urlscan.io logo urlscan.io
SecurityTrails logo

www.nirvana.money Open in urlscan Pro
52.212.43.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nirvana.tech/
Effective URL: https://www.nirvana.money/
Submission: On April 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 38 HTTP transactions. The main IP is 52.212.43.230, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.nirvana.money.
TLS certificate: Issued by R3 on February 16th 2022. Valid for: 3 months.
This is the only time www.nirvana.money was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 99.83.190.102 16509 (AMAZON-02)
1 2 52.212.43.230 16509 (AMAZON-02)
5 143.204.215.86 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.84.90.146 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.201.112.186 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.186.194.58 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
38 23
2    99.83.190.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com
nirvana.tech
2    52.212.43.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-43-230.eu-west-1.compute.amazonaws.com
www.nirvana.tech
www.nirvana.money
5    143.204.215.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-86.fra53.r.cloudfront.net
global-uploads.webflow.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    99.84.90.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-90-146.muc50.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
js-na1.hs-scripts.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
5 webflow.com
global-uploads.webflow.com — Cisco Umbrella Rank: 36423
158 KB
3 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2609
rs.fullstory.com — Cisco Umbrella Rank: 2319
71 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
134 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
57 KB
3 nirvana.tech
nirvana.tech
www.nirvana.tech
603 B
2 hubspot.com
forms.hubspot.com — Cisco Umbrella Rank: 3533
track.hubspot.com — Cisco Umbrella Rank: 2427
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
501 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5640
564 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
374 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 829
www.google.com — Cisco Umbrella Rank: 7
850 B
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2505
js-na1.hs-scripts.com — Cisco Umbrella Rank: 7989
2 KB
2 gstatic.com
fonts.gstatic.com
73 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
127 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 280
fonts.googleapis.com — Cisco Umbrella Rank: 45
7 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2338
20 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2344
16 KB
1 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5669
25 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
1 nirvana.money
www.nirvana.money
4 KB
38 19
Domain Requested by
5 global-uploads.webflow.com www.nirvana.money
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.facebook.com www.nirvana.money
2 rs.fullstory.com edge.fullstory.com
2 www.google.de www.nirvana.money
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com www.nirvana.money
www.googletagmanager.com
2 nirvana.tech 2 redirects
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 forms.hubspot.com js.hscollectedforms.net
1 www.google.com www.nirvana.money
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 analytics.google.com www.googletagmanager.com
1 edge.fullstory.com www.nirvana.money
1 js.hs-scripts.com www.googletagmanager.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.nirvana.money
1 ajax.googleapis.com www.nirvana.money
1 www.nirvana.money
1 www.nirvana.tech 1 redirects
38 25

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
goo.gl
Subject Issuer Validity Valid
www.nirvana.money
R3		 2022-02-16 -
2022-05-17		 3 months crt.sh
global-uploads.webflow.com
Amazon		 2021-11-18 -
2022-12-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-08 -
2022-04-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2022-02-14 -
2022-05-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.fullstory.com
R3		 2022-02-14 -
2022-05-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.nirvana.money/
Frame ID: 5C42B1BCA3F3A4A0CCDBF1E686FAB573
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NIrvana

Page URL History Show full URLs

  1. http://nirvana.tech/ HTTP 301
    https://nirvana.tech/ HTTP 301
    https://www.nirvana.tech/ HTTP 301
    https://www.nirvana.money/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

97 %
HTTPS

74 %
IPv6

19
Domains

25
Subdomains

23
IPs

4
Countries

728 kB
Transfer

1920 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nirvana.tech/ HTTP 301
    https://nirvana.tech/ HTTP 301
    https://www.nirvana.tech/ HTTP 301
    https://www.nirvana.money/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nirvana.money/
Redirect Chain
  • http://nirvana.tech/
  • https://nirvana.tech/
  • https://www.nirvana.tech/
  • https://www.nirvana.money/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nirvana.money/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.212.43.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-43-230.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
5e152040b393b17cb0ac5c04979e8747fc6dfb0d2d16245647a42ed241ffb458

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
3396
content-type
text/html
date
Fri, 01 Apr 2022 06:03:15 GMT
server
openresty
vary
x-wf-forwarded-proto, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
1, 0
x-cluster-name
eu-west-1-prod-eks-15
x-served-by
cache-iad-kiad7000147-IAD, cache-dub4335-DUB
x-timer
S1648792996.632902,VS0,VE91

Redirect headers

accept-ranges
bytes
cache-control
private
content-length
166
content-type
text/html
date
Fri, 01 Apr 2022 06:03:15 GMT
fastly-original-body-size
0
location
https://www.nirvana.money/
server
openresty
vary
x-wf-forwarded-proto
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-cluster-name
eu-west-1-prod-eks-15
x-served-by
cache-iad-kjyo7100080-IAD, cache-dub4325-DUB
x-timer
S1648792995.363202,VS0,VE154
nirvana-money.webflow.f7fa0efb7.min.css
global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/css/nirvana-money.webflow.f7fa0efb7.min.css
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-86.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6fa1013c83fa26688b63ca64608933715ea1e6746667da0d78bf7ed6e563cd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
fFGD8DR.5hnl3SIhkdDq0RKYkoCo.79Y
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 18:34:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"1a4d86329d1f1cb042085efcae4da07e"
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
date
Fri, 01 Apr 2022 06:03:17 GMT
accept-ranges
bytes
content-length
11180
x-amz-cf-id
E-raIL_1ul8csp1mhqRTJdC99YDw8ODFAsze3g5eJTrfqubbIYp6tg==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 14:57:11 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61ef26da13352ec5fd1b12d4
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.90.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-90-146.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.nirvana.money/
Origin
https://www.nirvana.money
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 00:15:41 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
20855
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 56abe0fedc00b031003c08f0306dae62.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
KzUm3duJKTWUOPqerT-kz8qjhJqKLX4wOmlL-uXPocLtoO5yyHHTlA==
webflow.08305a419.js
global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/js/ 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/js/webflow.08305a419.js
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-86.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
086f13f5c35530766c5b06f564f5dcf3b1f599c5b3e08e99cc7547afa30beb36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 01 Apr 2022 06:03:17 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 18:34:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"26e97e95406c4c13c1b20588aea8e794"
x-cache
Miss from cloudfront
x-amz-version-id
wKEtSmZeMCIidTAVFmnqhVWYddeJbifw
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
content-type
text/javascript
content-length
57980
x-amz-cf-id
9r3kaMTGcBPm_pRFU4XeEEnzy4fBmkTP1v7qO2ao_q6tmDcK4Iw60Q==
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:200,regular,700,200italic,700italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1ad2daa0ca709de47816beb5f10e1045ad95cbbb74bb0011c2af93414655289
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 06:03:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 06:03:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 06:03:16 GMT
gtm.js
www.googletagmanager.com/ 		180 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TQG9X44&gtm_auth=wSK7o4rq4LAP_XLwa5HEUQ&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8554193c0a771ffa87925e7061ad5e52f740c3dd7eb5b83e7753e4f014b77dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62719
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
62226db7c7d2efe694537304_nirvana-logo.svg
global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/62226db7c7d2efe694537304_nirvana-logo.svg
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-86.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5d46b2c505769c0235190712ba69bfb609a6d9fbdbc1fbfef12effe1ed174ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 20 Mar 2022 11:13:07 GMT
content-encoding
gzip
last-modified
Fri, 04 Mar 2022 19:51:21 GMT
server
AmazonS3
age
1018210
etag
W/"7054afe90ff0200972acf661dab2b58a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
74K8l1pan8yGKGK2cuYkf7QlLIHyIWtO
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA53-C1
content-type
image/svg+xml
x-amz-cf-id
lhHsDGZHIy_9fz0SFP4GVrQLzSsRdsZEaqjmf13g8ce05XpSdNBKgg==
6220b73eac39205a78e23bf8_Bill_Signature.png
global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/6220b73eac39205a78e23bf8_Bill_Signature.png
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-86.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fdc38a96969408c223749f70a4712b024fbdf98fc72c9702d6a06a3d9ef5b89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 27 Mar 2022 17:56:18 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Thu, 03 Mar 2022 12:40:31 GMT
server
AmazonS3
age
389219
etag
"a55f1ddebd66d0a72dc79a8b88be034d"
x-cache
Hit from cloudfront
x-amz-version-id
bZzVZExoIr_XuEe3nwlHlg.LAgpK3VGE
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/png
content-length
11502
x-amz-cf-id
0Uilr6XmrHDcIviaoEHzzREJ9xOtsq3j-b31DDtejTnTaQkpDHWp7A==
6220ba06af262807782ebae1_bill.jpg
global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/61ef26da13352ec5fd1b12d4/6220ba06af262807782ebae1_bill.jpg
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-86.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
030a884055d6cf498bd0aca7457de0ebc7d5ceacf0c930190bdb9f66b023d38e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 27 Mar 2022 17:56:18 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Thu, 03 Mar 2022 12:52:23 GMT
server
AmazonS3
age
389219
etag
"6666cccc09c978163320c94f9f46d8be"
x-cache
Hit from cloudfront
x-amz-version-id
CAZMWw6xrldua5aDaewyV7cTzP407Dem
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
75913
x-amz-cf-id
qGrEnNmS97fTZj7L2IJgx1sU3iV5l69Z5jjCNiBXZG7jqrntX874Cw==
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v23/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v23/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,regular,700,200italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a5785b77392afc9cd2912fe805759dd4bec52a4ec5dd8c6981eefb08af7690f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nirvana.money
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 10:29:01 GMT
x-content-type-options
nosniff
age
70455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35772
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:25:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Mar 2023 10:29:01 GMT
XRXX3I6Li01BKofIMNaDRs4.woff2
fonts.gstatic.com/s/nunito/v23/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v23/XRXX3I6Li01BKofIMNaDRs4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,regular,700,200italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb50e342234458ffb6c0dfbbd1f2001ae32028aa6b5f9ed61495a64a70805c76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nirvana.money
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 11:02:27 GMT
x-content-type-options
nosniff
age
68449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37940
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:25:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Mar 2023 11:02:27 GMT
js
www.googletagmanager.com/gtag/ 		187 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C16R6WQTWP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQG9X44&gtm_auth=wSK7o4rq4LAP_XLwa5HEUQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c94113e64d2c6f9d871ac192b5ea39c4be26eb2a9581c2af3305e59c02508b70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67162
x-xss-protection
0
expires
Fri, 01 Apr 2022 06:03:16 GMT
optimize.js
www.google-analytics.com/gtm/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-WJNRGZS
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQG9X44&gtm_auth=wSK7o4rq4LAP_XLwa5HEUQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c484ac5d2b89518c8d961963b7091aa3836959a6c64fde2fcbc268d79c94ba8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37297
x-xss-protection
0
expires
Fri, 01 Apr 2022 06:03:16 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQG9X44&gtm_auth=wSK7o4rq4LAP_XLwa5HEUQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7110
date
Fri, 01 Apr 2022 04:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Apr 2022 06:04:46 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQG9X44&gtm_auth=wSK7o4rq4LAP_XLwa5HEUQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26313
x-xss-protection
0
pragma
public
x-fb-debug
Hbj1Ia2X+0i74MByNYYVeven59pU8yDmRIBz1SqnBQULHyfZh8lDM8JhwmhvQxFNg20WseeG26zQaT/nxewQ0A==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 01 Apr 2022 06:03:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
20562799.js
js.hs-scripts.com/ 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/20562799.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQG9X44&gtm_auth=wSK7o4rq4LAP_XLwa5HEUQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f8a4243041775c0bc718aaf7681b283baf46f72c308bae36843de4ef09c6bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
3e4d5bbe-9a95-453d-9b27-1c0fbe4fe256
last-modified
Fri, 01 Apr 2022 06:03:16 GMT
server
cloudflare
x-trace
2BE56AAE079A1E3E8FC1EC3820FD7A901E9CBF4A4B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.nirvana.money
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6f4f1ee3292ccc5a-ZRH
expires
Fri, 01 Apr 2022 06:04:16 GMT
fs.js
edge.fullstory.com/s/ 		230 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a62f5f422a8e4c023d0c363ea49852268a33ead3bd6fec823e15038fd7bff269

Request headers

Referer
https://www.nirvana.money/
Origin
https://www.nirvana.money
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:05:19 GMT
content-encoding
gzip
age
3477
x-guploader-uploadid
ADPycdut_OW2ISRvoLHbDEqEbQHtgFA7aNr4I7Di4BgmpK_ibZwCzoUg2eJVQ4lXrfguLfb620oq26y1QPs0sGcAACey_OMOXg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70792
last-modified
Wed, 30 Mar 2022 17:21:15 GMT
server
UploadServer
etag
"b039c3b342d4e630af0c0804fc482966"
x-goog-hash
crc32c=O4G8eQ==, md5=sDnDs0LU5jCvDAgE/EgpZg==
x-goog-generation
1648660875385883
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
70792
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Apr 2022 06:05:19 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.57
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20656
x-xss-protection
0
pragma
public
x-fb-debug
nAMXlf28yt9fOH4XgvYhfLKfblFNKJ5btHl0Hdk9XCksjrb8fxUsoQoeJrh6ma/JWKDSVkGbpgQVr7WZr1tJ0A==
x-frame-options
DENY
date
Fri, 01 Apr 2022 06:03:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
811329969555058
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/811329969555058?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d941976f5dd2347f4c3495866d57e748c683416884f9b1869b671f800c8de15
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
WzQbH9yC88sO9eHy4ME0gdzEqEh3ThCJcC6mMfGZmQ8Pymp6USdpKoyvnHa0gNqtda6McjyRNjYh+owgWHpRrw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Apr 2022 06:03:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-C16R6WQTWP&gtm=2oe3u0&_p=449174875&sr=1600x1200&_gaz=1&ul=en-us&cid=117261183.1648792996&_s=1&dl=https%3A%2F%2Fwww.nirvana.money%2F&dt=NIrvana&sid=1648792996&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C16R6WQTWP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 06:03:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nirvana.money
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C16R6WQTWP&cid=117261183.1648792996&gtm=2oe3u0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C16R6WQTWP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 06:03:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nirvana.money
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C16R6WQTWP&cid=117261183.1648792996&gtm=2oe3u0&aip=1&z=1040039747
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 06:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
rs.fullstory.com/rec/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
706ef9d858bd44e603e58b86931a24d561f8b70f65814e0dca237965cc4c5e43

Request headers

Referer
https://www.nirvana.money/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nirvana.money
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1304
via
1.1 google
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=449174875&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nirvana.money%2F&ul=en-us&de=UTF-8&dt=NIrvana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAAABQAAAAC~&jid=363748654&gjid=477742503&cid=117261183.1648792996&tid=UA-202253291-1&_gid=1392111619.1648792996&_r=1&gtm=2wg3u0TQG9X44&z=1270745885
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nirvana.money/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 06:03:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nirvana.money
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-202253291-1&cid=117261183.1648792996&jid=363748654&gjid=477742503&_gid=1392111619.1648792996&_u=aADAAAAAQAAAAC~&z=1635843792
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nirvana.money/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Apr 2022 06:03:16 GMT
content-type
text/plain
access-control-allow-origin
https://www.nirvana.money
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collectedforms.js
js.hscollectedforms.net/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20562799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e

Request headers

Referer
https://www.nirvana.money/
Origin
https://www.nirvana.money
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
via
1.1 b9d1b307966c2273bf97ed7c681603da.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.273/bundles/project.js&cfRay=6f4f1ee44d3323c7-IAD
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
6f4f1ee44d3323c7-ZRH
last-modified
Fri, 04 Mar 2022 03:24:42 UTC
server
cloudflare
etag
W/"5655d6c20b8fbd0326ccba67c4a94b8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
d8qvQ4NJOEEA6UgWpFiA1cbs11TvqQym
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CYV-ZBDY3LBDdfqDz_ixnvRDhUS41EC2FIduUR7J3mjCexVMj34H7A==
x-hs-target-asset
collected-forms-embed-js/static-1.273/bundles/project.js
20562799.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/20562799.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20562799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbebd42713284b9526ad676040b51918e47a38325f3c22617c3c7a19ccbf6213

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
TB5E00K8Y1ESVD55
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
uzFS3+vSr9eGVJxZxxZtzEWR9mfrWGVJzH6jLsV7JqCd5UmkURWH9jzw3GzZ0oG9dW+blvtlCTk=
timing-allow-origin
*
last-modified
Mon, 21 Feb 2022 17:56:23 GMT
server
cloudflare
etag
W/"92e7942dc3d68dbc3cad382408b9de55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
XNKpIqg0M6X6PrrIqV4KOJ86DeGHYA6E
access-control-allow-origin
https://www.nirvana.money
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6f4f1ee43c6d01f0-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 01 Apr 2022 06:08:16 GMT
20562799.js
js.hs-analytics.net/analytics/1648792800000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1648792800000/20562799.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20562799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2490aef2136a9b3c6f67cb2df855f8a5283b47b63526ac76af6f3cb816347a95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
TB57AK7H1VWSAYP2
x-amz-server-side-encryption
AES256
cf-ray
6f4f1ee448fd01db-ZRH
x-amz-id-2
lK1pC4u+Pm0sd+yDcJSW/FOtm3FM157C9hi0NSbd1D4Pifg6hd1RrOadg8tY+x1XMfr6C0N9nRY=
last-modified
Thu, 24 Feb 2022 14:18:47 GMT
server
cloudflare
etag
W/"b581d1fc3e081ad0d0cf3007ffa74c66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Fri, 01 Apr 2022 06:08:16 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-202253291-1&cid=117261183.1648792996&jid=363748654&_u=aADAAAAAQAAAAC~&z=345501395
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 06:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-202253291-1&cid=117261183.1648792996&jid=363748654&_u=aADAAAAAQAAAAC~&z=345501395
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 06:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=811329969555058&ev=PageView&dl=https%3A%2F%2Fwww.nirvana.money%2F&rl=&if=false&ts=1648792996554&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1648792996553.1008672146&it=1648792996344&coo=false&tm=1&rqm=GET
Requested by
Host: www.nirvana.money
URL: https://www.nirvana.money/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 01 Apr 2022 06:03:16 GMT
json
forms.hubspot.com/collected-forms/v1/config/ 		116 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=20562799&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c185bd0fa35d15268349e910c0409c0ac7422d5e7b40d162f6ad0c78c469ede8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nirvana.money/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
cfad9c11-52a4-481b-98cc-e333c073e92b
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39P4Vb01KD53xKQs8uX7XIn0mYxavPgyEdbUKcdpMBpgOkiJ30V8UcQ%2BnfWLInnb6FqzDbUkh0Hp4qQItRhHWgSzzdtQAGwF3kEd0f7m%2FsEhn%2Bi%2Fh74m0NeXlWetdj1YM%2FcESvILIY4o9lihFwkm"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.nirvana.money
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
6f4f1ee5afa7cc4a-ZRH
access-control-allow-headers
*
bundle
rs.fullstory.com/rec/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=14QM8A&UserId=6437267067297792&SessionId=4813775502761984&PageId=6181395481157632&Seq=1&PageStart=1648792996508&PrevBundleTime=0&LastActivity=372&IsNewSession=true
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2b74649f60dfef54f0bc34bddea2ab04423da5b6d39c2c6f6c9ef800c2528b73

Request headers

Referer
https://www.nirvana.money/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nirvana.money
date
Fri, 01 Apr 2022 06:03:16 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
20562799.js
js-na1.hs-scripts.com/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/20562799.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1648792800000/20562799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931e86df34f2911c6e080ec5b5b7a01b7896ed465af27893c5a3db36a306eb0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 Apr 2022 06:03:16 GMT
server
cloudflare
x-hubspot-correlation-id
3ad7f086-3203-4484-b19e-b63bf2085afd
x-trace
2B9689FF5FB1295C6796394761F16855B65B7FE510000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.nirvana.money
access-control-max-age
3600
cache-control
public, max-age=30
access-control-allow-credentials
true
cf-ray
6f4f1ee61c1fcc5a-ZRH
__ptq.gif
track.hubspot.com/ 		45 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1890393834&v=1.1&a=20562799&pu=https%3A%2F%2Fwww.nirvana.money%2F&t=NIrvana&cts=1648792996795&vi=3adfe73d65d49c5a06521fc133e22508&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:16 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
e28458f3-ed13-48dd-9c1d-550ead9d35da
cf-ray
6f4f1ee63d592397-ZRH
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynf8nWUorh5SKgLMXI2Aaw%2BHP4iXwVr%2B7ov1jJdKTT6fdFJAupYRCAehXnM%2FhSRy1Sj%2Bd%2F%2Fj2RY6X78ZNodrYadeHiFAnS9a%2B4TyQK5EOQPpKcY3in%2BBq227yape6UIac8m0KWVLG7ofe%2BkLNnsU"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=811329969555058&ev=Microdata&dl=https%3A%2F%2Fwww.nirvana.money%2F&rl=&if=false&ts=1648792997056&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NIrvana%22%2C%22meta%3Adescription%22%3A%22Everything%20you%20need%20for%20your%20daily%20money%2C%20from%20buying%20things%20to%20saving%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22NIrvana%22%2C%22og%3Adescription%22%3A%22Everything%20you%20need%20for%20your%20daily%20money%2C%20from%20buying%20things%20to%20saving%20more.%22%2C%22twitter%3Atitle%22%3A%22NIrvana%22%2C%22twitter%3Adescription%22%3A%22Everything%20you%20need%20for%20your%20daily%20money%2C%20from%20buying%20things%20to%20saving%20more.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1648792996553.1008672146&it=1648792996344&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.nirvana.money/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 06:03:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 01 Apr 2022 06:03:17 GMT
bundle
rs.fullstory.com/rec/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rs.fullstory.com
URL
https://rs.fullstory.com/rec/bundle?OrgId=14QM8A&UserId=6437267067297792&SessionId=4813775502761984&PageId=6181395481157632&Seq=2&PageStart=1648792996508&PrevBundleTime=1648792996834&LastActivity=4860&IsNewSession=true

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| WebFont object| dataLayer function| $ function| jQuery object| google_tag_manager function| tram object| Webflow string| GoogleAnalyticsObject function| ga object| google_tag_data function| fbq function| _fbq object| _fbq_gtm_ids boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FullStory object| gaplugins object| gaGlobal function| onYouTubeIframeAPIReady string| _fs_loaded function| _fs_shutdown object| google_optimize object| gaData object| _hsp object| __hsCollectedFormsDebug object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| e boolean| _hspb_ran

12 Cookies

Domain/Path Name / Value
.nirvana.money/ Name: _ga_C16R6WQTWP
Value: GS1.1.1648792996.1.0.1648792996.60
.nirvana.money/ Name: _ga
Value: GA1.2.117261183.1648792996
.nirvana.money/ Name: _gid
Value: GA1.2.1392111619.1648792996
.nirvana.money/ Name: _gat_UA-202253291-1
Value: 1
.nirvana.money/ Name: _fbp
Value: fb.1.1648792996553.1008672146
.facebook.com/ Name: fr
Value: 0emIwM1tdrdyD3jZ7..BiRpWk...1.0.BiRpWk.
.nirvana.money/ Name: fs_uid
Value: rs.fullstory.com#14QM8A#6437267067297792:4813775502761984/1680328996
.nirvana.money/ Name: __hstc
Value: 174698045.3adfe73d65d49c5a06521fc133e22508.1648792996791.1648792996791.1648792996792.1
.nirvana.money/ Name: hubspotutk
Value: 3adfe73d65d49c5a06521fc133e22508
.nirvana.money/ Name: __hssrc
Value: 1
.nirvana.money/ Name: __hssc
Value: 174698045.1.1648792996792
.hubspot.com/ Name: __cf_bm
Value: bWvnIc3139ULT__LFOxTW.n.3OulbyTNvGAvstslquw-1648792996-0-ASnkuVvmvusbyWrGjom7Cscm/+g7POGYUPWqbovglrA65PcZvtMP30Wb49aJ3H0BIEi7ukIfVUDoxEhyjZJOMB8=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
global-uploads.webflow.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
nirvana.tech
rs.fullstory.com
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nirvana.money
www.nirvana.tech
rs.fullstory.com
143.204.215.86
2606:4700::6811:45b0
2606:4700::6811:82ab
2606:4700::6811:d5cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c04::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.186.194.58
35.201.112.186
52.212.43.230
99.83.190.102
99.84.90.146
030a884055d6cf498bd0aca7457de0ebc7d5ceacf0c930190bdb9f66b023d38e
086f13f5c35530766c5b06f564f5dcf3b1f599c5b3e08e99cc7547afa30beb36
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2490aef2136a9b3c6f67cb2df855f8a5283b47b63526ac76af6f3cb816347a95
2a5785b77392afc9cd2912fe805759dd4bec52a4ec5dd8c6981eefb08af7690f
2b74649f60dfef54f0bc34bddea2ab04423da5b6d39c2c6f6c9ef800c2528b73
3fdc38a96969408c223749f70a4712b024fbdf98fc72c9702d6a06a3d9ef5b89
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
5e152040b393b17cb0ac5c04979e8747fc6dfb0d2d16245647a42ed241ffb458
706ef9d858bd44e603e58b86931a24d561f8b70f65814e0dca237965cc4c5e43
7d941976f5dd2347f4c3495866d57e748c683416884f9b1869b671f800c8de15
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92f8a4243041775c0bc718aaf7681b283baf46f72c308bae36843de4ef09c6bb
931e86df34f2911c6e080ec5b5b7a01b7896ed465af27893c5a3db36a306eb0b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a62f5f422a8e4c023d0c363ea49852268a33ead3bd6fec823e15038fd7bff269
a6fa1013c83fa26688b63ca64608933715ea1e6746667da0d78bf7ed6e563cd4
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e
b8554193c0a771ffa87925e7061ad5e52f740c3dd7eb5b83e7753e4f014b77dc
bbebd42713284b9526ad676040b51918e47a38325f3c22617c3c7a19ccbf6213
c185bd0fa35d15268349e910c0409c0ac7422d5e7b40d162f6ad0c78c469ede8
c484ac5d2b89518c8d961963b7091aa3836959a6c64fde2fcbc268d79c94ba8e
c5d46b2c505769c0235190712ba69bfb609a6d9fbdbc1fbfef12effe1ed174ff
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
c94113e64d2c6f9d871ac192b5ea39c4be26eb2a9581c2af3305e59c02508b70
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1ad2daa0ca709de47816beb5f10e1045ad95cbbb74bb0011c2af93414655289
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb50e342234458ffb6c0dfbbd1f2001ae32028aa6b5f9ed61495a64a70805c76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d