urlscan.io logo urlscan.io
SecurityTrails logo

navigate.nataschawordolff.com Open in urlscan Pro
54.236.211.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://navigate.nataschawordolff.com/
Effective URL: https://navigate.nataschawordolff.com/
Submission: On August 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 54.236.211.190, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is navigate.nataschawordolff.com.
TLS certificate: Issued by R3 on June 11th 2022. Valid for: 3 months.
This is the only time navigate.nataschawordolff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 54.236.211.190 14618 (AMAZON-AES)
3 13.32.99.16 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.56 16509 (AMAZON-02)
1 13.32.99.126 16509 (AMAZON-02)
3 54.84.53.31 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 13.32.110.31 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
22 12
2    54.236.211.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-211-190.compute-1.amazonaws.com
navigate.nataschawordolff.com
3    13.32.99.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-16.fra60.r.cloudfront.net
theme-assets.simplerousercontent.net
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    13.32.99.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-56.fra60.r.cloudfront.net
assets0.simplero.com
1    13.32.99.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-126.fra60.r.cloudfront.net
assets1.simplero.com
3    54.84.53.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-53-31.compute-1.amazonaws.com
nataschawordolff.simplero.com
secure.simplero.com
assets.simplero.com
3    2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    13.32.110.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-31.vie50.r.cloudfront.net
img.simplerousercontent.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
6 simplero.com
assets0.simplero.com — Cisco Umbrella Rank: 712950
assets1.simplero.com
nataschawordolff.simplero.com
secure.simplero.com — Cisco Umbrella Rank: 807692
assets.simplero.com
445 KB
5 simplerousercontent.net
theme-assets.simplerousercontent.net — Cisco Umbrella Rank: 772857
img.simplerousercontent.net — Cisco Umbrella Rank: 517501
991 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 267
fonts.googleapis.com — Cisco Umbrella Rank: 67
10 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
388 B
2 gstatic.com
fonts.gstatic.com
91 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
111 KB
2 nataschawordolff.com
navigate.nataschawordolff.com
15 KB
22 7
Domain Requested by
3 fonts.googleapis.com theme-assets.simplerousercontent.net
ajax.googleapis.com
nataschawordolff.simplero.com
3 theme-assets.simplerousercontent.net navigate.nataschawordolff.com
2 www.facebook.com navigate.nataschawordolff.com
2 fonts.gstatic.com fonts.googleapis.com
2 img.simplerousercontent.net navigate.nataschawordolff.com
2 connect.facebook.net navigate.nataschawordolff.com
connect.facebook.net
2 assets0.simplero.com navigate.nataschawordolff.com
2 navigate.nataschawordolff.com 1 redirects
1 assets.simplero.com nataschawordolff.simplero.com
1 secure.simplero.com navigate.nataschawordolff.com
1 nataschawordolff.simplero.com navigate.nataschawordolff.com
1 assets1.simplero.com navigate.nataschawordolff.com
1 ajax.googleapis.com navigate.nataschawordolff.com
22 13

This site contains links to these domains. Also see Links.

Domain
secure.simplero.com
simplero.com
Subject Issuer Validity Valid
navigate.nataschawordolff.com
R3		 2022-06-11 -
2022-09-09		 3 months crt.sh
*.simplerousercontent.net
Amazon		 2022-05-07 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
simplero.com
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-19 -
2022-08-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://navigate.nataschawordolff.com/
Frame ID: C3AEA5755AAC47CC718DF60BECEF628C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Natascha Wordolff

Page URL History Show full URLs

  1. http://navigate.nataschawordolff.com/ HTTP 301
    https://navigate.nataschawordolff.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Page Statistics

22
Requests

100 %
HTTPS

45 %
IPv6

7
Domains

13
Subdomains

12
IPs

4
Countries

1663 kB
Transfer

3955 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://navigate.nataschawordolff.com/ HTTP 301
    https://navigate.nataschawordolff.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
navigate.nataschawordolff.com/
Redirect Chain
  • http://navigate.nataschawordolff.com/
  • https://navigate.nataschawordolff.com/
58 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.236.211.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-211-190.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4fc444d0495816ac063095cb43975069696fa4db550b3f02062f6ce9ad4c977f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 20:02:56 GMT
etag
W/"4fc444d0495816ac063095cb43975069"
p3p
CP="CAO PSA OUR"
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
d4cc9c36-d879-4f27-b021-68f767ea2401
x-runtime
0.283673
x-simplero-server
web10
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Aug 2022 20:02:55 GMT
Location
https://navigate.nataschawordolff.com/
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
3db99350-a365-4976-a2b9-1c5687d9f4d2
X-Runtime
0.016383
X-Simplero-Server
web11
X-XSS-Protection
1; mode=block
theme.scss.css
theme-assets.simplerousercontent.net/themes/97644/assets/5b5af49c7553d0363f3c23db922b7c85/ 		313 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theme-assets.simplerousercontent.net/themes/97644/assets/5b5af49c7553d0363f3c23db922b7c85/theme.scss.css
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-16.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
eea1541c1f83fc4cfd8ee4c94667059a4ae9366efa992a4d0eebe97cbdb875bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
p3p
CP="CAO PSA OUR"
content-transfer-encoding
binary
x-simplero-server
web10
x-request-id
f91a7ddf-6a86-4963-8879-49a580cbc96d
x-runtime
0.223877
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"b646018a530b642be0c7362a3c63c84b"
x-download-options
noopen
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-xss-protection
0
cache-control
max-age=31556952, public
access-control-allow-credentials
true
x-amz-cf-id
6dSmsG0Wxwf7ut1l2UiauraXPlgRkAk6SWAY_olMEK6GcB8DWW2SjQ==
expires
Wed, 09 Aug 2023 20:02:57 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.10/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.5.10/webfont.js
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a240734f03c3c7a0927877faafffb214e1e8093c564e672fd264ee4f390e0601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 03:57:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6891
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 03:57:54 GMT
vendor.js
theme-assets.simplerousercontent.net/themes/97644/assets/9a32471bfbd761883a5728f95c814d9b/ 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theme-assets.simplerousercontent.net/themes/97644/assets/9a32471bfbd761883a5728f95c814d9b/vendor.js
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-16.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
d59f89416e63cb4652e6fb2404960a7e9cd5cc6809697619a6ff28135e1511f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
p3p
CP="CAO PSA OUR"
content-transfer-encoding
binary
x-simplero-server
web13
x-request-id
8b64f481-6747-48c5-9731-15bb19013381
x-runtime
0.057962
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"4c7e896dd4b52cf1aa48eb0d81477d36"
x-download-options
noopen
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-xss-protection
0
cache-control
max-age=31556952, public
access-control-allow-credentials
true
x-amz-cf-id
LWRlWLh4NazColtBMQmw56PX556S8EFhIlghGv0vIeQDnM--hmBkFg==
expires
Wed, 09 Aug 2023 20:02:57 GMT
theme.coffee.js
theme-assets.simplerousercontent.net/themes/97644/assets/5b5af49c7553d0363f3c23db922b7c85/ 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theme-assets.simplerousercontent.net/themes/97644/assets/5b5af49c7553d0363f3c23db922b7c85/theme.coffee.js
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-16.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
7e4a2981c1efae5e834bea98e884dcc3482096614be11c3dddb3295fbf35471c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
p3p
CP="CAO PSA OUR"
content-transfer-encoding
binary
x-simplero-server
web12
x-request-id
c895ba73-8703-4b5a-944e-3679d290d2ca
x-runtime
0.298942
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"1f24af557061435759c619dd6209b9b8"
x-download-options
noopen
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-xss-protection
0
cache-control
max-age=31556952, public
access-control-allow-credentials
true
x-amz-cf-id
BxxSJWzWo-CVdVEcms4EaZVtfbWV6Zq2R1z7P66eY1WcPG0rk-RE0A==
expires
Wed, 09 Aug 2023 20:02:58 GMT
site-b154162fe0da6987be8adef37c0e142f9a416191fb5055ace5af339df052cbb1.js
assets0.simplero.com/assets/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets0.simplero.com/assets/site-b154162fe0da6987be8adef37c0e142f9a416191fb5055ace5af339df052cbb1.js
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-56.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
b29d097e60a4bf93f77951f1fca38a135c7c3ef7cf9071537e47ba211fc9aae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 09:51:37 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 09:47:56 GMT
server
nginx
age
987079
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P3
content-length
48096
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id
L4RCznYijATWQ612yGQ3qSKELWa-a12sNpTviHB2DYPpISK_bRUyBQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
site-6fef237d8c1a6186dbd6.js
assets1.simplero.com/packs/js/ 		2 MB
333 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1.simplero.com/packs/js/site-6fef237d8c1a6186dbd6.js
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-126.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
5d32b56ce42e8af386f7b2fdfa1691081b8460d05abf0c2d7110d198da5ea6c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 15:19:26 GMT
content-encoding
gzip
last-modified
Tue, 09 Aug 2022 15:00:31 GMT
server
nginx
age
17010
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P3
content-length
340686
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-id
BOxJ_ciEoLo5COIBBym3pbOPb3MKxp_lyIZpHLyze_75EMqtKb4flQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
site-ea1d1e60.css
assets0.simplero.com/packs/css/ 		107 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets0.simplero.com/packs/css/site-ea1d1e60.css
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-56.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
29d216b12e003f1cdeaa908fca13bdfbe3c5f35ad5c85b5637a8441256f7b704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:59:43 GMT
content-encoding
gzip
last-modified
Tue, 09 Aug 2022 18:49:14 GMT
server
nginx
age
3793
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA60-P3
content-length
23043
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id
tUThcN8qJtwx1nUAOmnnTUKQIvNHzzNAR7x531u07nnGSorxiZCnPQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
250849.js
nataschawordolff.simplero.com/page/ 		84 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nataschawordolff.simplero.com/page/250849.js
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.84.53.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-53-31.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f271e1d685029775e55355f79ce57f602564f25c502b25b0ecfb5226b9125237
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
p3p
CP="CAO PSA OUR"
x-simplero-server
web14
x-request-id
d2f3ffdf-f696-4923-be15-d9438d54d126
x-runtime
0.090684
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"f271e1d685029775e55355f79ce57f60"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
max-age=0, private, must-revalidate
logincheck.js
secure.simplero.com/ 		193 B
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.simplero.com/logincheck.js?account_id=50237&return_to=https%3A%2F%2Fnavigate.nataschawordolff.com%2F&site_id=72246
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.84.53.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-53-31.compute-1.amazonaws.com
Software
nginx /
Resource Hash
49ab427d1b8887127ffc48e91cdc4738a2b3d85fa35cbaf1f8aadab1314c8289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
p3p
CP="CAO PSA OUR"
x-simplero-server
web14
x-request-id
11c2125e-dfc5-4e11-9204-1d5f4da7f946
x-runtime
0.038866
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"49ab427d1b8887127ffc48e91cdc4738"
x-download-options
noopen
vary
Accept-Encoding, *
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://navigate.nataschawordolff.com
x-xss-protection
0
cache-control
no-store
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
expires
Mon, 08 Aug 2022 22:02:58 +0200
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/webp
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans:wght@400;700&display=swap
Requested by
Host: theme-assets.simplerousercontent.net
URL: https://theme-assets.simplerousercontent.net/themes/97644/assets/5b5af49c7553d0363f3c23db922b7c85/theme.scss.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29befa3c54f05145e7e736d334b96761b64f16c4afe7c85db53d68cc73e2a803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theme-assets.simplerousercontent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:25:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 20:02:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 20:02:57 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,500,600,700,700italic,800%7COpen+Sans:400,400italic,500,600,700,700italic,800&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.10/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
983af0da73f81fdf05c89ebd74551b08c2889048884b719b99c575ddc4905106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 20:02:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 20:02:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 20:02:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26506
x-xss-protection
0
pragma
public
x-fb-debug
GZFygzIMVdykcBFUJC0rb4SYiajlVWieea+msN3+Icq7NE+OV0t+/1HIN99sh1L6eL4cpheUypfzeYQvzY6clA==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 09 Aug 2022 20:02:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
people-group-of-diverse-women-and-men-raising-their-hands-2500w-1656h.webp
img.simplerousercontent.net/scaled_image/6194319/bec96bec7f5baac8f8786b30b6fe855f4abfde0d/ 		399 KB
401 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.simplerousercontent.net/scaled_image/6194319/bec96bec7f5baac8f8786b30b6fe855f4abfde0d/people-group-of-diverse-women-and-men-raising-their-hands-2500w-1656h.webp
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-31.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
0019cead75e18fa365a9d0ce64139cbe52c6f9bf32a3d234daafdf997981c93d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:59 GMT
via
1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
last-modified
Mon, 01 Aug 2022 13:51:26 GMT
server
nginx
x-amz-cf-pop
VIE50-C2
etag
"62e7da5e-63dd7"
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=60, public
content-disposition
inline; filename="people-group-of-diverse-women-and-men-raising-their-hands-2500w-1656h.webp"; filename*=UTF-8''people-group-of-diverse-women-and-men-raising-their-hands-2500w-1656h.webp
accept-ranges
bytes
content-length
409047
x-amz-cf-id
tpoOA8eXlULeoHkrniWI-Yb-pBAqFWQDpMdiqUlLUF6mNkRDDX5A8A==
expires
Tue, 09 Aug 2022 20:03:59 GMT
fitness-woman-energetically-jumping-2880w-1852h.webp
img.simplerousercontent.net/scaled_image/6194321/c1b707bff198725dbfe7735e624452663ffcb8de/ 		481 KB
482 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.simplerousercontent.net/scaled_image/6194321/c1b707bff198725dbfe7735e624452663ffcb8de/fitness-woman-energetically-jumping-2880w-1852h.webp
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-31.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
999499e956bf44775112e501537692a1f24351a77513f9727e007e1a753e4c5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:03:00 GMT
via
1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
last-modified
Mon, 01 Aug 2022 13:51:27 GMT
server
nginx
x-amz-cf-pop
VIE50-C2
etag
"62e7da5f-783e7"
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=60, public
content-disposition
inline; filename="fitness-woman-energetically-jumping-2880w-1852h.webp"; filename*=UTF-8''fitness-woman-energetically-jumping-2880w-1852h.webp
accept-ranges
bytes
content-length
492519
x-amz-cf-id
NlCHbP1nDVjw0DwQA021NEbcrLuCRnUk1M_9is5T9AxfVErkF5DVXw==
expires
Tue, 09 Aug 2022 20:04:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,500,600,700,700italic,800%7COpen+Sans:400,400italic,500,600,700,700italic,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://navigate.nataschawordolff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 23:32:09 GMT
x-content-type-options
nosniff
age
73849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 23:32:09 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,500,600,700,700italic,800%7COpen+Sans:400,400italic,500,600,700,700italic,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://navigate.nataschawordolff.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 10:55:16 GMT
x-content-type-options
nosniff
age
119262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47924
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 10:55:16 GMT
725219698497007
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/725219698497007?v=2.9.73&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce9ca4c0588fa78977e161b8b2f04adab2d1256e1e85e7e3609e4646df59c1f3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
MxhiYzAhhKhY94KxtPw8Y5lMZXXeaYUTh8+U4dZzoMBHfVTBUOdtiNsGzppasnyNVQTkrTK8l4Wcp8S2bh3Nxw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 09 Aug 2022 20:02:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1660075378441
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
simplero.js
assets.simplero.com/ 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.simplero.com/simplero.js?4fd073b584cfafab6ec034e0eb377726
Requested by
Host: nataschawordolff.simplero.com
URL: https://nataschawordolff.simplero.com/page/250849.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.84.53.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-53-31.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c7bd0ea7408f04fcb180d1c4128a1086d6d5ec283f869f3f968a1ff83e1f69d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:58 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 17:38:32 GMT
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
content-length
24411
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		4 KB
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: nataschawordolff.simplero.com
URL: https://nataschawordolff.simplero.com/page/250849.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af57e7d7b387f0e56061597ec51114b32b947078ccc68ed74c737de6dd46d2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:22:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 20:02:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 20:02:58 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=725219698497007&ev=PageView&dl=https%3A%2F%2Fnavigate.nataschawordolff.com%2F&rl=&if=false&ts=1660075378623&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&fbp=fb.1.1660075378621.277741366&it=1660075378231&coo=false&rqm=GET
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 09 Aug 2022 20:02:58 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=725219698497007&ev=Microdata&dl=https%3A%2F%2Fnavigate.nataschawordolff.com%2F&rl=&if=false&ts=1660075379130&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20-%20Natascha%20Wordolff%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Main%20Website%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22og%3Atitle%22%3A%22Home%22%2C%22twitter%3Atitle%22%3A%22Home%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnavigate.nataschawordolff.com%2F%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fnavigate.nataschawordolff.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&fbp=fb.1.1660075378621.277741366&it=1660075378231&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: navigate.nataschawordolff.com
URL: https://navigate.nataschawordolff.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navigate.nataschawordolff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 20:02:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 09 Aug 2022 20:02:59 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| logincheck_request function| logincheck_response object| Modernizr object| webfont object| WebFont object| WebFontConfig object| themeIcons function| $ function| jQuery undefined| returnExports function| yall object| CallingCode function| requireFiles function| initializePhoneFields function| SimpleroAdminBarZepto function| SimplerojQuery function| jsLevenshtein function| getTextForEmailCorrection function| intializeYall object| vttjs function| WebVTT object| videojs_hotkeys function| Class function| initializeVideojs function| initializeAudiojs function| initializeAllVideojs function| videojs object| cookieconsent object| simpleroCookieConsent function| setImmediate function| clearImmediate object| regeneratorRuntime function| updateCartCount function| submitToStripe function| fbq function| _fbq function| simpleroDebounce object| theme function| simpleroProcessAjaxResponse function| updateCartItemQuantityNonDebounced object| __requiredJsBySelector function| SimpleroZepto object| BigText function| Simplero object| _simplero number| _zid

3 Cookies

Domain/Path Name / Value
.nataschawordolff.com/ Name: _simplero_session_id
Value: e382c5bb1e1dbb301a7155acd0eb357b
.simplero.com/ Name: _simplero_session_id
Value: 58fb98e3eeff7f8650793e49f2743935
.nataschawordolff.com/ Name: _fbp
Value: fb.1.1660075378621.277741366

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.simplero.com
assets0.simplero.com
assets1.simplero.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
img.simplerousercontent.net
nataschawordolff.simplero.com
navigate.nataschawordolff.com
secure.simplero.com
theme-assets.simplerousercontent.net
www.facebook.com
13.32.110.31
13.32.99.126
13.32.99.16
13.32.99.56
2a00:1450:4001:80e::2003
2a00:1450:4001:829::200a
2a00:1450:400e:802::200a
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
54.236.211.190
54.84.53.31
0019cead75e18fa365a9d0ce64139cbe52c6f9bf32a3d234daafdf997981c93d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
29befa3c54f05145e7e736d334b96761b64f16c4afe7c85db53d68cc73e2a803
29d216b12e003f1cdeaa908fca13bdfbe3c5f35ad5c85b5637a8441256f7b704
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
49ab427d1b8887127ffc48e91cdc4738a2b3d85fa35cbaf1f8aadab1314c8289
4fc444d0495816ac063095cb43975069696fa4db550b3f02062f6ce9ad4c977f
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5d32b56ce42e8af386f7b2fdfa1691081b8460d05abf0c2d7110d198da5ea6c6
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e4a2981c1efae5e834bea98e884dcc3482096614be11c3dddb3295fbf35471c
983af0da73f81fdf05c89ebd74551b08c2889048884b719b99c575ddc4905106
999499e956bf44775112e501537692a1f24351a77513f9727e007e1a753e4c5b
a240734f03c3c7a0927877faafffb214e1e8093c564e672fd264ee4f390e0601
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
af57e7d7b387f0e56061597ec51114b32b947078ccc68ed74c737de6dd46d2b2
b29d097e60a4bf93f77951f1fca38a135c7c3ef7cf9071537e47ba211fc9aae3
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c7bd0ea7408f04fcb180d1c4128a1086d6d5ec283f869f3f968a1ff83e1f69d5
ce9ca4c0588fa78977e161b8b2f04adab2d1256e1e85e7e3609e4646df59c1f3
d59f89416e63cb4652e6fb2404960a7e9cd5cc6809697619a6ff28135e1511f8
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
eea1541c1f83fc4cfd8ee4c94667059a4ae9366efa992a4d0eebe97cbdb875bc
f271e1d685029775e55355f79ce57f602564f25c502b25b0ecfb5226b9125237