ninavalotti.ch Open in urlscan Pro
172.65.232.115  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ninavalotti.ch/	47 KB 12 KB	550ms 234ms	Document text/html	172.65.232.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ninavalotti.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.65.232.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software openresty / Resource Hash d64c19bd6fc315721e1c40a0491dbac0a703fcd922a291dbd1e4ff0b39199635 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers age 23618 cache-control max-age=0, private, must-revalidate content-encoding gzip content-security-policy frame-ancestors 'self' content-type text/html; charset=utf-8 date Fri, 02 Feb 2024 06:19:58 GMT etag W/"4f56af3f1f045d181a03e9108a753925" last-modified Wed, 13 Dec 2023 14:46:23 GMT referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin server openresty strict-transport-security max-age=31556952 x-cache HIT x-cache-hits 3 x-clacks-overhead GNU Terry Pratchett x-content-digest 8310c1f060b9a4ae54e8c5db6aa351859c541989 x-content-type-options nosniff x-download-options noopen x-frame-options DENY x-permitted-cross-domain-policies none x-rack-cache fresh x-request-id d862dc17092cee1f14a60122d837378d ce1620b6fe7df1bc72d45f11fd79af20 x-runtime 0.434354 x-xss-protection 1; mode=block
GET H2	200	application-3d90edb0b405a159a8e51c0dd96ebb73683be7785a25d8ff165c64f6d5462e58.css assets-app-production-pubnet.bndzgl.com/assets/usersite/	324 KB 45 KB	479ms 96ms	Stylesheet text/css	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-3d90edb0b405a159a8e51c0dd96ebb73683be7785a25d8ff165c64f6d5462e58.css Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d90edb0b405a159a8e51c0dd96ebb73683be7785a25d8ff165c64f6d5462e58 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 06:19:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31556952 access-control-request-method * x-permitted-cross-domain-policies none content-security-policy frame-ancestors 'self' age 5549845 cf-cache-status HIT content-length 46223 x-xss-protection 1; mode=block x-request-id 43860530dfb161dff3233874f4b94021 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett last-modified Fri, 17 Nov 2023 10:12:58 GMT server cloudflare x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84f0535edc5224c2-ZRH expires Mon, 30 Jan 2034 06:19:59 GMT
GET H2	200	tone-68e6ae5c.css assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/	98 KB 10 KB	481ms 99ms	Stylesheet text/css	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/tone-68e6ae5c.css Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0e010ca7cafd894132429785733978935deeab4f8d08c3ef0ad9741306048b7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-cache-hits 0 date Fri, 02 Feb 2024 06:19:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31556952 access-control-request-method * x-permitted-cross-domain-policies none content-security-policy frame-ancestors 'self' age 2013291 cf-cache-status HIT x-cache MISS content-length 10552 x-xss-protection 1; mode=block x-request-id 491ef684df1b35a30dec2ed6564fa165 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett last-modified Tue, 09 Jan 2024 16:01:35 GMT server cloudflare x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84f0535edc5524c2-ZRH expires Mon, 30 Jan 2034 06:19:59 GMT
GET H2	200	stylesheet.css assets-production.bndzgl.com/assets/fonts/443824012/25182/BrightwallPersonalUse/	226 B 292 B	443ms 51ms	Stylesheet text/css	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-production.bndzgl.com/assets/fonts/443824012/25182/BrightwallPersonalUse/stylesheet.css Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 304e3210975e9b52a37e3f33f555c3f56bb203c8086e9c31a4eaecf2a8912733 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-cache-hits 0 date Fri, 02 Feb 2024 06:19:59 GMT strict-transport-security max-age=31556952 x-content-type-options nosniff content-security-policy frame-ancestors 'self' access-control-request-method * x-permitted-cross-domain-policies none cf-cache-status HIT age 84055 content-encoding gzip x-cache MISS content-transfer-encoding binary content-disposition inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css x-xss-protection 1; mode=block x-request-id 4fb079c57b1788818230e746cdf14a2a, 4fb079c57b1788818230e746cdf14a2a pragma x-runtime 0.036128 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett server cloudflare etag W/"304e3210975e9b52a37e3f33f555c3f5" x-download-options noopen x-frame-options DENY vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 cf-ray 84f0535ecb950219-ZRH x-rack-cache miss expires Mon, 30 Jan 2034 06:19:59 GMT
GET H2	200	stylesheet.css assets-production.bndzgl.com/assets/81fb3386-c85b-4eeb-9db9-d98a1b69dfc2/	233 B 786 B	439ms 49ms	Stylesheet text/css	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-production.bndzgl.com/assets/81fb3386-c85b-4eeb-9db9-d98a1b69dfc2/stylesheet.css Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e3ebf6a1f312407d70a172e90948dbc38c6ff3fda196744430eaec7c057bbde Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 06:19:59 GMT strict-transport-security max-age=31556952 x-content-type-options nosniff content-security-policy frame-ancestors 'self' access-control-request-method * x-permitted-cross-domain-policies none cf-cache-status HIT age 5543227 content-encoding gzip content-transfer-encoding binary content-disposition inline; filename="stylesheet.css"; filename*=UTF-8''stylesheet.css x-xss-protection 1; mode=block x-request-id ac81d668674965b2301503263626cd02, ac81d668674965b2301503263626cd02 pragma x-runtime 0.077924 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett server cloudflare etag W/"2e3ebf6a1f312407d70a172e90948dbc" x-download-options noopen x-frame-options DENY vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 cf-ray 84f0535ecb970219-ZRH x-rack-cache miss expires Mon, 30 Jan 2034 06:19:59 GMT
GET H2	200	application-f030862f0ada0b12432fd6fa0d07395258f5e49dfc969572b33cd631604c6303.js Show response assets-app-production-pubnet.bndzgl.com/assets/usersite/	337 KB 107 KB	457ms 77ms	Script application/javascript	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-f030862f0ada0b12432fd6fa0d07395258f5e49dfc969572b33cd631604c6303.js Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f030862f0ada0b12432fd6fa0d07395258f5e49dfc969572b33cd631604c6303 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-cache-hits 0 date Fri, 02 Feb 2024 06:19:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31556952 access-control-request-method * x-permitted-cross-domain-policies none content-security-policy frame-ancestors 'self' age 38073 cf-cache-status HIT x-cache MISS content-length 108716 x-xss-protection 1; mode=block x-request-id 0345d7b410ffe12f24b9a066a4f7387b referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett last-modified Thu, 01 Feb 2024 19:04:02 GMT server cloudflare x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type application/javascript access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84f0535edc5824c2-ZRH expires Mon, 30 Jan 2034 06:19:59 GMT
GET H2	200	usersite-6ad34fa6bbd9c4a08fa5.js Show response assets-app-production-pubnet.bndzgl.com/packs/js/	455 KB 94 KB	41ms 40ms	Script application/javascript	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-6ad34fa6bbd9c4a08fa5.js Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 838c3e8134421477a27b3adfe68599df3dcb8a03a3ef7fb79bafce3eac510ea3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-cache-hits 0 date Fri, 02 Feb 2024 06:19:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31556952 access-control-request-method * x-permitted-cross-domain-policies none content-security-policy frame-ancestors 'self' age 38073 cf-cache-status HIT x-cache MISS content-length 96462 x-xss-protection 1; mode=block x-request-id 7bba9f28a8a5c780d9a0baf98bb8625c referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett last-modified Thu, 01 Feb 2024 19:17:27 GMT server cloudflare x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type application/javascript access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84f0535f5d5e24c2-ZRH expires Mon, 30 Jan 2034 06:19:59 GMT
GET H2	200	usersite-e263bbc4.css assets-app-production-pubnet.bndzgl.com/packs/css/	12 KB 3 KB	479ms 100ms	Stylesheet text/css	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite-e263bbc4.css Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 06:19:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31556952 access-control-request-method * x-permitted-cross-domain-policies none content-security-policy frame-ancestors 'self' age 5703770 cf-cache-status HIT content-length 2532 x-xss-protection 1; mode=block x-request-id d264f1de5164a0495c4c631a969cc3e7 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett last-modified Mon, 06 Nov 2023 14:29:11 GMT server cloudflare x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84f0535edc5324c2-ZRH expires Mon, 30 Jan 2034 06:19:59 GMT
GET H2	200	meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.png d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/596989/c0193a4198ac33c8f4fb06e1b2eae63ede9225bb/original/istock-668613592.png/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/	179 KB 180 KB	455ms 51ms	Image image/webp	99.86.1.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/596989/c0193a4198ac33c8f4fb06e1b2eae63ede9225bb/original/istock-668613592.png/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.png Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.1.8 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-1-8.fra6.r.cloudfront.net Software Fly/ba9e227a (2024-01-26) / Express Resource Hash 403a559401ea2bda2e87bb7c528ce7a56b7cca12ed2a2a829d0792c9986d8ef3 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 06:59:04 GMT via 1.1 fly.io, 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront) fly-request-id 01HNHQDGXF318CY5Q56XYK5841-fra server Fly/ba9e227a (2024-01-26) x-amz-cf-pop FRA6-C1 age 84055 x-powered-by Express x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control public, max-age=86400 access-control-allow-credentials true x-zoogle-commands {"base":"s:bzglfiles/u/596989/c0193a4198ac33c8f4fb06e1b2eae63ede9225bb/original/istock-668613592.png/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.png","src":"u/596989/c0193a4198ac33c8f4fb06e1b2eae63ede9225bb/original/istock-668613592.png","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"} x-amz-cf-id -RGAbjzIlklVQkALuAmuwsfQVoYRwhhwH7oKgL9rCNvLEwmLT5p_Fw==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	214 KB 58 KB	422ms 43ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash 22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 02 Feb 2024 06:19:59 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57202 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug rgt9wsMvR76RT1PvDZzZ2XH0t6ZwrSqfE7zMh2ecX0NNyLwMHWqoOLvwJGoqZ9N8g255QHh+rIzezcms/sD6lA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css assets-app-production-pubnet.bndzgl.com/assets/	67 B 207 B	46ms 46ms	Stylesheet text/css	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-app-production-pubnet.bndzgl.com/assets/usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 06:19:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31556952 access-control-request-method * x-permitted-cross-domain-policies none content-security-policy frame-ancestors 'self' age 5614922 cf-cache-status HIT content-length 81 x-xss-protection 1; mode=block x-request-id 0367832ba2c6e1e98710a1bcb1e5a6f2 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett last-modified Wed, 01 Nov 2023 12:15:40 GMT server cloudflare x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84f0535f8dbc24c2-ZRH expires Mon, 30 Jan 2034 06:19:59 GMT
GET DATA	200 OK	truncated /	44 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	82 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	stats.js Show response stats.zoogletools.net/	2 KB 1 KB	752ms 215ms	Script application/javascript	137.66.4.72 FLY
General Check archive.org Show headers Download Go to Full URL https://stats.zoogletools.net/stats.js?v=1 Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 137.66.4.72 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ba9e227a (2024-01-26) / Resource Hash 061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 06:19:59 GMT content-encoding br via 2 fly.io last-modified Tue, 01 Aug 2023 12:20:29 GMT server Fly/ba9e227a (2024-01-26) fly-request-id 01HNM7JPETGF5NWR32M5JZGXCX-ams etag W/"6b7-64c8f88d.0" content-type application/javascript cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes
GET H2	200	BrightwallPersonalUse.woff2 assets-production.bndzgl.com/assets/fonts/443824012/25182/BrightwallPersonalUse/	95 KB 96 KB	599ms 235ms	Font font/woff2	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-production.bndzgl.com/assets/fonts/443824012/25182/BrightwallPersonalUse/BrightwallPersonalUse.woff2 Requested by Host: assets-production.bndzgl.com URL: https://assets-production.bndzgl.com/assets/fonts/443824012/25182/BrightwallPersonalUse/stylesheet.css#BrightwallPersonalUse-regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af455a6c66a309adb8d1a9eba6021315ae11429dc701b2d14bafd812e6870fb6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/ Origin https://ninavalotti.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-cache-hits 0 date Fri, 02 Feb 2024 06:19:59 GMT strict-transport-security max-age=31556952 x-content-type-options nosniff content-security-policy frame-ancestors 'self' access-control-request-method * x-permitted-cross-domain-policies none cf-cache-status HIT x-cache MISS content-transfer-encoding binary content-disposition inline; filename="BrightwallPersonalUse.woff2"; filename*=UTF-8''BrightwallPersonalUse.woff2 content-length 97048 x-xss-protection 1; mode=block x-request-id 8f5b5825ff47407945b7d6520c62f2e1, 8f5b5825ff47407945b7d6520c62f2e1 pragma x-runtime 0.123039 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett server cloudflare etag W/"af455a6c66a309adb8d1a9eba6021315" x-download-options noopen vary Accept, Accept-Encoding x-frame-options DENY content-type font/woff2 access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84f05361f89701eb-ZRH x-rack-cache miss expires Mon, 30 Jan 2034 06:19:59 GMT
GET H2	200	montserrat-semibold.woff2 assets-production.bndzgl.com/assets/81fb3386-c85b-4eeb-9db9-d98a1b69dfc2/	65 KB 65 KB	644ms 281ms	Font font/woff2	104.18.18.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets-production.bndzgl.com/assets/81fb3386-c85b-4eeb-9db9-d98a1b69dfc2/montserrat-semibold.woff2 Requested by Host: assets-production.bndzgl.com URL: https://assets-production.bndzgl.com/assets/81fb3386-c85b-4eeb-9db9-d98a1b69dfc2/stylesheet.css#Montserrat-semibold Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.18.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5026245f5f9b3ab023ac3fc6d1ce15001ad9aaf3127747e20b1ae8ceb53e5fa5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/ Origin https://ninavalotti.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-cache-hits 0 date Fri, 02 Feb 2024 06:19:59 GMT strict-transport-security max-age=31556952 x-content-type-options nosniff content-security-policy frame-ancestors 'self' access-control-request-method * x-permitted-cross-domain-policies none cf-cache-status MISS x-cache MISS content-transfer-encoding binary content-disposition inline; filename="montserrat-semibold.woff2"; filename*=UTF-8''montserrat-semibold.woff2 content-length 66080 x-xss-protection 1; mode=block x-request-id d2b5a68edb875e8a1dfec6b0d8997487, d2b5a68edb875e8a1dfec6b0d8997487 pragma x-runtime 0.013105 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett server cloudflare etag W/"5026245f5f9b3ab023ac3fc6d1ce1500" x-download-options noopen vary Accept, Accept-Encoding x-frame-options DENY content-type font/woff2 access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84f05361f89a01eb-ZRH x-rack-cache miss expires Mon, 30 Jan 2034 06:19:59 GMT
GET H/1.1	206 Partial Content	dab362eb6b6075e6700e20ea2daae3d6e95f0fa2.mp4 bzglfiles.s3.amazonaws.com/u/596989/5003e2b037cc80a2086d485dc991f0af907772a0/web/	32 KB 0	459ms 186ms	Media video/mp4	52.95.145.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bzglfiles.s3.amazonaws.com/u/596989/5003e2b037cc80a2086d485dc991f0af907772a0/web/dab362eb6b6075e6700e20ea2daae3d6e95f0fa2.mp4?1636102267 Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.145.41 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS s3-w.ca-central-1.amazonaws.com Software AmazonS3 / Resource Hash Request headers Referer https://www.google.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Range bytes=0- Response headers Date Fri, 02 Feb 2024 06:20:00 GMT x-amz-version-id QCh92Ji2DrNM7Sj8ymCTox.R4aFPnNmZ Last-Modified Fri, 05 Nov 2021 08:51:08 GMT Server AmazonS3 x-amz-request-id SQZRHJS7NXYR5NCW ETag "c618dd5b0359c67f38fe1f791de64c2e" Content-Type video/mp4 Content-Range bytes 0-6415536/6415537 Cache-Control public,max-age=31536000 Content-Disposition attachment Accept-Ranges bytes Content-Length 6415537 x-amz-id-2 Z87RH29yfHZwDrUnN15NZ2Gn8fbrE0ZNqqi4XVLXDbubK0XJMYuOhqiY1VMnqY/8ONlbjTHVEOk=
GET H2	200	248-2f0ee5d8defafbaf7d83.chunk.js Show response ninavalotti.ch/packs/js/	114 KB 27 KB	234ms 233ms	Script application/javascript	172.65.232.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ninavalotti.ch/packs/js/248-2f0ee5d8defafbaf7d83.chunk.js Requested by Host: assets-app-production-pubnet.bndzgl.com URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-6ad34fa6bbd9c4a08fa5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.65.232.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software openresty / Resource Hash 76eeab1cae50a25c96ea64453c32aed062858d5df983ec053dcdbdf9813edd0d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-cache-hits 1 date Fri, 02 Feb 2024 06:19:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31556952 access-control-request-method * x-permitted-cross-domain-policies none content-security-policy frame-ancestors 'self' age 8616 x-cache HIT content-length 27125 x-xss-protection 1; mode=block x-request-id 6cb8a53d4900735d1dc889c7ca6c9d68 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett last-modified Thu, 01 Feb 2024 19:17:27 GMT server openresty x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	239-3b31d8b8e0b33c3c592b.chunk.js Show response ninavalotti.ch/packs/js/	35 KB 9 KB	214ms 214ms	Script application/javascript	172.65.232.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ninavalotti.ch/packs/js/239-3b31d8b8e0b33c3c592b.chunk.js Requested by Host: assets-app-production-pubnet.bndzgl.com URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-6ad34fa6bbd9c4a08fa5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.65.232.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software openresty / Resource Hash faebbb8ee50443a36c51e146ea1a72540a5a598f786be48a53e73c5c24875a82 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-cache-hits 0 date Fri, 02 Feb 2024 06:19:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31556952 access-control-request-method * x-permitted-cross-domain-policies none content-security-policy frame-ancestors 'self' age 0 x-cache MISS content-length 8698 x-xss-protection 1; mode=block x-request-id 3f67f9667cac05b674b2b7c5698084b2 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett last-modified Thu, 01 Feb 2024 19:17:27 GMT server openresty x-download-options noopen vary Accept-Encoding x-frame-options DENY content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	badge Show response ninavalotti.ch/api/cart/	1 KB 1 KB	208ms 208ms	Fetch text/html	172.65.232.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ninavalotti.ch/api/cart/badge Requested by Host: assets-app-production-pubnet.bndzgl.com URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-6ad34fa6bbd9c4a08fa5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.65.232.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software openresty / Resource Hash 9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/ X-CSRF-Token eAJdAAby2BZ4vTNTi/E5Po58dlmqeyWgLDFjSfzDw7rBnb58LOJYNtPp3tncM+lrkYrCCmYX/9j/u8pFbDgqnw== accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/html Response headers expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 02 Feb 2024 06:19:59 GMT strict-transport-security max-age=31556952 x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-permitted-cross-domain-policies none age 0 x-cache MISS x-xss-protection 1; mode=block x-request-id 3fdc1824aa8494556a44ae627422ed7a, 3fdc1824aa8494556a44ae627422ed7a pragma no-cache x-runtime 0.025853 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett server openresty etag W/"9f13c6c11cc317009455316149f36f44" x-download-options noopen vary Accept x-frame-options DENY content-type text/html; charset=utf-8 cache-control max-age=0, private, must-revalidate x-robots-tag noindex x-rack-cache miss x-cache-hits 0
GET H2	200	profile Show response ninavalotti.ch/go/member/	17 B 657 B	295ms 294ms	Fetch application/json	172.65.232.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ninavalotti.ch/go/member/profile Requested by Host: assets-app-production-pubnet.bndzgl.com URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-6ad34fa6bbd9c4a08fa5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.65.232.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software openresty / Resource Hash 06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31556952 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/ X-CSRF-Token eAJdAAby2BZ4vTNTi/E5Po58dlmqeyWgLDFjSfzDw7rBnb58LOJYNtPp3tncM+lrkYrCCmYX/9j/u8pFbDgqnw== accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/json Response headers expires Fri, 01 Jan 1990 00:00:00 GMT date Fri, 02 Feb 2024 06:19:59 GMT strict-transport-security max-age=31556952 x-content-type-options nosniff content-security-policy frame-ancestors 'self' x-permitted-cross-domain-policies none age 0 x-cache MISS content-length 17 x-xss-protection 1; mode=block x-request-id 9ae6840c404e04f7abeb5405e653cc69, 9ae6840c404e04f7abeb5405e653cc69 pragma no-cache x-runtime 0.089897 referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-clacks-overhead GNU Terry Pratchett server openresty etag W/"06e5f7e2d702e0110271dd33c198e1f3" x-download-options noopen vary Accept x-frame-options DENY content-type application/json; charset=utf-8 cache-control max-age=0, private, must-revalidate accept-ranges bytes x-robots-tag noindex x-rack-cache miss x-cache-hits 0
GET H2	200	387766739372810 Show response connect.facebook.net/signals/config/	53 KB 11 KB	204ms 203ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/387766739372810?v=2.9.144&r=stable&domain=ninavalotti.ch&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash 983547dc44cb4ddb6739783d00adaa0dcde5b11f8e561d057bb531964d621fa2 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 02 Feb 2024 06:19:59 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug KsIUncSNFw0XeCThT/El1KygfVOU1f2MJ8YXQBtuIruPDG+FcqKLa4bZKiCEoxhM+elwudaxYY5+JADoQhHKFA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	420ms 45ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=387766739372810&ev=PageView&dl=https%3A%2F%2Fninavalotti.ch%2F&rl=&if=false&ts=1706854799949&sw=1600&sh=1200&v=2.9.144&r=stable&a=plbandzoogle&ec=0&o=4126&fbp=fb.1.1706854799948.1884663323&ler=empty&cdl=API_unavailable&it=1706854799727&coo=false&exp=e1&rqm=GET Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 02 Feb 2024 06:20:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
OPTIONS H2	200	visits stats.zoogletools.net/	0 0	603ms 227ms	Preflight	137.66.4.72 FLY
General Check archive.org Show headers Download Go to Full URL https://stats.zoogletools.net/visits Protocol H2 Security TLS 1.3, , AES_128_GCM Server 137.66.4.72 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ba9e227a (2024-01-26) / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://ninavalotti.ch Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 content-length 0 date Fri, 02 Feb 2024 06:19:59 GMT fly-request-id 01HNM7JQ1JTYWDTCVZRE6FAABE-ams server Fly/ba9e227a (2024-01-26) via 2 fly.io
POST H2	200	visits stats.zoogletools.net/	0 0	311ms 310ms	Fetch application/json	137.66.4.72 FLY
General Check archive.org Show headers Download Go to Full URL https://stats.zoogletools.net/visits Requested by Host: stats.zoogletools.net URL: https://stats.zoogletools.net/stats.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 137.66.4.72 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/ba9e227a (2024-01-26) / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers date Fri, 02 Feb 2024 06:20:00 GMT via 2 fly.io x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 0 x-xss-protection 1; mode=block x-request-id 7353a31b-262c-4371-a89f-c425631fc56a x-runtime 0.096065 referrer-policy strict-origin-when-cross-origin fly-request-id 01HNM7JQ8DED5ZG6TFB30BH7S8-ams server Fly/ba9e227a (2024-01-26) x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers cache-control no-cache content-type application/json; charset=utf-8 vary Origin
GET H/1.1	206 Partial Content	dab362eb6b6075e6700e20ea2daae3d6e95f0fa2.mp4 bzglfiles.s3.amazonaws.com/u/596989/5003e2b037cc80a2086d485dc991f0af907772a0/web/	25 KB 26 KB	495ms 249ms	Media video/mp4	52.95.145.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bzglfiles.s3.amazonaws.com/u/596989/5003e2b037cc80a2086d485dc991f0af907772a0/web/dab362eb6b6075e6700e20ea2daae3d6e95f0fa2.mp4?1636102267 Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.145.41 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS s3-w.ca-central-1.amazonaws.com Software AmazonS3 / Resource Hash 7c298868714a1c5dfe89e28574b95188090c5f0eae458a47a42567e0f4d1f4fe Request headers Referer https://www.google.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Range bytes=6389760- Response headers Date Fri, 02 Feb 2024 06:20:01 GMT x-amz-version-id QCh92Ji2DrNM7Sj8ymCTox.R4aFPnNmZ Last-Modified Fri, 05 Nov 2021 08:51:08 GMT Server AmazonS3 x-amz-request-id 7FK9P4VSJJAQ89CV ETag "c618dd5b0359c67f38fe1f791de64c2e" Content-Type video/mp4 Content-Range bytes 6389760-6415536/6415537 Cache-Control public,max-age=31536000 Content-Disposition attachment Accept-Ranges bytes Content-Length 25777 x-amz-id-2 tsIKSTnh6T0H++Fbx1bxkvvos2gAFyLzg3n8rBrCEt3XFdsFWYaZIf4xgQzBNplfViRul2hFQUM=
GET H/1.1	206 Partial Content	dab362eb6b6075e6700e20ea2daae3d6e95f0fa2.mp4 bzglfiles.s3.amazonaws.com/u/596989/5003e2b037cc80a2086d485dc991f0af907772a0/web/	5 MB 0	132ms 132ms	Media video/mp4	52.95.145.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bzglfiles.s3.amazonaws.com/u/596989/5003e2b037cc80a2086d485dc991f0af907772a0/web/dab362eb6b6075e6700e20ea2daae3d6e95f0fa2.mp4?1636102267 Requested by Host: ninavalotti.ch URL: https://ninavalotti.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.145.41 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS s3-w.ca-central-1.amazonaws.com Software AmazonS3 / Resource Hash Request headers Referer https://www.google.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Range bytes=32768- Response headers Date Fri, 02 Feb 2024 06:20:01 GMT x-amz-version-id QCh92Ji2DrNM7Sj8ymCTox.R4aFPnNmZ Last-Modified Fri, 05 Nov 2021 08:51:08 GMT Server AmazonS3 x-amz-request-id 7FK6FJTK7QD03GVP ETag "c618dd5b0359c67f38fe1f791de64c2e" Content-Type video/mp4 Content-Range bytes 32768-6415536/6415537 Cache-Control public,max-age=31536000 Content-Disposition attachment Accept-Ranges bytes Content-Length 6382769 x-amz-id-2 Dj923ar4x4WMJweTr57rA6BoczecDExeYqye0xWl0tvcQq3O3CdSu3cHlsW5+qEjRU6fxg9rNEk=

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| Carousel function| onYouTubePlayerAPIReady function| refresh object| zoogle object| zgl function| $ function| jQuery object| I18n function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| html5 object| Modernizr object| themeJsManager object| skrollr function| addResizeListener function| removeResizeListener function| Waypoint function| fitty function| YT_ready function| onYouTubeIframeAPIReady object| jQuery1124041194771738914016 function| doTextFit object| Rails boolean| _rails_loaded object| _zaq undefined| dntStatus boolean| dontTrack boolean| inEditor function| forceRedraw function| toggleHideNavigationMenu function| updateCanonicalUrl object| webpackJsonp boolean| TurboImportRequested object| stimulusApplication boolean| SM2_DEFER function| SoundManager object| soundManager boolean| captchaIsLoading object| reactiveElementVersions object| litHtmlVersions object| litElementVersions boolean| ModaImportRequested object| Turbo

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ninavalotti.ch/	1969-12-31 23:59:59	Name: guid Value: e34bc606-f9dc-41d7-9754-1b79019924c1
			.ninavalotti.ch/	1970-01-20 20:17:10	Name: _fbp Value: fb.1.1706854799948.1884663323

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/387766739372810?v=2.9.144&r=stable&domain=ninavalotti.ch&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556952
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-app-production-pubnet.bndzgl.com
assets-production.bndzgl.com
bzglfiles.s3.amazonaws.com
connect.facebook.net
d10j3mvrs1suex.cloudfront.net
ninavalotti.ch
stats.zoogletools.net
www.facebook.com
104.18.18.215
137.66.4.72
157.240.0.35
157.240.251.9
172.65.232.115
52.95.145.41
99.86.1.8
061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
2e3ebf6a1f312407d70a172e90948dbc38c6ff3fda196744430eaec7c057bbde
304e3210975e9b52a37e3f33f555c3f56bb203c8086e9c31a4eaecf2a8912733
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e
3d90edb0b405a159a8e51c0dd96ebb73683be7785a25d8ff165c64f6d5462e58
403a559401ea2bda2e87bb7c528ce7a56b7cca12ed2a2a829d0792c9986d8ef3
5026245f5f9b3ab023ac3fc6d1ce15001ad9aaf3127747e20b1ae8ceb53e5fa5
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
76eeab1cae50a25c96ea64453c32aed062858d5df983ec053dcdbdf9813edd0d
7c298868714a1c5dfe89e28574b95188090c5f0eae458a47a42567e0f4d1f4fe
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
838c3e8134421477a27b3adfe68599df3dcb8a03a3ef7fb79bafce3eac510ea3
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
983547dc44cb4ddb6739783d00adaa0dcde5b11f8e561d057bb531964d621fa2
9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29
af455a6c66a309adb8d1a9eba6021315ae11429dc701b2d14bafd812e6870fb6
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
d64c19bd6fc315721e1c40a0491dbac0a703fcd922a291dbd1e4ff0b39199635
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f030862f0ada0b12432fd6fa0d07395258f5e49dfc969572b33cd631604c6303
f0e010ca7cafd894132429785733978935deeab4f8d08c3ef0ad9741306048b7
faebbb8ee50443a36c51e146ea1a72540a5a598f786be48a53e73c5c24875a82