTjiMi8tAvjL&url=https%3A%2F%2Fwww.ninavonc.de%2F&frameit=1&place=1

Requested by

Host: www.lacmp.net
URL: https://www.lacmp.net/lila.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

b6089fde4ff3747d502336b07b6a33215318b107bded6a4635a1e1d34b6232ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 /
www.google.com/pagead/1p-user-list/995957869/ 42 B
64 B 36ms
19ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/995957869/?random=1632619577621&cv=9&fst=1632618000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ninavonc.de%2F&tiba=BHs%2C%20Slips%2C%20Panty%2C%20String%2C%20Tops%20oder%20Hemdchen%20%7C%20Nina%20von%20C.&async=1&fmt=3&is_vtc=1&random=4145848272&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set retarget Show response
ad.ad-srv.net/ Frame A08B
Redirect Chain

https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=
https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1

9 KB
1 KB

48ms
27ms

Document
text/html

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2101a68c52780c559f7dcba4bdf2055ae84d354c8ccdbf8a91e96a7d8096b2ba

Request headers

Host: ad.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ninavonc.de/
Accept-Encoding: gzip, deflate, br
Cookie: kdb0xdq3ls8m_uid=f9d682a9e1d378e2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: kdb0xdq3ls8m_uid=f9d682a9e1d378e2; expires=Sat, 25-Dec-2021 01:26:17 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 978
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: kdb0xdq3ls8m_uid=f9d682a9e1d378e2; expires=Sat, 25-Dec-2021 01:26:17 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Location: ?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Cookie set retarget Show response
hal9000.redintelligence.net/ Frame 5F72
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=
https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1

4 KB
1 KB

58ms
37ms

Document
text/html

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 477cb6132d1773cae0d204db2808dd0cb56176d36a8aa98819d25e83d7ff563a

Request headers

Host: hal9000.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ninavonc.de/
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=065b1cbd5b86b710
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=065b1cbd5b86b710; expires=Sat, 25-Dec-2021 01:26:17 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 970
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=065b1cbd5b86b710; expires=Sat, 25-Dec-2021 01:26:17 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: ?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 ud8bgp9p.js Show response
ad4m.at/ Frame 7C5E 36 KB
13 KB 118ms
63ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/ud8bgp9p.js
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba7f2ffdb82a03f146b09ef5b7372ecaee3e5c7dc50d0e48ecde7a7d700b07fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=Bg9dig==, md5=jcydW3jNZ3UdjmHIcpDIAg==
date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsHDiuHKzw9JYJNqsvjSWUHg09LLcY6eXhrG51Qsku319101GW1BRoXKHt4kXvnWwZv-Fcg2achnx12ZYHipQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:17:41 GMT
server: cloudflare
etag: W/"8dcc9d5b78cd67751d8e61c87290c802"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHJ%2FyySIoa5p%2FuJPoZmcSxU5JHEUN%2BYWr94oc3xCn0JON66MSBVsjq7s%2Byk3sZ4Z0Sb5bmj9kliB6dp4NB9sD2rTrgmgea6gD4vdIoY8YaQ4l2LuQjabEvs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1631078261007046
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12221
cf-ray: 6948b408dfe2411a-PRG
expires: Sun, 26 Sep 2021 01:26:17 GMT

GET
H/1.1 200
OK d.php Show response
www.usemaxserver.de/ Frame 7C5E 1 KB
1 KB 92ms
17ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/d.php?campaign_id=37516&ext_domain=1&rt=1&place=1&cachebuster=1632619577&gdpr=0&gdpr_consent=
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Lübeck, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: 3766c4aff6cb7cf2724fd57b540830f1471eb27450c91926d922fcad7f24fd4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Sep 2021 01:26:17 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=3, max=70
Content-Length: 605
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
18ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-37652826-1&cid=1975541607.1632619578&jid=1309252752&_u=YGBAgAABAAAAAE~&z=1405994252

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 22ms
6ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=188892518382566&ev=PageView&dl=https%3A%2F%2Fwww.ninavonc.de%2F&rl=&if=false&ts=1632619577740&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632619577739.2069109244&it=1632619577601&coo=false&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 26 Sep 2021 01:26:17 GMT

HEAD
H2 200 csp.js Show response
js.smct.io/csp/ 0
564 B 65ms
22ms XHR
text/html 104.22.58.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/csp/csp.js
Requested by: Host: smct.co
URL: https://smct.co/tm/?t=ninavonc.de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
via: 1.1 cf515c02569c487b713286bcf353f909.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1365139
x-cache: Hit from cloudfront
content-type: text/html
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 23 Oct 2019 09:31:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=2678400
x-amz-cf-pop: HAM50-C3
cf-ray: 6948b4093c955c98-FRA
x-amz-cf-id: BUuE4yYMRwAdL__nFUXbKKjI-0BOGv4hWaf4Im2oGI4dGjXsPJevhw==

GET
H/1.1 200
OK 17832.html Show response
d31bfnnwekbny6.cloudfront.net/customers/ Frame B82B 0
556 B 170ms
125ms Document
text/html 13.224.193.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31bfnnwekbny6.cloudfront.net/customers/17832.html
Requested by: Host: www.ninavonc.de
URL: https://www.ninavonc.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-40.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: d31bfnnwekbny6.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ninavonc.de/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 21 Sep 2021 18:11:19 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Edge-Origin-Shield-Skipped: 0
Date: Sun, 26 Sep 2021 01:26:18 GMT
Cache-Control: max-age=3600
Expires: Sat, 25 Sep 2021 19:11:17 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
X-Cache: RefreshHit from cloudfront
Via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: 0HmcJ57MFf8pI0fbrbkQEtgvqUssDUooHWTjnmQxxE5tv8jMAjP-Gg==

GET
H/1.1 200
OK rt.php Show response
www.usemaxserver.de/ Frame 3C6C 1 KB
910 B 19ms
19ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/rt.php?campaign_id=37516&iframe=1&ext_domain=1&place=1&product_id=&checkout_amount=&checkout_order_id=&referrer=&host=www.ninavonc.de&loc=https%3A%2F%2Fwww.ninavonc.de%2F&iframe=1&k0=0&ci=
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=37516&ext_domain=1&rt=1&place=1&cachebuster=1632619577&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Lübeck, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: 1ed51abf454a8a6ab9d6e96e35a332808ca0dcbc1d8445271bce5bc69a0d3619

Request headers

Host: www.usemaxserver.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ninavonc.de/
Accept-Encoding: gzip, deflate, br
Cookie: um_rt=3582876582; ident_v=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 574
Keep-Alive: timeout=3, max=69
Connection: Keep-Alive
Content-Type: text/html

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5E33 2 KB
2 KB 42ms
25ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/ud8bgp9p.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ninavonc.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-type: text/html
x-guploader-uploadid: ABg5-Uwn3myKqNzKJaXHyUiZqbP8NSrxOcbkyaRD5NRgbFtq-4RIcqJ4vnL2qiKZKS--51-luBSbS_wwXQ-ancMVjw
expires: Sun, 26 Sep 2021 02:26:17 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 71620
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WY3YTBCNdvVsEYaT%2BH6CjpW3Fie7X983%2Bx7KTwYxd4R3Ml28bj%2BbhgeGGANVGhDEB6bE%2BmxUMo8GOgeTc9TGUfOL3S6%2BSTzLWvCi9BUfyz6t55xyhecbj7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6948b4096e2bf9e2-PRG
content-encoding: br

GET
H3 200 tag-v5.63.js Show response
js.smct.io/t/ 57 KB
20 KB 29ms
19ms Script
application/javascript 104.22.58.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/t/tag-v5.63.js
Requested by: Host: smct.co
URL: https://smct.co/tm/?t=ninavonc.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.58.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f4fe7d1edd047c5932c9d767795fd69b8890dc0a76c36e76025e2fd1db17fe2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 760435
cf-polished: origSize=58749
cf-ray: 6948b4096b454ed9-FRA
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Jul 2020 12:41:41 GMT
server: cloudflare
etag: W/"b27c484e4adc59fdd060f73734aba1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=2678400
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: eLU1QD8nUT5SbAx0kHom_UMbkEYTW3YnMesRlnMJg1qAgmLd08gAsQ==
cf-bgj: minify

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 5F72 597 B
1 KB 87ms
18ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1481526&mt_adid=238286&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master cdg-pixel-x8 config:1.0.1 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x8 config:1.0.1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Sun, 26 Sep 2021 01:26:16 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 5F72 597 B
1 KB 86ms
18ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406081&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master cdg-pixel-x31 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Sun, 26 Sep 2021 01:26:16 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 5F72 597 B
1 KB 98ms
30ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master cdg-pixel-x10 config:1.0.1 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x10 config:1.0.1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Sun, 26 Sep 2021 01:26:16 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 5F72
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

94ms
22ms

Script
application/x-javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:08 GMT
server: nginx
etag: W/"613888f4-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Sun, 26 Sep 2021 01:26:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3

200

activityi;dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026 Show response
6837390.fls.doubleclick.net/ Frame 1CE5
Redirect Chain

https://6837390.fls.doubleclick.net/activityi;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026?
https://6837390.fls.doubleclick.net/activityi;dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026?

392 B
348 B

88ms
65ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6837390.fls.doubleclick.net/activityi;dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

37a2c27e5d047886b0e3bd58530e3afc273c16d33b4264e5f4636403d5e515bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6837390.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnILn11Y86FePCe-bYAcE3-5iM2KIDKF3wqNqk8JyA8bTZqcUPDdOJAt2Oo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
expires: Sun, 26 Sep 2021 01:26:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 325
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6837390.fls.doubleclick.net/activityi;dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
5994599.fls.doubleclick.net/ Frame B548
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

453 B
384 B

38ms
38ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5680784466722.14?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

c74b1ca0ec73cbddb66c1982518bb04d4d844f2823c18597e42e1013858484cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5680784466722.14?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnILn11Y86FePCe-bYAcE3-5iM2KIDKF3wqNqk8JyA8bTZqcUPDdOJAt2Oo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
expires: Sun, 26 Sep 2021 01:26:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5680784466722.14?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7... Show response
5994599.fls.doubleclick.net/ Frame F0FD
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

457 B
391 B

31ms
31ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936397293915.0464?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

85005315915c463cbf9cdb377c771d7a00577f4c9adabd6e48a42e53e2998974

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936397293915.0464?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnILn11Y86FePCe-bYAcE3-5iM2KIDKF3wqNqk8JyA8bTZqcUPDdOJAt2Oo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
expires: Sun, 26 Sep 2021 01:26:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 368
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936397293915.0464?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tagging Show response
ad13.adfarm1.adition.com/ Frame A08B 7 B
311 B 34ms
11ms Script
application/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/tagging?type=js&network=3232&tag[Tags_20Days.ninavonc_de_20days]&gdpr=0&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 03:26:17 +0200
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 tagging Show response
ad13.adfarm1.adition.com/ Frame A08B 7 B
311 B 34ms
10ms Script
application/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/tagging?type=js&network=3232&tag[Tags_10Days.ninavonc_de_10days]&gdpr=0&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 03:26:17 +0200
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 tagging Show response
ad13.adfarm1.adition.com/ Frame A08B 7 B
311 B 35ms
11ms Script
application/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/tagging?type=js&network=3232&tag[Tags_3Days.ninavonc_de_3days]&gdpr=0&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 03:26:17 +0200
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 tagging Show response
ad13.adfarm1.adition.com/ Frame A08B 7 B
301 B 35ms
11ms Script
application/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/tagging?type=js&network=3232&tag[Tags_1Day.ninavonc_de_1day]&gdpr=0&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 03:26:17 +0200
server: ADITIONSERVER v1.0
content-type: application/javascript
content-length: 7
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame A08B
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

121ms
49ms

Script
application/x-javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:08 GMT
server: nginx
etag: W/"613888f4-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Sun, 26 Sep 2021 01:26:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2

200

src=9858635;dc_pre=CI3v9u-9m_MCFVEYGwodOh0Piw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=2991420244049.596
adservice.google.com/ddm/fls/z/ Frame A08B
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9858635;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=2991420244049.596?
https://ad.doubleclick.net/ddm/activity/src=9858635;dc_pre=CI3v9u-9m_MCFVEYGwodOh0Piw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord...
https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CI3v9u-9m_MCFVEYGwodOh0Piw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=...

42 B
515 B

41ms
18ms

Image
image/gif

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CI3v9u-9m_MCFVEYGwodOh0Piw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=2991420244049.596

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=46016&version=1&gdpr=0&gdpr_consent=&redirected=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9858635;dc_pre=CI3v9u-9m_MCFVEYGwodOh0Piw;type=invmedia;cat=t360m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=2991420244049.596
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Show response
6635505.fls.doubleclick.net/ Frame 2BA1
Redirect Chain

https://6635505.fls.doubleclick.net/activityi;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://6635505.fls.doubleclick.net/activityi;dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

379 B
334 B

66ms
66ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6635505.fls.doubleclick.net/activityi;dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Requested by

Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/rt.php?campaign_id=37516&iframe=1&ext_domain=1&place=1&product_id=&checkout_amount=&checkout_order_id=&referrer=&host=www.ninavonc.de&loc=https%3A%2F%2Fwww.ninavonc.de%2F&iframe=1&k0=0&ci=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

d4b1944efedd4800db2b698aba4f79b9008639fbe31a1ab8bfd64e52927244b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6635505.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.usemaxserver.de/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnILn11Y86FePCe-bYAcE3-5iM2KIDKF3wqNqk8JyA8bTZqcUPDdOJAt2Oo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
expires: Sun, 26 Sep 2021 01:26:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6635505.fls.doubleclick.net/activityi;dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 Show response
6635505.fls.doubleclick.net/ Frame 60AB
Redirect Chain

https://6635505.fls.doubleclick.net/activityi;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://6635505.fls.doubleclick.net/activityi;dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

380 B
336 B

54ms
54ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6635505.fls.doubleclick.net/activityi;dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

4c4fd20a3af02bdbaa2c590484887c8be220b8b629ac435d7087eb70fadce6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6635505.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.usemaxserver.de/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnILn11Y86FePCe-bYAcE3-5iM2KIDKF3wqNqk8JyA8bTZqcUPDdOJAt2Oo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
expires: Sun, 26 Sep 2021 01:26:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 26 Sep 2021 01:26:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6635505.fls.doubleclick.net/activityi;dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Cookie set rt.php Show response
www.usemax.de/ Frame EDC0 0
552 B 76ms
13ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemax.de/rt.php?ext_i=3582876582
Requested by: Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/rt.php?campaign_id=37516&iframe=1&ext_domain=1&place=1&product_id=&checkout_amount=&checkout_order_id=&referrer=&host=www.ninavonc.de&loc=https%3A%2F%2Fwww.ninavonc.de%2F&iframe=1&k0=0&ci=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Lübeck, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: www.usemax.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.usemaxserver.de/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/

Response headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Set-Cookie: um_rt=3582876582; expires=Mon, 26-Sep-2022 01:26:17 GMT; Max-Age=31536000; path=/; SameSite=None; domain=usemax.de; secure ident_v=1; expires=Mon, 26-Sep-2022 01:26:17 GMT; Max-Age=31536000; path=/; SameSite=None; domain=usemax.de; secure
Content-Length: 0
Keep-Alive: timeout=3, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame 3C6C
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C0%7CNinavonC._0&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7CNinavonC._0&ADFdivider=|

35 B
395 B

21ms
21ms

Image
image/gif

37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7CNinavonC._0&ADFdivider=|

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C0%7CNinavonC._0&ADFdivider=|
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame 3C6C
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=254281&ADFPageName=ALL%7CRT%7C1%7CNinavonC._1&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C1%7CNinavonC._1&ADFdivider=|

35 B
395 B

20ms
20ms

Image
image/gif

37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C1%7CNinavonC._1&ADFdivider=|

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.usemaxserver.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=254281&ADFPageName=ALL%7CRT%7C1%7CNinavonC._1&ADFdivider=|
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 MjE2LjEzMS4xMTQuNTQ= Show response
ipb.smct.io/check/2681/ 1 B
344 B 283ms
259ms XHR
application/json 104.22.58.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipb.smct.io/check/2681/MjE2LjEzMS4xMTQuNTQ=
Requested by: Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.63.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:18 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C1
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
last-modified: Wed, 13 Nov 2019 12:29:00 GMT
server: cloudflare
etag: "cfcd208495d565ef66e7dff9f98764da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6948b409cd525c98-FRA
x-amz-cf-id: TX-9Dv2XH6uEks4jPY5azAWco1ojs2fzekJTzRZYdJHDIPIUfoPlDg==

GET
H2 204 dst
as.ad4m.at/ad/ Frame 7C5E 0
423 B 55ms
30ms Image
text/plain 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=447&b=2&c=LOS4hwW8QHavR_gBCf3s24uBEp4yqg4k&e=20204&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fwww.ninavonc.de%2F

Requested by

Host: www.ninavonc.de
URL: https://www.ninavonc.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 6948b409e84c411a-PRG
expires: 0

GET
H2

200

/
track.adform.net/Serving/TrackPoint/ Frame 7C5E
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1481813&ADFPageName=Retargeting%20All&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1481813&ADFPageName=Retargeting%20All&ADFdivider=|

35 B
395 B

22ms
21ms

Image
image/gif

37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1481813&ADFPageName=Retargeting%20All&ADFdivider=|

Requested by

Host: www.ninavonc.de
URL: https://www.ninavonc.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1481813&ADFPageName=Retargeting%20All&ADFdivider=|
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 5F72 43 B
493 B 20ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=37682&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 01:26:17 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 26 Sep 2021 01:26:16 GMT

GET
H3 200 dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936...
adservice.google.com/ddm/fls/z/ Frame F0FD 42 B
63 B 32ms
18ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936397293915.0464

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKDE-e-9m_MCFUuYhQodvjYM0Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1936397293915.0464?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=568078...
adservice.google.com/ddm/fls/z/ Frame B548 42 B
63 B 18ms
17ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5680784466722.14

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_p-e-9m_MCFcdqGwodWPYLrQ;src=5994599;type=invmedia;cat=dbmij0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=5680784466722.14?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026
adservice.google.com/ddm/fls/z/ Frame 1CE5 42 B
63 B 18ms
17ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026

Requested by

Host: 6837390.fls.doubleclick.net
URL: https://6837390.fls.doubleclick.net/activityi;dc_pre=CJWb9--9m_MCFRHRGwodSqgK2A;src=6837390;type=invmedia;cat=n2e091ww;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4083113844531.7026?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6837390.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame 60AB 42 B
63 B 18ms
18ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: 6635505.fls.doubleclick.net
URL: https://6635505.fls.doubleclick.net/activityi;dc_pre=CPCy-u-9m_MCFQjjGwodPY4J7g;src=6635505;type=invmedia;cat=1n4iwqrw;u1=1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6635505.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame 2BA1 42 B
63 B 17ms
17ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: 6635505.fls.doubleclick.net
URL: https://6635505.fls.doubleclick.net/activityi;dc_pre=CLH2-e-9m_MCFQMuGwodnocJ3w;src=6635505;type=invmedia;cat=1n4iwqrw;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6635505.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 5F72 135 B
613 B 23ms
22ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1427724&ADFPageName=Nina%20von%20C%20I%20RT%20I%20DE%20-%20%2337682%20I%20ADF&ADFdivider=%7C&ord=250445828254&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D37682%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

37591158f847c9dd4f79b90b2bda1b5740653f74ff1b67083581abe2bd56248f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 207
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 5F72 111 B
592 B 20ms
20ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=37106808712&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D37682%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A08B 124 B
604 B 21ms
21ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2137902&ADFPageName=Nina%20von%20C%20DE%20RT%20T3%201Day&ADFdivider=%7C&ord=268058053782&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D46016%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1&gdpr=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f2f21e649d14981a2330c6c78113649c517b2f22a92ff4ed85ac4b05623d8227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 198
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A08B 126 B
605 B 19ms
19ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2137902&ADFPageName=Nina%20von%20C%20DE%20RT%20T3%2010Days&ADFdivider=%7C&ord=343377396428&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D46016%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1&gdpr=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

43b1b3f38131cbaf940fd111794f8f6c0855671584adf8d733454b12b8322a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 199
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A08B 143 B
618 B 19ms
19ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1450766&ADFPageName=Setup_Nina%20von%20C.%20%2F%20Prime%20Fashion%20Ads%201%20Day&ADFdivider=%7C&ord=28262982270&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D46016%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1&gdpr=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

62850a7ee30df9f293614c9da2697c2bd407e97981c657a583fc0928a4821878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 212
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A08B 145 B
619 B 23ms
22ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1450766&ADFPageName=Setup_Nina%20von%20C.%20%2F%20Prime%20Fashion%20Ads%2020%20Days&ADFdivider=%7C&ord=262288698924&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D46016%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1&gdpr=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d585910612de4f9df58b8a42bfa6e9dbe03cf32940038d033853c9b228527ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 213
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A08B 145 B
619 B 21ms
21ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1450766&ADFPageName=Setup_Nina%20von%20C.%20%2F%20Prime%20Fashion%20Ads%2010%20Days&ADFdivider=%7C&ord=570932488047&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D46016%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1&gdpr=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ba8316c2300d944ec48856755759b3b21d50fc097694ba078c546ce9d51990f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 213
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A08B 126 B
605 B 19ms
19ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2137902&ADFPageName=Nina%20von%20C%20DE%20RT%20T3%2020Days&ADFdivider=%7C&ord=833781363673&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D46016%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1&gdpr=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2781a169eab066ba504aafdb8638600c00a49540ffffeaceaca5b2527f5c5791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 199
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A08B 125 B
605 B 20ms
20ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2137902&ADFPageName=Nina%20von%20C%20DE%20RT%20T3%203Days&ADFdivider=%7C&ord=678492536265&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D46016%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1&gdpr=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

590f46c56c4c933e0c166931f5662cba75a0eb9cd06410aa89bc7ae86af18c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 199
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame A08B 144 B
619 B 21ms
21ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1450766&ADFPageName=Setup_Nina%20von%20C.%20%2F%20Prime%20Fashion%20Ads%203%20Days&ADFdivider=%7C&ord=815823514063&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.ninavonc.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D46016%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1&gdpr=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d19c93e9f287b721a06cd7340dc4e316ccf4a7cf64d445ea205d7b5144c8122c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 01:26:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 213
expires: -1

GET
H/1.1 200
OK lse1.0.html Show response
smct.co/ Frame E60F 422 B
605 B 29ms
29ms Document
text/html 52.31.175.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smct.co/lse1.0.html
Requested by: Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.63.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-22.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: dce009260c83128b674841cb92b03faf749468dceca09a813fdadd318c4bfbd2

Request headers

Host: smct.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ninavonc.de/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=7200, no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Sep 2021 01:26:18 GMT
Expires: Sun, 26 Sep 2021 01:26:18 GMT
Last-Modified: Thu, 17 Aug 2017 09:19:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 254
Connection: keep-alive

GET
H3 200 events-1.4.8.min.js Show response
js.smct.io/e/ 26 KB
10 KB 16ms
16ms Script
application/javascript 104.22.58.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.smct.io/e/events-1.4.8.min.js
Requested by: Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.63.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.58.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0758e371e8ff72d7b14491f38241f50dab6a0057f57e3ae2c0a47ec00871cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:18 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1655440
cf-ray: 6948b40b7d864ed9-FRA
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 29 Oct 2019 15:56:56 GMT
server: cloudflare
etag: W/"8369a9ad8a10725a8d9c9b44670d8b53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=2678400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: IVwWb_IPDKSfg9LTJHTnGiNNHZ1sHJZXK2MDmPvst3YZGE20fK6VbQ==

GET
H/1.1 200
OK lse1.0.html Show response
smct.co/ Frame 83FE 422 B
605 B 33ms
29ms Document
text/html 52.31.175.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smct.co/lse1.0.html
Requested by: Host: js.smct.io
URL: https://js.smct.io/e/events-1.4.8.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-22.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: dce009260c83128b674841cb92b03faf749468dceca09a813fdadd318c4bfbd2

Request headers

Host: smct.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ninavonc.de/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=7200, no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Sep 2021 01:26:18 GMT
Expires: Sun, 26 Sep 2021 01:26:18 GMT
Last-Modified: Thu, 17 Aug 2017 09:19:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 254
Connection: keep-alive

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 63 B
271 B 37ms
37ms XHR
application/x-amz-json-1.1 108.128.28.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.eu-west-1.amazonaws.com/
Requested by: Host: js.smct.io
URL: https://js.smct.io/e/events-1.4.8.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.28.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-28-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e348916c99a27a39f3b37209c277e9ef3914fa7c469fd09b98b25a8de78ff72b

Request headers

Referer: https://www.ninavonc.de/
X-AMZ-TARGET: AWSCognitoIdentityService.GetId
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Sun, 26 Sep 2021 01:26:18 GMT
content-type: application/x-amz-json-1.1
x-amzn-requestid: 04f0b54e-b683-4645-bd53-0072edb1afed
content-length: 63
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 116ms
30ms Preflight 108.128.28.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.eu-west-1.amazonaws.com/
Protocol: H2
Server: 108.128.28.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-28-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-amz-target
Origin: https://www.ninavonc.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 26 Sep 2021 01:26:18 GMT
content-length: 0
x-amzn-requestid: 0e0af36d-1e25-4452-b875-44e8dc5ea999
access-control-allow-origin: *
access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
6ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=188892518382566&ev=Microdata&dl=https%3A%2F%2Fwww.ninavonc.de%2F&rl=&if=false&ts=1632619578243&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BHs%2C%20Slips%2C%20Panty%2C%20String%2C%20Tops%20oder%20Hemdchen%20%7C%20Nina%20von%20C.%22%2C%22meta%3Adescription%22%3A%22Modische%20Unterw%C3%A4sche%20und%20Loungewear%20f%C3%BCr%20Frauen%20die%20das%20Leben%20genie%C3%9Fen!%20Entdecken%20Sie%20die%20gro%C3%9Fe%20Auswahl%20im%20Nina%20von%20C.%20Online%20Shop%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A50%2C%22w%22%3A1170%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FSiteNavigationElement%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.46&r=stable&ec=1&o=30&fbp=fb.1.1632619577739.2069109244&it=1632619577601&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ninavonc.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 01:26:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 26 Sep 2021 01:26:18 GMT

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 53ms
53ms XHR
application/x-amz-json-1.1 108.128.28.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.eu-west-1.amazonaws.com/
Requested by: Host: js.smct.io
URL: https://js.smct.io/e/events-1.4.8.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.28.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-28-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5bfa7c11e81d7c5187a03fce17d30d77fcc32f8200bddd01286b08883e5c23b3

Request headers

Referer: https://www.ninavonc.de/
X-AMZ-TARGET: AWSCognitoIdentityService.GetCredentialsForIdentity
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Sun, 26 Sep 2021 01:26:18 GMT
content-type: application/x-amz-json-1.1
x-amzn-requestid: ebc1cda7-be6f-43ca-b5d5-376079b8b646
content-length: 1760
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 30ms
30ms Preflight 108.128.28.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.eu-west-1.amazonaws.com/
Protocol: H2
Server: 108.128.28.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-28-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-amz-target
Origin: https://www.ninavonc.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 26 Sep 2021 01:26:18 GMT
content-length: 0
x-amzn-requestid: c0720ace-0ded-4af3-ad1b-d88aad7aea2e
access-control-allow-origin: *
access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800

OPTIONS
H/1.1 200
OK /
firehose.eu-west-1.amazonaws.com/ Frame 0
0 134ms
29ms Preflight 52.95.117.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.eu-west-1.amazonaws.com/
Protocol: HTTP/1.1
Server: 52.95.117.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Origin: https://www.ninavonc.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-amzn-RequestId: eb166c16-ab5b-b0d7-b2df-a26c08f13f70
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Sun, 26 Sep 2021 01:26:18 GMT

POST
H/1.1 200
OK / Show response
firehose.eu-west-1.amazonaws.com/ 299 B
735 B 45ms
44ms XHR
application/x-amz-json-1.1 52.95.117.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.eu-west-1.amazonaws.com/
Requested by: Host: js.smct.io
URL: https://js.smct.io/e/events-1.4.8.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.117.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bc1ddde236b553b547f283dd287da25b5ae989212906251601c45c984f0c64cc

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=ASIAX2DUJRE4TEHNONVI/20210926/eu-west-1/firehose/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token;x-amz-target, Signature=e77d983d45be8aa8f5908761887f55b1fd454a95a06d6c9bce77cc44be2b0055
content-type: application/x-amz-json-1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://www.ninavonc.de/
x-amz-target: Firehose_20150804.PutRecordBatch
x-amz-security-token: IQoJb3JpZ2luX2VjEAIaCWV1LXdlc3QtMSJGMEQCIBD5ME+vgQ4Htw0CWKvtP8mUvblwyWwRbipOPprXf5ZDAiA3zDtpme8+Nv3B0oMfXms2hUYsEOrBApZgEwngafh7qyqRBghrEAIaDDUzNzExNDgwNjU4NSIMN0Pg3X2wKNN3kLFSKu4FaIM91mWSSME3q48WVFyPbgaxmvaj8aKZs3BBg9WH46edmsPqxBFhyYEJls3EKcLEkZvjAj2eW88odCtG362WEJQHCzuCxcdCcnUmIAhKGaIdj7Jy/+iO/IboML/PPLgd0mlq0eqbcvoVB/nsezOoS8mNMCycZDNr4zHPAN0Bg59QmcKiUdTy+8s71l5uhdvsCjEPOAjqci97uwYOZUF2KDXD7+dmli4Es2Wa7onn3PGSYQtFArAjeXEfZ+kuGgWRcrIvEDrJAyeLIysZBqhPnqsr2Zgs/kZ4Sw+eBtcQ4w/7s1dtuMhZ23BRkd3YQLSJysHSPoEc1siu8061/5zPKXSKVe1haIrwkVIB8fiza3puoT7BMgZqfPs8uffG/nk+LflZUQUVU31bFd4k5bN/xMK4Y+W8J8DkEQBdFAliCnTnYoXYRdtWlas9dKk1fWL6I+70gw31yGUGObPW2tGxBDVmyfrKcRk4sA/wqT8p6BY7eUCVGO55MN+/b+7cIwa+eFnnbm6GKfAxQj3tvpEPK9wX5rNvBLPMIYgkkuL6Gh861Qe4WTJtHfJCpz6f8qEaedUNJeTMCDCMPZVsgQf2NzKL0rZXed9C7S2uCuESYZH/244ZQtK+lP+Q9VRtd8Liju0440pNY3ZZDwqyBCn7P77NGjXoIhPo1Tq5xJyyShqesnELirdVk7BzSQyP2Vy/EtYFLJ0jRYpKl048QliKXUAu+kwF+rGOjHr7ZR4MRnyr9hIlQVPi48D1gm+VNfIsmKjZthLZK8Y5xNqRt0nC/qRs1EdAVMsFEe78b+uR2+8/Y/2b2ZaxymgPG8MeVGguGubyAuTrIVGGkfhacvaZpz+7nFiFgjSmt/LzikROFmjRp2EMdtDi/h21goWCQzlKjKwQbOXCsDQVD+Buz9/V54QPNk4M9AvZ6IgoWy6gTCBeUwdoHDn70847vYlm+Ieauyja/12imZh9E6FYybdOn7ynVeyeMw/MUxsSctRgMLqYv4oGOogCLxz134PMkiGwcxpEuGUXGaFJ3IQyZWaXh4QcM9kP4qIaN9VoVpjkD74krYcT1FrqHj7IOE1syoRJooGNSWaHOjUnPSq4/+6vhro1qN6srwt9vPRqq9B/Zllsf7NEO1cZyzLUAVS0kc1+1A/fHrSzOp08Rz+gSSDm7X0zyyNYOgfL4L5bqIeyP7IPfyhDwRE/sZ32kDUiG4v7+liIFoI+ngSO8iSkx/GKy9mUdiSSdEKw3z+OpM4BE0+J/w8UAEiC9edGEtBu78KsA2XblW7KTtp4pY7mPqZWDJ7IQiuYS1fBTanPIoIiXqA5ynEiPhV+BuTaRsVWCQgPxo5DnRAmXt5c8yXNx4gk
x-amz-date: 20210926T012618Z

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId: c63d1962-0975-a730-9ff4-d718aadf2897
Date: Sun, 26 Sep 2021 01:26:18 GMT
Content-Length: 299
x-amz-id-2: uVrIdZ29JdoOOB3eKS57gxcKcE7kVyKOpVm46/oLypUdXe/5tPKU2hbI32kYMOF7SKjR70XWjhP7byDIbhfWF0YjBLclFH25
Content-Type: application/x-amz-json-1.1

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B7A1 28 B
50 B 22ms
22ms XHR
application/json 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/zM3RMZUjVGU?autoplay=0&showinfo=0&controls=1&autohide=1&rel=0&loop=0&modestbranding=0&wmode=opaque
X-YouTube-Client-Version: 1.20210922.1.1
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtFQWtxNFRkQmFNNCi5mL-KBg%3D%3D
X-YouTube-Ad-Signals: dt=1632619577201&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image&bid=ANyPxKp8NiRRQFAlpy3YEBpQt2mbMuFa2ShEOm--PhWuUytPkgKjjhfGGXylrhzwVINqhQ_P88l9dHRJDhFVjwusdAgLPHb7xg

Response headers

date: Sun, 26 Sep 2021 01:26:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tracking.ninavonc.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: m2actjvt3pbr7b2k2ifrlmgnd0
.www.ninavonc.de/	1970-01-19 21:31:45	Name: NinaVonCSID Value: 72f3f610e3da6f88375f46aa0ee9b636
www.ninavonc.de/	1969-12-31 23:59:59	Name: SIDshopserver Value: app3
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 20fjBqijt9A
.youtube.com/	1970-01-20 01:49:31	Name: VISITOR_INFO1_LIVE Value: EAkq4TdBaM4
.doubleclick.net/	1970-01-20 15:01:31	Name: IDE Value: AHWqTUnILn11Y86FePCe-bYAcE3-5iM2KIDKF3wqNqk8JyA8bTZqcUPDdOJAt2Oo
.ninavonc.de/	1970-01-19 23:39:55	Name: _gcl_au Value: 1.1.87649001.1632619578
.ninavonc.de/	1970-01-20 15:01:31	Name: _ga Value: GA1.2.1975541607.1632619578
.ninavonc.de/	1970-01-19 21:31:45	Name: _gid Value: GA1.2.1769573763.1632619578
.ninavonc.de/	1970-01-19 21:30:19	Name: _dc_gtm_UA-37652826-1 Value: 1
.redintelligence.net/	1970-01-19 23:39:55	Name: 8lcfmzhxc8d6_uid Value: 065b1cbd5b86b710
.ninavonc.de/	1970-01-19 23:39:55	Name: _fbp Value: fb.1.1632619577739.2069109244
.ad-srv.net/	1970-01-19 23:39:55	Name: kdb0xdq3ls8m_uid Value: f9d682a9e1d378e2
.usemaxserver.de/	1970-01-20 06:15:55	Name: um_rt Value: 3582876582
.usemaxserver.de/	1970-01-20 06:15:55	Name: ident_v Value: 1
.adfarm1.adition.com/	1970-01-19 23:39:51	Name: UserID1 Value: 7012047690026124517
.usemax.de/	1970-01-20 06:15:55	Name: um_rt Value: 3582876582
.usemax.de/	1970-01-20 06:15:55	Name: ident_v Value: 1
.mathtag.com/	1970-01-20 06:56:14	Name: uuid Value: d7a4614f-cc39-4400-8548-8a23829011d3
.adform.net/	1970-01-19 22:13:31	Name: C Value: 1
.mathtag.com/	1970-01-19 22:13:31	Name: mt_misc Value: mt_bt:1
.adform.net/	1970-01-19 22:56:47	Name: uid Value: 4577932272695901046
.ninavonc.de/	1970-01-23 13:06:19	Name: smc_uid Value: 1632619578148814
.ninavonc.de/	1970-01-20 06:15:55	Name: smc_tag Value: eyJpZCI6MjY4MSwibmFtZSI6Im5pbmF2b25jLmRlIn0=
.ninavonc.de/	1970-01-20 15:01:31	Name: smc_refresh Value: 14806
.ninavonc.de/	1969-12-31 23:59:59	Name: smc_dyn_basket_exists Value: false
.www.ninavonc.de/	1969-12-31 23:59:59	Name: smc_dyn_basket_exists Value: false
.ninavonc.de/	1969-12-31 23:59:59	Name: smc_spv Value: 1
.ninavonc.de/	1970-01-23 13:06:19	Name: smc_tpv Value: 1
.ninavonc.de/	1970-01-23 13:06:19	Name: smc_sesn Value: 1
.ninavonc.de/	1970-01-23 13:06:19	Name: smc_not Value: default
.ninavonc.de/	1969-12-31 23:59:59	Name: smct_session Value: {"s":1632619579156,"l":1632619581156,"lt":1632619581157,"t":3,"p":3}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src https: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
6635505.fls.doubleclick.net
6837390.fls.doubleclick.net
ad.ad-srv.net
ad.doubleclick.net
ad13.adfarm1.adition.com
ad4m.at
adservice.google.com
aggregator.service.usercentrics.eu
api.usercentrics.eu
app.usercentrics.eu
as.ad4m.at
bid.g.doubleclick.net
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
d31bfnnwekbny6.cloudfront.net
firehose.eu-west-1.amazonaws.com
fonts.gstatic.com
googleads.g.doubleclick.net
graphql.usercentrics.eu
hal9000.redintelligence.net
i.ytimg.com
images1.ninavonc.de
images2.ninavonc.de
images3.ninavonc.de
ipb.smct.io
js.smct.io
pixel.mathtag.com
s2.adform.net
smct.co
static.doubleclick.net
stats.g.doubleclick.net
track.adform.net
tracking.ninavonc.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.lacmp.net
www.ninavonc.de
www.usemax.de
www.usemaxserver.de
www.youtube.com
yt3.ggpht.com
104.22.58.173
104.26.11.209
108.128.28.141
13.224.193.40
138.201.63.145
138.201.64.38
142.250.181.232
142.250.185.118
142.250.185.162
142.250.185.163
142.250.185.164
142.250.185.194
142.250.185.206
142.250.186.78
142.250.186.97
142.250.74.194
142.250.74.198
157.240.236.1
157.240.236.35
172.217.23.99
194.97.158.1
2.18.233.201
212.48.120.130
216.58.212.134
217.79.188.54
34.120.238.166
34.120.28.121
35.190.14.188
35.241.3.184
37.157.4.40
37.157.5.73
52.31.175.22
52.95.117.174
66.102.1.156
74.125.140.155
84.200.5.215
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
045fd4ce57343257588e028026d314db88e7cc03aa84ec98ead1197bafe8c598
04b0a41cc1e482e56addbee652d9d6c4373cf34e309ca5765ac5d6920543126f
0548899f470a3afb67e3030754d1b834728e98c6043f4c112347356f18bd9e39
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0c3a553b18e4ef0be468c6564b87bcf29d8c446d3d144f9e12656071b270e8b0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114cd45e3825a4319e5e0e0ef1c04f3644ffbba41408032b1a17f22d86445e94
121b46ffde227a19cacdba5bd193ff717c2efed7911258ee44f04ae15417a076
14635c6c99973cc20cda016300033ff103cb8668871434c8a70d301de0f82ac6
1ed51abf454a8a6ab9d6e96e35a332808ca0dcbc1d8445271bce5bc69a0d3619
1f4fe7d1edd047c5932c9d767795fd69b8890dc0a76c36e76025e2fd1db17fe2
2101a68c52780c559f7dcba4bdf2055ae84d354c8ccdbf8a91e96a7d8096b2ba
21635b2c5730c4023c7fde3ae9ac6d40ec36aebbae1013bd4e1f52fe498c1ead
260307541e1674838c63f9d7a4922e1176fac1f8199436b8f777cb69b34500e6
2781a169eab066ba504aafdb8638600c00a49540ffffeaceaca5b2527f5c5791
2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883
302e8037d8fd07c42c15cb555d246d6a2a3dbaca6b0bed5360485743455123f1
31df296dd15b6d19369964a87ac91dc8a2307930fd20768ed0427020c0e1c7b8
33ae67cbb9b33172aaf79d819887880359753d274a8d4372d27e87f7f0debf4b
37591158f847c9dd4f79b90b2bda1b5740653f74ff1b67083581abe2bd56248f
3766c4aff6cb7cf2724fd57b540830f1471eb27450c91926d922fcad7f24fd4f
37a2c27e5d047886b0e3bd58530e3afc273c16d33b4264e5f4636403d5e515bd
37e5636d5373bd872f7a8e465e91e13009eae47d2150a3729405057f6842da06
3c5091266798b1ab6280ae9907f7565f138d08516858ea73c85ea81f7897e056
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43b1b3f38131cbaf940fd111794f8f6c0855671584adf8d733454b12b8322a2e
477cb6132d1773cae0d204db2808dd0cb56176d36a8aa98819d25e83d7ff563a
48303509dff674232a432fa318ade5a96ebd717d7f882b3b3506f485990ed9f6
49958c1a45bfd46c8a02c8b5bb265b5392830f3d32ce509a437e1c7f2f721a52
4c4fd20a3af02bdbaa2c590484887c8be220b8b629ac435d7087eb70fadce6f6
4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609
5050b7448761753e8744f15eaab2d14b2ae79b8efff5ecc130ad105b48b900b0
505637c5f9aaee6cfd1c047982bfbb260b5c7d99c7b85e030a447a9d1bde8570
590f46c56c4c933e0c166931f5662cba75a0eb9cd06410aa89bc7ae86af18c9c
5bfa7c11e81d7c5187a03fce17d30d77fcc32f8200bddd01286b08883e5c23b3
5cf2d602e6a7b16bf2a0b1866e945e014d8d08ecb9603a36943b8da90499a96e
5d585910612de4f9df58b8a42bfa6e9dbe03cf32940038d033853c9b228527ae
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6253908bd70c94b3432eab258b5a5bc52271eb94d53a9ea6516a9dbede2e3f85
62850a7ee30df9f293614c9da2697c2bd407e97981c657a583fc0928a4821878
62b97aca219dc9aa7b073a1871afc7e9af2f5beea5df283c94841f53a264042c
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
67e08395256b0427f89337900dc2ccc721523adfb275c65e1f738d9a92f5ce9a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
76242032562cf31161d64291ffd55f21dfbf413b82674ef22dd9a83fa9977f1a
7c9dfe985977251dc81c7a1a6695e3dd3091073ddf80b1a93d70a7248cad2b10
7f86954a0212278ef87cdda1efc4339f8a0a7b5e9b3d222aa57a9a4c68debf84
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85005315915c463cbf9cdb377c771d7a00577f4c9adabd6e48a42e53e2998974
8a26b07ff11420141f850cd68241fa5faf912583ae0b374d29bd5b1b78e26b64
8a4d999062ab59a3601019775b8c924884425773839899cccb72a8c7a9cfc304
8ac79395ad2c8c0efaf5a734544089eab4a8dce163f3b97f86d08921df5faafb
8f328d8f29364a94f8ab9e5b94c85e649a72e6816f6da252520ef59a69cc8dc3
936790ccabd26acddebd039c54120623734e2aa82310def49cc535912338fc0c
93a96419235accd6cc94bc3de8bde70bafa9ea5a29922bac1bdc2ecd9da4a92b
97c0d53a4eb0bfaf76774e440f5035670610079f6da444ab9f6d3c83403400aa
98246f79b1495fa4d547fc6bdff6a3de6cf8064d5cb9e5d877adee9171a7f99d
9a865189efd70c8f19439a428e6da65a64296fb2fff2fdee604f654e671c9f72
9e384ad8395b62f70f542c41a1277053531cd37a983bfd182749427c40666e27
a38387f31771679b3a3751bce8669553b3897f85de8de9058ad3d5239b0c3ed7
a3d95ae748751a4a7b587dc612924cbc2e9d7b9ec5c2b5b0e92bef231e93dd26
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
ab34cdf9289a972cb6938fa868db57c63334b35e4dda6b161edcf6c398e289e3
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6089fde4ff3747d502336b07b6a33215318b107bded6a4635a1e1d34b6232ff
b7fbb0f2b6be3ff6c73dd9dfd5ad2155cd0e3dc50f330884d7e09e6a6b2dd666
ba7f2ffdb82a03f146b09ef5b7372ecaee3e5c7dc50d0e48ecde7a7d700b07fc
ba8316c2300d944ec48856755759b3b21d50fc097694ba078c546ce9d51990f6
bc1ddde236b553b547f283dd287da25b5ae989212906251601c45c984f0c64cc
c0758e371e8ff72d7b14491f38241f50dab6a0057f57e3ae2c0a47ec00871cda
c205af8713074107208ad76ddeaabf980f40d8b9f98e2c532eadb6ed383e9665
c74b1ca0ec73cbddb66c1982518bb04d4d844f2823c18597e42e1013858484cd
c894222666e9bda7e2a0022e9cabe4729915d9ee5cfab66e3618c197d9632eeb
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d19c93e9f287b721a06cd7340dc4e316ccf4a7cf64d445ea205d7b5144c8122c
d1f373371bd6643ba887dd0f0f5401a133ea797de42e80f13cc4536751f124de
d4b1944efedd4800db2b698aba4f79b9008639fbe31a1ab8bfd64e52927244b2
d4f7078661521e468ca8214e4f94db38e5058b40cdefffe1e7b6572e35ff3dff
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc900160cbd1b98f8756dbed47e23c6cb135ea09c607795c710fbc5f869f828f
dce009260c83128b674841cb92b03faf749468dceca09a813fdadd318c4bfbd2
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e348916c99a27a39f3b37209c277e9ef3914fa7c469fd09b98b25a8de78ff72b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ce8b6e55aaa9a9202e75c7299da80bfdb23ee0fda770ce88d5f5d9daed899a
eb2ffac7bd025d687b9c0a334610a62f9ef509682ec5f07667bca2c7e76ef82a
ebab07ae2d325de05cfaf79c3822ac2eb7503eb1bfb2b96dac182d3d10668a49
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f21e649d14981a2330c6c78113649c517b2f22a92ff4ed85ac4b05623d8227
f80f2760f11788ccad566fa2bc4a6badf82994150c5dfc2eff69a3ef9499d182
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.ninavonc.de Open in urlscan Pro 194.97.158.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

100 %HTTPS

0 %IPv6

26 Domains

46 Subdomains

37 IPs

5 Countries

2686 kBTransfer

7007 kBSize

32 Cookies

8 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ninavonc.de Open in urlscan Pro
194.97.158.1 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

100 %
HTTPS

0 %
IPv6

26
Domains

46
Subdomains

37
IPs

5
Countries

2686 kB
Transfer

7007 kB
Size

32
Cookies

123 HTTP transactions
1 data transactions