www.ncm.at Open in urlscan Pro
83.218.161.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sichersenden.at/
Effective URL:
https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterl...
Submission: On May 03 via automatic, source certstream-suspicious (May 3rd 2021, 8:03:24 am UTC)

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 48 HTTP transactions. The main IP is 83.218.161.112, located in Tyrol, Austria and belongs to MYNET-AS myNET gmbh, AT. The main domain is www.ncm.at.
TLS certificate: Issued by R3 on April 14th 2021. Valid for: 3 months.

This is the only time www.ncm.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	83.218.161.71 83.218.161.71	31543 (MYNET-AS ...) (MYNET-AS myNET gmbh)
1 24	83.218.161.112 83.218.161.112	31543 (MYNET-AS ...) (MYNET-AS myNET gmbh)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	31.222.175.61 31.222.175.61	15395 (RACKSPACE...) (RACKSPACE-LON)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	15

3 83.218.161.71 (Tyrol, Austria) 3 redirects

ASN31543 (MYNET-AS myNET gmbh, AT)
PTR: sichersenden.at

sichersenden.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sichersenden.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 83.218.161.112 (Tyrol, Austria) 1 redirects

ASN31543 (MYNET-AS myNET gmbh, AT)
PTR: ncmh5.mynet.at

ncm.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ncm.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.222.175.61 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

checkeffect.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f4cc (United States)

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ncm.at 1 redirects ncm.at www.ncm.at	560 KB
8	hsappstatic.net static.hsappstatic.net	228 KB
6	hubspot.com 1 redirects api.hubspot.com track.hubspot.com app.hubspot.com	21 KB
3	sichersenden.at 3 redirects sichersenden.at www.sichersenden.at	1 KB
2	gstatic.com fonts.gstatic.com	35 KB
2	googletagmanager.com www.googletagmanager.com	79 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
1	hubspot.net avatars.hubspot.net	1 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	usemessages.com js.usemessages.com	20 KB
1	checkeffect.at checkeffect.at	4 KB
1	hs-scripts.com js.hs-scripts.com	1 KB
48	13

	Domain	Requested by
23	www.ncm.at	www.ncm.at ajax.googleapis.com
8	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	api.hubspot.com	1 redirects js.usemessages.com static.hsappstatic.net
2	fonts.gstatic.com	www.ncm.at fonts.googleapis.com
2	www.googletagmanager.com	www.ncm.at www.googletagmanager.com
2	sichersenden.at	2 redirects
1	avatars.hubspot.net	app.hubspot.com
1	app.hubspot.com	js.usemessages.com
1	track.hubspot.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	checkeffect.at	www.ncm.at
1	fonts.googleapis.com	www.ncm.at
1	js.hs-scripts.com	www.ncm.at
1	ajax.googleapis.com	www.ncm.at
1	ncm.at	1 redirects
1	www.sichersenden.at	1 redirects
48	18

This site contains links to these domains. Also see Links.

Domain
www.tourismuspresse.at

Subject Issuer	Validity	Valid
ncm.at R3	`2021-04-14` - `2021-07-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
checkeffect.at AlphaSSL CA - SHA256 - G2	`2019-05-28` - `2021-07-06`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Frame ID: 47276BABE38A8B87BF6DC077A8E89587
Requests: 40 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/2432660/threads/utk/46441ed7a7bd4632a4d70e1919e89155?uuid=494c514cd7724f98ada1a3c3093e18c3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncm.at&inApp53=false&messagesUtk=46441ed7a7bd4632a4d70e1919e89155&url=https%3A%2F%2Fwww.ncm.at%2Fsicher-senden.html%3Futm_source%3Dsichersenden.at%26utm_medium%3Dredirection%26utm_campaign%3Ddomain-weiterleitung&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 4118BBE9D3033D1D357E403F4139BEE6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sichersenden.at/ HTTP 302
https://sichersenden.at/welcome HTTP 302
http://www.sichersenden.at/ HTTP 301
https://ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_cam... HTTP 301
https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_cam... Page URL

Detected technologies

Contao (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Contao Open Source CMS$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Contao Open Source CMS$/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

48
Requests

100 %
HTTPS

80 %
IPv6

13
Domains

18
Subdomains

15
IPs

4
Countries

1014 kB
Transfer

3021 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tourismuspresse.at/pressemappe/3849/ncm-at-net-communication-management-gmbh
Title: Presse

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sichersenden.at/ HTTP 302
https://sichersenden.at/welcome HTTP 302
http://www.sichersenden.at/ HTTP 301
https://ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung HTTP 301
https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://api.hubspot.com/userpreferences/v1/avatar/c521343d78055b2c734c5bc27cc78b0c/100 HTTP 307
https://avatars.hubspot.net/default-100

48 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sicher-senden.html Show response
www.ncm.at/
Redirect Chain

https://sichersenden.at/
https://sichersenden.at/welcome
http://www.sichersenden.at/
https://ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung

71 KB
17 KB

988ms
979ms

Document
text/html

83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: be479e28b9e46071ccbe8caca467b352bfbe9c0a12befbe93ff43d215b930bb1

Request headers

:method: GET
:authority: www.ncm.at
:scheme: https
:path: /sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NCM_USERID=ncm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:05 GMT
server: Apache
cache-control: public, max-age=3599
pragma: public
expires: Mon, 03 May 2021 09:03:05 GMT
vary: User-Agent,Accept,Accept-Encoding
set-cookie: NCM_USERID=ncm; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:05 GMT NCM_ACCEPT_WEBP=1; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:05 GMT PHPSESSID=qiden3r66u44b1t7uf3g57nms2; path=/ NCM_SEASON=2; expires=Tue, 04-May-2021 00:00:00 GMT; Max-Age=57415; path=/ lang=1; expires=Mon, 03-May-2021 09:03:05 GMT; Max-Age=3600; path=/
last-modified: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
content-length: 17087
content-type: text/html; charset=utf-8

Redirect headers

date: Mon, 03 May 2021 08:03:05 GMT
server: Apache
set-cookie: NCM_USERID=ncm; path=/; domain=ncm.at; expires=Fri, 02-Jul-2021 08:03:05 GMT
location: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
cache-control: max-age=0
expires: Mon, 03 May 2021 08:03:05 GMT
content-length: 337
content-type: text/html; charset=iso-8859-1

GET
H2 200 co_block.js Show response
www.ncm.at/ 174 KB
28 KB 44ms
39ms Script
application/javascript 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/co_block.js
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 14c4f79e3a89c5c319a521fd6c00421ebaf35287506f95804d2dd30e549bf034

Request headers

:path: /co_block.js
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 09:25:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
set-cookie: NCM_USERID=ncm; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:06 GMT
accept-ranges: none
content-length: 28334
expires: Tue, 03 May 2022 08:03:06 GMT

GET
H2 200 Social_icon.png
www.ncm.at/files/layout/ 8 KB
9 KB 42ms
37ms Image
image/png 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/Social_icon.png
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 68973585013d4e15d977cc6c86cfb7a469309277547dd0dbdfbb14fff3361298

Request headers

:path: /files/layout/Social_icon.png
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
last-modified: Thu, 07 Feb 2019 14:00:58 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8525
expires: Wed, 02 Jun 2021 08:03:06 GMT

GET
H2 200 SSLogoTop.png
www.ncm.at/files/layout/ 8 KB
8 KB 51ms
50ms Image
image/png 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/SSLogoTop.png
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: f44ba75dbf45db7656b080f299076ce472e4ceea30120ef0b0dae08df8d9e1ca

Request headers

:path: /files/layout/SSLogoTop.png
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
last-modified: Wed, 07 Jun 2017 11:31:46 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8496
expires: Wed, 02 Jun 2021 08:03:06 GMT

GET
H2 200 Florian_Werner-3c9dbedf.jpg
www.ncm.at/assets/images/f/ 65 KB
65 KB 35ms
35ms Image
image/jpeg 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/assets/images/f/Florian_Werner-3c9dbedf.jpg
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 54fbc2077eb38e9b157c5e2cb24676ea54cbb7a3fe0eae12ecfef0ec95def44e

Request headers

:path: /assets/images/f/Florian_Werner-3c9dbedf.jpg
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
last-modified: Sat, 01 May 2021 00:17:24 GMT
server: Apache
vary: Accept
content-type: image/jpeg
cache-control: max-age=2592000
set-cookie: NCM_USERID=ncm; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:06 GMT NCM_ACCEPT_WEBP=1; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:06 GMT
accept-ranges: bytes
content-length: 66307
expires: Wed, 02 Jun 2021 08:03:06 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 38ms
6ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 06:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5430
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 06:32:36 GMT

GET
H2 200 feeda9b4-collection.min.js Show response
www.ncm.at/assets/css/ 394 KB
108 KB 62ms
60ms Script
application/javascript 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/assets/css/feeda9b4-collection.min.js
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 093f21f98dda37877cc1dc0e359cb909be389066dbd8423f2a3e1dc5dae54eb3

Request headers

:path: /assets/css/feeda9b4-collection.min.js
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Sun, 02 May 2021 22:13:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
set-cookie: NCM_USERID=ncm; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:06 GMT
accept-ranges: none
expires: Tue, 03 May 2022 08:03:06 GMT

GET
H2 200 jquery-ui.min.js Show response
www.ncm.at/assets/jquery/ui/1.11.4/ 18 KB
6 KB 44ms
41ms Script
application/javascript 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/assets/jquery/ui/1.11.4/jquery-ui.min.js
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 3fbc0605c65df635914e2450c0b38cfd1ac2442c019d84bda8ff79c057fa30ac

Request headers

:path: /assets/jquery/ui/1.11.4/jquery-ui.min.js
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 11:31:45 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
set-cookie: NCM_USERID=ncm; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:06 GMT
accept-ranges: none
content-length: 6138
expires: Tue, 03 May 2022 08:03:06 GMT

GET
H2 200 2432660.js Show response
js.hs-scripts.com/ 1 KB
1 KB 482ms
462ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2432660.js
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb47ddb9a00acc18aeed8346f9a320e2da3052f3d30bcab29a33a43262bda5c6

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 91d17541-d4c7-4be1-a4e9-0131f2149c3f
cf-request-id: 09d2d9adf70000d6e53f070000000001
server: cloudflare
x-trace: 2B65A522EBE557E751C1E984150A19F58C97D0348E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.ncm.at
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6497f88ff957d6e5-FRA
expires: Mon, 03 May 2021 08:04:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
710 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans:400,700%7CRoboto:100

Requested by

Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0243c00856f8ab199706680388003b1ca4eb96f07d660b55b8bac3b07853876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 08:03:06 GMT
server: ESF
date: Mon, 03 May 2021 08:03:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 08:03:06 GMT

GET
H2 200 bootstrap.min.css
www.ncm.at/assets/bootstrap/dist/css/ 98 KB
17 KB 45ms
43ms Stylesheet
text/css 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/assets/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Request headers

:path: /assets/bootstrap/dist/css/bootstrap.min.css
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 11:31:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 17162
expires: Tue, 03 May 2022 08:03:06 GMT

GET
H2 200 blueimp-gallery.min.css
www.ncm.at/assets/blueimp/css/ 7 KB
2 KB 45ms
42ms Stylesheet
text/css 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/assets/blueimp/css/blueimp-gallery.min.css
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: f93f7c6e030aeba8d754cba85e278b844cabaf6463e009c3e72cc44ced1a92df

Request headers

:path: /assets/blueimp/css/blueimp-gallery.min.css
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 11:31:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 1469
expires: Tue, 03 May 2022 08:03:06 GMT

GET
H2 200 c77b6755-collection.min.css
www.ncm.at/assets/css/ 492 KB
66 KB 61ms
59ms Stylesheet
text/css 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/assets/css/c77b6755-collection.min.css
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 397b11872db9979a74c049a3c2cd07086daaa2b54118d6bbbe81f5e191479136

Request headers

:path: /assets/css/c77b6755-collection.min.css
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Sun, 02 May 2021 22:17:48 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
expires: Tue, 03 May 2022 08:03:06 GMT

GET
H2 200 jasny-bootstrap.min.css
www.ncm.at/assets/bootstrap-jasny/dist/css/ 14 KB
3 KB 46ms
44ms Stylesheet
text/css 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/assets/bootstrap-jasny/dist/css/jasny-bootstrap.min.css
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 342fbc276f98d175be1a937e5f974728ae8d2051a8f9a94877bd5b24339febfd

Request headers

:path: /assets/bootstrap-jasny/dist/css/jasny-bootstrap.min.css
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 11:31:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 2559
expires: Tue, 03 May 2022 08:03:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
45 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXRKBRT

Requested by

Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bff4d9374689f43b34490bd715c06563c075e2eb4820a797d02bed3a936ba489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46089
x-xss-protection: 0
last-modified: Mon, 03 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 08:03:06 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d2fd9ddd51e15c7fa020eb9d27bd7e61f8bb0764329a5cb543043eb4d78c0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9c6644d4a82a8103002c678caa089a03c5d4a3b15d3aee95e03ca552651118a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29b9dc64ead69c8ee2c18a8efe25f942fb2d84df8f093aafffda4590f4d4408a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d071abc82473c83c3ee8d8e10e7e77c3a1215c3d563d117e17e3ee33564422b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ToolsBg.jpg
www.ncm.at/files/layout/ 34 KB
34 KB 36ms
36ms Image
image/jpeg 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/ToolsBg.jpg
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: ac7d73d75410c8fab8d09cb0afa4984b301e125175f7949a56ab6f1da09ce28b

Request headers

:path: /files/layout/ToolsBg.jpg
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
last-modified: Tue, 13 Jun 2017 07:34:30 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34816
expires: Wed, 02 Jun 2021 08:03:06 GMT

GET
H2 200 fontawesome-webfont.woff2
www.ncm.at/files/fonts/fontawesome/fonts/ 75 KB
76 KB 43ms
42ms Font
application/x-font-woff 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/files/fonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://www.ncm.at
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
:path: /files/fonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.ncm.at
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 11:31:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-font-woff
cache-control: max-age=2592000
set-cookie: NCM_USERID=ncm; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:06 GMT
accept-ranges: bytes
expires: Wed, 02 Jun 2021 08:03:06 GMT

GET
H2 200 glyphicons-halflings-regular.woff
www.ncm.at/files/fonts/ 23 KB
23 KB 40ms
39ms Font
application/x-font-woff 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/files/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067

Request headers

sec-fetch-mode: cors
origin: https://www.ncm.at
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
:path: /files/fonts/glyphicons-halflings-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.ncm.at
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:06 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 11:31:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23090
expires: Wed, 02 Jun 2021 08:03:06 GMT

GET
H2 200 Jzo62I39jc0gQRrbndN6nfesZW2xOQ-xsNqO47m55DA.ttf
fonts.gstatic.com/s/roboto/v16/ 34 KB
19 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v16/Jzo62I39jc0gQRrbndN6nfesZW2xOQ-xsNqO47m55DA.ttf

Requested by

Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f464df57b13d05f2ce593e95be39e39983c89b973a06d5f7f9961cc99d6d47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ncm.at
Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 11:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245763
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19475
x-xss-protection: 0
last-modified: Mon, 17 Apr 2017 21:21:34 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 11:47:03 GMT

GET
H2 200 mymon2.js Show response
checkeffect.at/ 11 KB
4 KB 186ms
45ms Script
application/javascript 31.222.175.61
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://checkeffect.at/mymon2.js
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.222.175.61 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Apache /
Resource Hash: dcc340c38e509acad1f36df5cd90309b6f2a34b45787322b08420e33178b23f4

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
content-encoding: gzip
last-modified: Sat, 03 Apr 2021 08:03:07 GMT
server: Apache
etag: "3364238719"
vary: Accept-Encoding,*
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa OUR IND COM NAV"
access-control-allow-origin: *
cache-control: private, max-age=630720000
content-type: application/javascript
content-length: 3671
expires: Fri, 02 Jun 2028 08:03:07 GMT

GET
H2 200 glyphicons-halflings-regular.woff
www.ncm.at/assets/bootstrap/dist/fonts/ 23 KB
23 KB 42ms
41ms Font
application/x-font-woff 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/assets/bootstrap/dist/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/assets/bootstrap/dist/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

sec-fetch-mode: cors
origin: https://www.ncm.at
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
:path: /assets/bootstrap/dist/fonts/glyphicons-halflings-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.ncm.at
referer: https://www.ncm.at/assets/bootstrap/dist/css/bootstrap.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.ncm.at
Referer: https://www.ncm.at/assets/bootstrap/dist/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2017 11:31:44 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23132
expires: Wed, 02 Jun 2021 08:03:07 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-823993250

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXRKBRT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df1b7ac8d56da112b271f6e736310b930899cfbc371e43bd290e3599199b9cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34152
x-xss-protection: 0
last-modified: Mon, 03 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 08:03:07 GMT

GET
H2 200 sprite.png
www.ncm.at/files/layout/ 32 KB
33 KB 40ms
39ms Image
image/png 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/sprite.png
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/assets/css/c77b6755-collection.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 5f4670ebe9cd3732d08dba398b54597ccce419b6ef5a02531da5dd5676f0ebf8

Request headers

:path: /files/layout/sprite.png
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
last-modified: Wed, 07 Jun 2017 11:31:46 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33160
expires: Wed, 02 Jun 2021 08:03:07 GMT

GET
H3-29 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 24ms
22ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700%7CRoboto:100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ncm.at
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:52:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:29 GMT
server: sffe
age: 515435
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15712
x-xss-protection: 0
expires: Wed, 27 Apr 2022 08:52:32 GMT

GET
H2 200 partneroehv.png
www.ncm.at/files/layout/ 18 KB
18 KB 42ms
38ms Image
image/png 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/partneroehv.png
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/assets/css/c77b6755-collection.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: f09f8cc01117d758dc23e37420cbf80b3eedbe8b8f0926d9f5ce8046ec5b3a95

Request headers

:path: /files/layout/partneroehv.png
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
last-modified: Thu, 13 Sep 2018 11:25:40 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18029
expires: Wed, 02 Jun 2021 08:03:07 GMT

GET
H2 200 partnerhogast.png
www.ncm.at/files/layout/ 7 KB
7 KB 37ms
35ms Image
image/png 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/partnerhogast.png
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/assets/css/c77b6755-collection.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: b71b349d7ca2b4936fdf92ce9a6edb4fe29d5ab40a7894565639325c77356402

Request headers

:path: /files/layout/partnerhogast.png
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
last-modified: Wed, 30 May 2018 08:57:35 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7239
expires: Wed, 02 Jun 2021 08:03:07 GMT

GET
H2 200 partnercontao.png
www.ncm.at/files/layout/ 6 KB
6 KB 43ms
42ms Image
image/png 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/partnercontao.png
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/assets/css/c77b6755-collection.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 2cdfa3c5aaec099e0f0169197c03ed51231881fd96071f57d4a5cd8836977dd2

Request headers

:path: /files/layout/partnercontao.png
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
last-modified: Wed, 07 Jun 2017 11:31:46 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6221
expires: Wed, 02 Jun 2021 08:03:07 GMT

GET
H2 200 partnerfidelio.png
www.ncm.at/files/layout/ 5 KB
5 KB 39ms
38ms Image
image/png 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/partnerfidelio.png
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/assets/css/c77b6755-collection.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 321ee68724eef630c70e502084f644d71c48daf7dd0f34d3c27f3002c2cafdec

Request headers

:path: /files/layout/partnerfidelio.png
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
last-modified: Wed, 07 Jun 2017 11:31:46 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5278
expires: Wed, 02 Jun 2021 08:03:07 GMT

GET
H2 200 PartnerG.png
www.ncm.at/files/layout/ 5 KB
5 KB 40ms
39ms Image
image/png 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ncm.at/files/layout/PartnerG.png
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/assets/css/c77b6755-collection.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: 6b075f73a06cbccd202725fabae2660243871b03b863a081bd2d6dade70bcc9f

Request headers

:path: /files/layout/PartnerG.png
pragma: no-cache
cookie: NCM_USERID=ncm; NCM_USERID=ncm; NCM_ACCEPT_WEBP=1; PHPSESSID=qiden3r66u44b1t7uf3g57nms2; NCM_SEASON=2; lang=1; AllowedCookiesList=,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,*_mymon_user,*_1Stcontact,*_1Stref,*_2ndcontact,*_2ndref,*_3rdcontact,*_3rdref,*_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1; AllowedScriptList=,gtm.js
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ncm.at
referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/assets/css/c77b6755-collection.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
last-modified: Mon, 05 Oct 2020 09:18:18 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5340
expires: Wed, 02 Jun 2021 08:03:07 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
20 KB 44ms
23ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2432660.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a4269333599643f65b52a9fb84b75928dcb5dc04feba27a62b605f74e71277b

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
via: 1.1 08f45c153a856ff7955174d0e6f60745.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 100
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8733/bundles/project.js&cfRay=6497f61fbcbd1752-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 09d2d9b08c000005cc1b9a9000000001
last-modified: Wed, 28 Apr 2021 04:20:06 UTC
server: cloudflare
etag: W/"6a007a29de4205dce2435dce09a2a3e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: i8wmCtQqMBp_85P4FFX.Kp1SM3KyW7iB
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-C3
cf-ray: 6497f8941c7605cc-FRA
x-amz-cf-id: opFsoTl4BmY-pWXKTMFyevtfg7lQqOyBJgbWg8-YCRjs8Td973GpNw==
x-hs-target-asset: conversations-embed/static-1.8733/bundles/project.js

GET
H2 200 2432660.js Show response
js.hs-analytics.net/analytics/1620028800000/ 61 KB
19 KB 185ms
155ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1620028800000/2432660.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2432660.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59178aaf51f3f24a8a6912febfae8e2e2b8788882bdd85f53d2e76d68984366

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: TP64FNBADSKT6WKM
x-amz-server-side-encryption: AES256
cf-ray: 6497f8942b74c2d1-FRA
x-amz-id-2: RWlA4htLJCCcRHnP1JagBD8yHFrjxrUZQsFIpP7JXBLOgIWJp5r3roCbi+vUJ5Z45otE0GyUZ00=
last-modified: Tue, 23 Feb 2021 22:00:56 GMT
server: cloudflare
etag: W/"dab9ec8182ce3dc1cae2543dad3f37ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 09d2d9b0970000c2d1cb0ca000000001
content-type: text/javascript
expires: Mon, 03 May 2021 08:08:07 GMT

GET
H2 200 2432660.js Show response
js.hs-banner.com/ 59 KB
15 KB 494ms
462ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2432660.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2432660.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3e6bf3067fe1d2c62fa0129424ce0d4dbce4a82b520f11b8204fc4c18f7053

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: V6FQPX6FP1B66QTP
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: zJegJLRIsGgvIjWu9++oVwZmNkgmezAxPzUslHSv6n9LU0Xdiu8f62Lss9KZtMD8Pec+DZtdtSk=
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 20:55:18 GMT
server: cloudflare
etag: W/"4f81161899b8a65c49e471e00c762a23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 1YlcG2rOBujaqu1H5nB1GptBFNFSit.a
access-control-allow-origin: https://www.ncm.at
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 09d2d9b09900004dbe353bf000000001
cf-ray: 6497f89429424dbe-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 03 May 2021 08:08:07 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 157ms
137ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2432660&conversations-embed=static-1.8733&mobile=false&messagesUtk=46441ed7a7bd4632a4d70e1919e89155&traceId=46441ed7a7bd4632a4d70e1919e89155

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.ncm.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 03 May 2021 08:03:07 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6497f894dae14a6d-FRA
access-control-allow-origin: https://www.ncm.at
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-request-id: 09d2d9b10b00004a6df72b5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 4b6884d5-9894-4cb8-a9ba-c61b4b6ffc97
x-trace: 2BD6833885579B6F5B140FEE3975ECDF38DD303CBD000000000000000000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hIe%2B%2F5mO%2FlTYVtkPOU5QenB%2FdZC3BZ%2Bgd73cLmy%2BmNnmjfNq90rWmnVT0d%2FV53aLynEHr8p5AoDzF%2BlNw2ur5d4FLvDRBgxe3sgdD%2B2GIeszl1fy9KtSLdWFsqA%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 248ms
227ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a3a67f5ea69c5c6349700c52a403752d7e43ab2ae1de5e69257d23150bc76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ncm.at/

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-hubspot-correlation-id: ed557dec-2a82-44b6-bc81-1573b77c0921
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1433
cf-request-id: 09d2d9b1aa0000145a90b11000000001
server: cloudflare
x-trace: 2BD04FF0D7F5D8DDEC03E451D6403F9ED866EC0FF0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Zxkb%2B5BAPJx0MoHUOFtkXOLgKPFcVskyiKzhZZrtY%2F0e62CtEMOvW8WK3x3Iqz5%2Fxd6ds%2F12Mn6arQpAq5BUa4MqeDoO7pHn5yPUaQj9%2BZxOqEsMGGntDU%2Fq%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ncm.at
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6497f895df94145a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
850 B 44ms
26ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2432660&rcu=https%3A%2F%2Fwww.ncm.at%2Fsicher-senden.html%3Futm_source%3Dsichersenden.at%26utm_medium%3Dredirection%26utm_campaign%3Ddomain-weiterleitung&pu=https%3A%2F%2Fwww.ncm.at%2Fsicher-senden.html%3Futm_source%3Dsichersenden.at%26utm_medium%3Dredirection%26utm_campaign%3Ddomain-weiterleitung&t=SicherSenden+-+damit+Ihre+Mails+ankommen&cts=1620028988021&vi=66950c1658446158d9e9d57a281d4f28&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ncm.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6497f897497e4e38-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 09d2d9b28c00004e386b060000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WNbMu3I1eP8Gk1jw%2B76%2F8byVBUje7XGu2NDPP77znZB2p3E1294Yx86KQZVwlWGdsi3qjy3D7lxM5reCvh6qdBk3xXF2AzOasaXYP6V%2BM4Rthpqlv0lrkOhLLJW3hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 46441ed7a7bd4632a4d70e1919e89155 Show response
app.hubspot.com/conversations-visitor/2432660/threads/utk/ Frame 4118 44 KB
15 KB 166ms
164ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/2432660/threads/utk/46441ed7a7bd4632a4d70e1919e89155?uuid=494c514cd7724f98ada1a3c3093e18c3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncm.at&inApp53=false&messagesUtk=46441ed7a7bd4632a4d70e1919e89155&url=https%3A%2F%2Fwww.ncm.at%2Fsicher-senden.html%3Futm_source%3Dsichersenden.at%26utm_medium%3Dredirection%26utm_campaign%3Ddomain-weiterleitung&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b984a593ed64ace157b64a900803945e25c9d02b267a4cf8dca4d50e3a84a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: app.hubspot.com
:scheme: https
:path: /conversations-visitor/2432660/threads/utk/46441ed7a7bd4632a4d70e1919e89155?uuid=494c514cd7724f98ada1a3c3093e18c3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncm.at&inApp53=false&messagesUtk=46441ed7a7bd4632a4d70e1919e89155&url=https%3A%2F%2Fwww.ncm.at%2Fsicher-senden.html%3Futm_source%3Dsichersenden.at%26utm_medium%3Dredirection%26utm_campaign%3Ddomain-weiterleitung&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ncm.at/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ncm.at/

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d1cb1d25175f53a5545ca4143e5d707101620028988; expires=Wed, 02-Jun-21 08:03:08 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 6497f89769cf4e38-FRA
age: 206
cache-control: max-age=600
etag: W/"24da6563a86669be3ddbc99870f9d2d4"
last-modified: Wed, 28 Apr 2021 04:20:06 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
cf-request-id: 09d2d9b29f00004e382536e000000001
content-security-policy-report-only: script-src 'unsafe-inline' 'self' www.hubspot.com js.hs-analytics.net js.hsforms.net js.hsleadflows.net *.hsappstatic.net js.hs-banner.com *.hs-scripts.com js.hubspotfeedback.com js.usemessages.com js.hubspot.com js.hsadspixel.net js.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net www.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com www.fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com s.yimg.jp www.redditstatic.com 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: XO8N-CSKKxJuFM4-Kc-ZI3L84RQoKJNx8E37uAjwjkdXHcZ3or8KtQ==
x-amz-cf-pop: IAD89-C3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: OBy_V1fSXzGmZiJENRUhjRaBJOTNwnkA
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.11188/html/index.html
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.133/ Frame 4118 44 KB
15 KB 61ms
27ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.133/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2432660/threads/utk/46441ed7a7bd4632a4d70e1919e89155?uuid=494c514cd7724f98ada1a3c3093e18c3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncm.at&inApp53=false&messagesUtk=46441ed7a7bd4632a4d70e1919e89155&url=https%3A%2F%2Fwww.ncm.at%2Fsicher-senden.html%3Futm_source%3Dsichersenden.at%26utm_medium%3Dredirection%26utm_campaign%3Ddomain-weiterleitung&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fcb720730ec6667a8eb5cc8922104bcd038a26f8ad3f2b97c39da1f8b1d248c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 431304
x-amz-server-side-encryption: AES256
cf-ray: 6497f898aea72bdd-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b36e00002bdd56a88000000001
last-modified: Tue, 27 Apr 2021 20:06:49 GMT
server: cloudflare
etag: W/"130a0aa46b085d7193be5bff1b06839c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KCfI7wCOy5KJNFXPtFkwizYzMZ2HtxMXPJhZBsicqUKdOJjHJRJskjP9cE47HWyBpdgoj0qDE%2B82eBSuL2MNYgLAH2OY6rUdDKb%2BFggaHsyffhde9vMT0P6yRF8mdnNKKXCt"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: GjpMz4KgmP.84GcQIO6xeWpzcLZFXo8X
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: 0nfcUdMV8bVScdjaQp1C6_sopWmNwFtViK1pX_2yk-6O-ToSORBx4A==
expires: Tue, 03 May 2022 08:03:08 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/ Frame 4118 20 KB
4 KB 42ms
17ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.10899/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
via: 1.1 fc6dca2df1221c0bec817610bc20e505.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1162801
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b36e00002baddd33f000000001
last-modified: Wed, 03 Mar 2021 21:09:00 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h3e4OrqTA5z0aU%2Bfa5PgiZbCnehpUaRMLEJh9lUjaw2XLEjd%2BZzWLbLrVC2TFyPxN5A5DNenB8b12tfqzQRsWhAHakmxYW7godK8uY0bnJFgwASa9NjNj3Z%2Bztyqilb3%2F0XW"}],"max_age":604800}
x-amz-version-id: 1rBCyHs_YjjDB1.HOpykpqteK2m6W_oL
cache-control: public, max-age=31536000
x-amz-cf-pop: MUC50-C1
cf-ray: 6497f898a91a2bad-FRA
x-amz-cf-id: ty8MEdjgGU_CHYbNJ3VAGai79DmhaUdHc0j1TA7E5ppRiixT4jKtqg==
expires: Tue, 03 May 2022 08:03:08 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.129/ Frame 4118 285 KB
85 KB 39ms
15ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.129/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a94aca9a3bb11143fc25e69f7cddee5e42619798aea0a4595e5b85af2db47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
via: 1.1 843560942e8c8e57a33193254e0a9de6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1162941
x-amz-server-side-encryption: AES256
cf-ray: 6497f898bea82bdd-FRA
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b36e00002bdd973f4000000001
last-modified: Thu, 25 Feb 2021 03:06:13 GMT
server: cloudflare
etag: W/"4b0d6c4998d1c189b73bf24559a044d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DXy3OEHuVX%2BvLAMW%2Bbb2P9GKz5wF%2FCdUlpSYyWoWaLO4sNAbuuQbqD5FtlLgF%2FTFz%2FzH9K9LmbwmOBYUGrMBSeytfFJnYnd2QxxkM0FTdL31Xo6BsoAp2wiY1SEQdfi6goXu"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: tIgtiGaJ4EHx5PaVJ4NwnE5IaF3j9gQD
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-C1
content-type: application/javascript
x-amz-cf-id: ZDyZ8RQWk-PL3Fd5LlNKJ5ZVEH0_vNHhazeGC5Tv3uf519KhPXZOhg==
expires: Tue, 03 May 2022 08:03:08 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11188/bundles/ Frame 4118 462 KB
114 KB 50ms
26ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11188/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c6505e635f9cb553ca4032341b310aa6c66f6f55ef1158fa9a7c36623c5bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 402176
x-amz-server-side-encryption: AES256
cf-ray: 6497f898bea92bdd-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b36f00002bdd84884000000001
last-modified: Wed, 28 Apr 2021 16:05:29 GMT
server: cloudflare
etag: W/"0208c0ea88ea4ad9ac9cf7a5076abe59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AR4t7IUYhY0ZKZXYjUp%2BcWSU3ZZjJSQeOrUZ%2Fu1sCUoaZte3OhUMPfsaNxB4fYe2DjCO6uiyZswtoBieo%2BVZyAMAZ3q%2BVKoorpkN85aKIh489HqNR22AePwE2eurlTZhbXGD"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: r_sZGskMauXu93Rf8KOGals46dFB3c0C
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: cQ7F9E3WeiFZV-UadKDscLIJXAHbdJeTME71Ik0rRit-0YYwckEwpw==
expires: Tue, 03 May 2022 08:03:08 GMT

GET
H3-29 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11092/ Frame 4118 776 B
1 KB 41ms
25ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11092/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11188/bundles/visitor.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2ff2dc8b218600ac8bf0d27fc45e0d63218b21417af8d44ceea619f44b33231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
via: 1.1 6b03f32d70ff9f666371f69d2672d273.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 905792
x-amz-server-side-encryption: AES256
cf-ray: 6497f89a0ba2c29a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b4420000c29a59913000000001
last-modified: Tue, 20 Apr 2021 13:11:47 GMT
server: cloudflare
etag: W/"72c55f8c61df9218d1d8cdf59e751a21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nl93mngTGrO9Qv1qvxCQVVHdTBoKn%2FmkZoTSLOzedN25Cc6Jo1AM%2Bt1VtA7it2UX%2FjlJfJ%2FxjN%2B7pUCNG2IjphMUc2sm%2BgbIYWttQyc5uFJRymYP887pBVO%2B0XYIZEuTKbhl"}]}
x-amz-version-id: cTwQED7.phRtNPqrByMm6WC2jLVckIY6
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: SEA19-C1
content-type: application/javascript
x-amz-cf-id: _tQkSW5NyxblxN_gT5SS8EfAifbii9gExgKAw2n-hIN-RfMXKE2_MA==
expires: Tue, 03 May 2022 08:03:08 GMT

GET
H3-29 200 conversations-visitor-ui-lang-de.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11092/ Frame 4118 14 KB
5 KB 17ms
16ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11092/conversations-visitor-ui-lang-de.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11188/bundles/visitor.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e47c8eaef93711a3584dfde7111b4002bdfeeff9fa0badc89c5e11be2f26fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 907584
x-amz-server-side-encryption: AES256
cf-ray: 6497f89a7c6bc29a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b48d0000c29a231a7000000001
last-modified: Tue, 20 Apr 2021 13:11:47 GMT
server: cloudflare
etag: W/"a93452abd384c77eef84349e0099a670"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dLIXh0wVOhkY9bc3elp3luqptAOnOjc0XJjMHbdVrTVuNoD09JzzHNWaehmfGpJVi21%2BnWUY%2F1rnst7JiYx%2F2BUgMRfPiIniVabX87ea97wifeGrpsiA6DK7VGqobg1Asv6n"}]}
x-amz-version-id: kWEHEV5E0R.WXT.2.SPFZ5KpEC51kTjy
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: _W1UqqAo6MDYfHb2b_LszHtHodMPueNbWb5XDOu2yxtYa_dZ1lnD-w==
expires: Tue, 03 May 2022 08:03:08 GMT

GET
H3-29 200 I18n-lang-de.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11092/ Frame 4118 1 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11092/I18n-lang-de.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11188/bundles/visitor.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acda600f499ac2b95a13861474da9552f8afd4e7e9f718c82420bd5a20700f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 907584
x-amz-server-side-encryption: AES256
cf-ray: 6497f89a7c6dc29a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b48d0000c29a06229000000001
last-modified: Tue, 20 Apr 2021 13:11:46 GMT
server: cloudflare
etag: W/"953e4dc682258595c31ef794806ae9ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FuZdhSz96WVm7fk6vpObN4OCySF%2F06WM5KrDX7l86R2EnYjVEdkE4aj4OmYBRFK%2BwaxS7Nq%2BZvepT5rG6C9m2exg46oBJfeBE%2FRwcEd%2Bwv3ExAf1lYoAZme%2B7GT%2FEHNeTE7D"}]}
x-amz-version-id: 2a5hNHhtiwqqvwNBMIljfWk3Axi21.pn
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: 2s15drTlbNbAgev_rFT4n1jTjHq4lLBXeujXoTlqRau5vj--UHe6Sw==
expires: Tue, 03 May 2022 08:03:08 GMT

GET
H3-29 200 i18n-data-data-locales-de.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11092/ Frame 4118 2 KB
2 KB 21ms
17ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11092/i18n-data-data-locales-de.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11188/bundles/visitor.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f25bf90c006a3e4703d57e4724f08d8a624c68ebe14975b145fb3ff5bcc10a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://app.hubspot.com
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 907584
x-amz-server-side-encryption: AES256
cf-ray: 6497f89a8c76c29a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b4900000c29a0a8da000000001
last-modified: Tue, 20 Apr 2021 13:11:47 GMT
server: cloudflare
etag: W/"c5626a387436e518161815ff21f86d30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LIN8%2B9%2B4kmgkHA8yLR6Rs%2FA8Pm3cTkWv7BlpJbItNoQ4OpjmEhzcEQ8zI65iklk8bbOh3TzmgzkEyJD2tVN79LehdNGzLhUzgXFIS6N9VKBF11H4qm9%2FJcz5TvfKmi5M4OUD"}]}
x-amz-version-id: OGfW9CNpaR_w6xFeJAGqyP33XhRMDvrO
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: 6CtG-ulZi4AXX4jjVqpbk2iB7FVaRWhhyIxSL7RwJuYZoJTiw6-mwQ==
expires: Tue, 03 May 2022 08:03:08 GMT

GET
H2

200

default-100
avatars.hubspot.net/ Frame 4118
Redirect Chain

https://api.hubspot.com/userpreferences/v1/avatar/c521343d78055b2c734c5bc27cc78b0c/100
https://avatars.hubspot.net/default-100

448 B
1 KB

43ms
17ms

Image
image/webp

2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/default-100
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2432660/threads/utk/46441ed7a7bd4632a4d70e1919e89155?uuid=494c514cd7724f98ada1a3c3093e18c3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=ncm.at&inApp53=false&messagesUtk=46441ed7a7bd4632a4d70e1919e89155&url=https%3A%2F%2Fwww.ncm.at%2Fsicher-senden.html%3Futm_source%3Dsichersenden.at%26utm_medium%3Dredirection%26utm_campaign%3Ddomain-weiterleitung&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 45717
x-amz-server-side-encryption: AES256
cf-ray: 6497f89c5f114e25-FRA
content-length: 448
x-amz-id-2: ENkBkHm/JuQ/7Ywnb7Crw/OQLLW32cwDwZM5vRnx7xcc30xQVxet2Ji7bjlVR/Z31G81RmY0dAM=
last-modified: Fri, 18 Sep 2020 15:59:13 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1997735891/gname:staff/uname:jmendelewski/gid:20/mode:33188/mtime:1484768632/atime:1484768827/md5:dd769facdb720bc65224b1db30749aeb/ctime:1484768635
etag: "dd769facdb720bc65224b1db30749aeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LfxvKnZaPgnqiOkILLd8i3cfX57IiiErJdzFtK9meqWi3dhwb3H9Awjk5x7%2FTz3kSOumxTYvfh13KRmy1X%2BEJVpVxQS0O5A9J7DWATuBJpOvJU3i09xFZ8OuiGXTOkvd"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 1JJG7XQKSFG4SPV4
cf-polished: origFmt=png, origSize=798
cf-request-id: 09d2d9b5b700004e25ab9ca000000001
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

Redirect headers

date: Mon, 03 May 2021 08:03:08 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-hubspot-correlation-id: 62a18e3e-ca81-470a-b0d8-f1ffa0ddf45b
x-trace: 2BCC0606C1A89DDC43902287999C2EC82D6BDCEDA6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7dJEDrKoQLSmIeNGx%2BTBDgzNGdx3WA51jsd5w19mjJsQB9HyPv6br0QCDo5rDBiBeNDTHl48iLTtGUEvZY312MYPVr8k8EZLJNHcqKOTee1VFG%2BMA88N5gNpZRY%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/default-100
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6497f89b3b1d1f21-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b50700001f21ab24d000000001

POST
H3-29 204 rhumb
api.hubspot.com/cartographer/v1/ Frame 4118 0
1 KB 159ms
148ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11188

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11188/bundles/visitor.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 May 2021 08:03:08 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-hubspot-correlation-id: de6e941b-0ae7-40bd-a775-0be552531a59
access-control-max-age: 604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d2d9b50800001f21c4bc7000000001
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X6akR9r27DsbNlua7nSRs5e90rE0X4ugxPaNKdkB8wzmhpZ68AWfOpaH%2BTovGZuXNp84%2BoQmpLWUSKHGJwcL3SPkoA%2FX2fBmrQCWB4V8Bzj2YlqBf9ieuhUYVeE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 6497f89b3b1f1f21-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H2 200 cron.txt Show response
www.ncm.at/system/cron/ 10 B
216 B 40ms
40ms XHR
text/plain 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/system/cron/cron.txt
Requested by: Host: www.ncm.at
URL: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: afa172f031f8f753a1372580330786e0bc15b5804820cb377bc8eb61f39177c5

Request headers

:path: /system/cron/cron.txt
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:12 GMT
last-modified: Mon, 03 May 2021 07:55:37 GMT
server: Apache
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform
set-cookie: NCM_USERID=ncm; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:12 GMT
accept-ranges: none
content-length: 10

GET
H2 200 cron.txt Show response
www.ncm.at/system/cron/ 10 B
104 B 40ms
40ms XHR
text/plain 83.218.161.112
MYNET-AS myNET gmbh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ncm.at/system/cron/cron.txt
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.218.161.112 Tyrol, Austria, ASN31543 (MYNET-AS myNET gmbh, AT),
Reverse DNS: ncmh5.mynet.at
Software: Apache /
Resource Hash: afa172f031f8f753a1372580330786e0bc15b5804820cb377bc8eb61f39177c5

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: NCM_USERID=ncm
:path: /system/cron/cron.txt
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.ncm.at
referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.ncm.at/sicher-senden.html?utm_source=sichersenden.at&utm_medium=redirection&utm_campaign=domain-weiterleitung
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:12 GMT
last-modified: Mon, 03 May 2021 07:55:37 GMT
server: Apache
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform
set-cookie: NCM_USERID=ncm; path=/; domain=www.ncm.at; expires=Fri, 02-Jul-2021 08:03:12 GMT
accept-ranges: none
content-length: 10

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ncm.at/	1970-01-19 18:43:40	Name: AllowedCookiesList Value: ,ASP.NET_SessionId,CookieConsent,__cfduid,_zendesk_session,_zendesk_shared_session,_zendesk_thirdparty_test,_gh_sess,has_recent_activity,__cfruid,_help_center_session,ZD-suid,ARRAffinity,__RequestVerificationToken,ASPXAUTH,_hjIncludedInSample,Drift.Targeting.currentPageViewStarted,Drift.Targeting.firstVisit,Drift.Targeting.lastVisit,checkForPermission,mymon_scookie_test,mymon_user,_mymon_user,_1Stcontact,_1Stref,_2ndcontact,_2ndref,_3rdcontact,_3rdref,_mymon_session,NCM_ACCEPT_WEBP,NCM_SEASON,NCM_USERID,PHPSESSID,_cetui,cf_clearance,XTCsid,XXX_iframe,NCMCOOKIEINFOREAD,referrer_url,cookieverified,AllowedScriptList,IDE,AllowedCookiesList,CookieInteraction,christmas_seen,hubspotapi-csrf,csrf.app,mymon_form_log_*,_cetsi,SPECIALBOXHEIGHT_2,bestpreis_hidden,lang,room_list_url_de,SPECIALBOXHEIGHT_1
www.ncm.at/	1970-01-19 18:01:26	Name: NCM_SEASON Value: 2
.www.ncm.at/	1970-01-19 19:26:52	Name: NCM_ACCEPT_WEBP Value: 1
www.ncm.at/	1969-12-31 23:59:59	Name: PHPSESSID Value: qiden3r66u44b1t7uf3g57nms2
www.ncm.at/	1970-01-19 18:00:32	Name: lang Value: 1
.www.ncm.at/	1970-01-19 19:26:52	Name: NCM_USERID Value: ncm
www.ncm.at/	1970-01-19 18:43:40	Name: AllowedScriptList Value: ,gtm.js
.ncm.at/	1970-01-19 19:26:52	Name: NCM_USERID Value: ncm

65 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig ASP.NET_SessionId
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig CookieConsent
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig __cfduid
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig _zendesk_session
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig _zendesk_shared_session
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig _zendesk_thirdparty_test
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig _gh_sess
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig has_recent_activity
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig __cfruid
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig _help_center_session
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig ZD-suid
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig ARRAffinity
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig __RequestVerificationToken
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig ASPXAUTH
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig _hjIncludedInSample
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig Drift.Targeting.currentPageViewStarted
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig Drift.Targeting.firstVisit
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig Drift.Targeting.lastVisit
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig checkForPermission
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig mymon_scookie_test
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig mymon_user
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig *_mymon_user
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig *_1Stcontact
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig *_1Stref
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig *_2ndcontact
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig *_2ndref
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig *_3rdcontact
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig *_3rdref
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig *_mymon_session
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig NCM_ACCEPT_WEBP
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig NCM_SEASON
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig NCM_USERID
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig PHPSESSID
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig _cetui
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig cf_clearance
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig XTCsid
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig XXX_iframe
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig NCMCOOKIEINFOREAD
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig referrer_url
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig cookieverified
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig AllowedScriptList
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig IDE
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig AllowedCookiesList
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig CookieInteraction
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig christmas_seen
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig hubspotapi-csrf
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig csrf.app
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig mymon_form_log_*
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig _cetsi
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig SPECIALBOXHEIGHT_2
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig bestpreis_hidden
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig lang
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig room_list_url_de
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1511) Message: Notwendig SPECIALBOXHEIGHT_1
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1806) Message: Script BLOCKED https://connect.facebook.net/en_US/fbevents.js undefined
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1806) Message: Script BLOCKED https://connect.facebook.net/en_US/fbevents.js undefined
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1574) Message: Cookie BLOCKED! __hstc=77307914.66950c1658446158d9e9d57a281d4f28.1620028988017.1620028988017.1620028988017.1;expires=Sat, 28 May 2022 08:03:08 GMT;path=/;domain=.ncm.at;SameSite=Lax
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1574) Message: Cookie BLOCKED! __hstc=77307914.66950c1658446158d9e9d57a281d4f28.1620028988017.1620028988017.1620028988017.1;expires=Sat, 28 May 2022 08:03:08 GMT;path=/;SameSite=Lax
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1574) Message: Cookie BLOCKED! hubspotutk=66950c1658446158d9e9d57a281d4f28;expires=Sat, 28 May 2022 08:03:08 GMT;path=/;domain=.ncm.at;SameSite=Lax
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1574) Message: Cookie BLOCKED! hubspotutk=66950c1658446158d9e9d57a281d4f28;expires=Sat, 28 May 2022 08:03:08 GMT;path=/;SameSite=Lax
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1574) Message: Cookie BLOCKED! __hssrc=1;path=/;domain=.ncm.at;SameSite=Lax
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1574) Message: Cookie BLOCKED! __hssrc=1;path=/;SameSite=Lax
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1574) Message: Cookie BLOCKED! __hssc=77307914.1.1620028988017;expires=Mon, 03 May 2021 08:33:08 GMT;path=/;domain=.ncm.at;SameSite=Lax
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1574) Message: Cookie BLOCKED! __hssc=77307914.1.1620028988017;expires=Mon, 03 May 2021 08:33:08 GMT;path=/;SameSite=Lax
console-api	log	URL: https://www.ncm.at/co_block.js(Line 1578) Message: Cookie Allowed! messagesUtk=46441ed7a7bd4632a4d70e1919e89155;expires=Sat, 28 May 2022 08:03:08 GMT;domain=.ncm.at;path=/;SameSite=Lax;Secure

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.hubspot.com
app.hubspot.com
avatars.hubspot.net
checkeffect.at
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
ncm.at
sichersenden.at
static.hsappstatic.net
track.hubspot.com
www.googletagmanager.com
www.ncm.at
www.sichersenden.at
2606:4700::6811:45b0
2606:4700::6811:7d2
2606:4700::6811:d5cc
2606:4700::6811:edcc
2606:4700::6811:f4cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::2003
2a00:1450:4001:811::2008
2a00:1450:4001:827::200a
2a00:1450:4001:830::200a
31.222.175.61
83.218.161.112
83.218.161.71
093f21f98dda37877cc1dc0e359cb909be389066dbd8423f2a3e1dc5dae54eb3
0e47c8eaef93711a3584dfde7111b4002bdfeeff9fa0badc89c5e11be2f26fb3
14c4f79e3a89c5c319a521fd6c00421ebaf35287506f95804d2dd30e549bf034
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
29b9dc64ead69c8ee2c18a8efe25f942fb2d84df8f093aafffda4590f4d4408a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cdfa3c5aaec099e0f0169197c03ed51231881fd96071f57d4a5cd8836977dd2
321ee68724eef630c70e502084f644d71c48daf7dd0f34d3c27f3002c2cafdec
32c6505e635f9cb553ca4032341b310aa6c66f6f55ef1158fa9a7c36623c5bdf
342fbc276f98d175be1a937e5f974728ae8d2051a8f9a94877bd5b24339febfd
397b11872db9979a74c049a3c2cd07086daaa2b54118d6bbbe81f5e191479136
3fbc0605c65df635914e2450c0b38cfd1ac2442c019d84bda8ff79c057fa30ac
54fbc2077eb38e9b157c5e2cb24676ea54cbb7a3fe0eae12ecfef0ec95def44e
5f4670ebe9cd3732d08dba398b54597ccce419b6ef5a02531da5dd5676f0ebf8
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067
68973585013d4e15d977cc6c86cfb7a469309277547dd0dbdfbb14fff3361298
6b075f73a06cbccd202725fabae2660243871b03b863a081bd2d6dade70bcc9f
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7a4269333599643f65b52a9fb84b75928dcb5dc04feba27a62b605f74e71277b
7b984a593ed64ace157b64a900803945e25c9d02b267a4cf8dca4d50e3a84a43
85a94aca9a3bb11143fc25e69f7cddee5e42619798aea0a4595e5b85af2db47e
8d071abc82473c83c3ee8d8e10e7e77c3a1215c3d563d117e17e3ee33564422b
8f464df57b13d05f2ce593e95be39e39983c89b973a06d5f7f9961cc99d6d47d
9fcb720730ec6667a8eb5cc8922104bcd038a26f8ad3f2b97c39da1f8b1d248c
a0243c00856f8ab199706680388003b1ca4eb96f07d660b55b8bac3b07853876
a2ff2dc8b218600ac8bf0d27fc45e0d63218b21417af8d44ceea619f44b33231
ac7d73d75410c8fab8d09cb0afa4984b301e125175f7949a56ab6f1da09ce28b
acda600f499ac2b95a13861474da9552f8afd4e7e9f718c82420bd5a20700f6a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afa172f031f8f753a1372580330786e0bc15b5804820cb377bc8eb61f39177c5
b59178aaf51f3f24a8a6912febfae8e2e2b8788882bdd85f53d2e76d68984366
b71b349d7ca2b4936fdf92ce9a6edb4fe29d5ab40a7894565639325c77356402
bb47ddb9a00acc18aeed8346f9a320e2da3052f3d30bcab29a33a43262bda5c6
be479e28b9e46071ccbe8caca467b352bfbe9c0a12befbe93ff43d215b930bb1
bff4d9374689f43b34490bd715c06563c075e2eb4820a797d02bed3a936ba489
cc3e6bf3067fe1d2c62fa0129424ce0d4dbce4a82b520f11b8204fc4c18f7053
d0d2fd9ddd51e15c7fa020eb9d27bd7e61f8bb0764329a5cb543043eb4d78c0e
d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcc340c38e509acad1f36df5cd90309b6f2a34b45787322b08420e33178b23f4
df1b7ac8d56da112b271f6e736310b930899cfbc371e43bd290e3599199b9cf6
e1a3a67f5ea69c5c6349700c52a403752d7e43ab2ae1de5e69257d23150bc76f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
f09f8cc01117d758dc23e37420cbf80b3eedbe8b8f0926d9f5ce8046ec5b3a95
f25bf90c006a3e4703d57e4724f08d8a624c68ebe14975b145fb3ff5bcc10a7f
f44ba75dbf45db7656b080f299076ce472e4ceea30120ef0b0dae08df8d9e1ca
f93f7c6e030aeba8d754cba85e278b844cabaf6463e009c3e72cc44ced1a92df
f9c6644d4a82a8103002c678caa089a03c5d4a3b15d3aee95e03ca552651118a
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

www.ncm.at Open in urlscan Pro 83.218.161.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

80 %IPv6

13 Domains

18 Subdomains

15 IPs

4 Countries

1014 kBTransfer

3021 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ncm.at Open in urlscan Pro
83.218.161.112 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

80 %
IPv6

13
Domains

18
Subdomains

15
IPs

4
Countries

1014 kB
Transfer

3021 kB
Size

8
Cookies

48 HTTP transactions
4 data transactions