www.nostraforma.com Open in urlscan Pro
188.68.40.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://czpitalone.com/
Effective URL:
https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Submission: On March 24 via api (March 24th 2022, 4:19:07 am UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 46 HTTP transactions. The main IP is 188.68.40.58, located in Hitzacker, Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is www.nostraforma.com.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.

This is the only time www.nostraforma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	185.53.178.53 185.53.178.53	61969 (TEAMINTER...) (TEAMINTERNET-AS)
1	2600:9000:224... 2600:9000:224a:da00:1f:4100:9540:21	16509 (AMAZON-02) (AMAZON-02)
2	52.201.207.23 52.201.207.23	14618 (AMAZON-AES) (AMAZON-AES)
1	52.218.30.211 52.218.30.211	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:c8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.85.32.42 52.85.32.42	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	52.59.8.57 52.59.8.57	16509 (AMAZON-02) (AMAZON-02)
1 27	188.68.40.58 188.68.40.58	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
46	12

4 185.53.178.53 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)

czpitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:da00:1f:4100:9540:21 (United States)

ASN16509 (AMAZON-02, US)

d1lxhc4jvstzrp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.207.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-207-23.compute-1.amazonaws.com

katie.v4.byetnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.30.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c8a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

backend.finalono.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.27 (Swifterbant, Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

de-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.32.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-42.ham50.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.8.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-8-57.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 188.68.40.58 (Hitzacker, Germany) 1 redirects

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: ncws.nostraforma.com

www.nostraforma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	nostraforma.com 1 redirects www.nostraforma.com	280 KB
5	kelkoogroup.net 2 redirects de-go.kelkoogroup.net — Cisco Umbrella Rank: 773568	31 KB
4	czpitalone.com czpitalone.com	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 7406 api-js.datadome.co — Cisco Umbrella Rank: 7231	47 KB
2	finalono.com 1 redirects backend.finalono.com — Cisco Umbrella Rank: 894695	2 KB
2	byetnc.com katie.v4.byetnc.com — Cisco Umbrella Rank: 209764	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	41 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	7 KB
1	cloudfront.net d1lxhc4jvstzrp.cloudfront.net	2 KB
46	10

	Domain	Requested by
27	www.nostraforma.com	1 redirects de-go.kelkoogroup.net www.nostraforma.com
5	de-go.kelkoogroup.net	2 redirects backend.finalono.com de-go.kelkoogroup.net
4	czpitalone.com	d1lxhc4jvstzrp.cloudfront.net czpitalone.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	backend.finalono.com	1 redirects katie.v4.byetnc.com
2	katie.v4.byetnc.com	czpitalone.com katie.v4.byetnc.com
1	api-js.datadome.co	js.datadome.co
1	www.googletagmanager.com	de-go.kelkoogroup.net
1	js.datadome.co	de-go.kelkoogroup.net
1	s3-eu-west-1.amazonaws.com	katie.v4.byetnc.com
1	d1lxhc4jvstzrp.cloudfront.net	czpitalone.com
46	11

This site contains links to these domains. Also see Links.

Domain
www.trustedshops.de
www.trustedshops.com

Subject Issuer	Validity	Valid
byetnc.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2021-09-07` - `2022-10-07`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
nostraforma.com R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Frame ID: 0D91167061AD0BF9B5DB9234A9F2AB8C
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Design Leuchten & Designer Lampen bei Nostraforma

Page URL History Show full URLs

http://czpitalone.com/ Page URL
https://katie.v4.byetnc.com/api/user/01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
https://backend.finalono.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=... HTTP 302
https://backend.finalono.com/v1/hybrid-web?q=av2zakdkn3sbwwzbqn5colgbw4 Page URL
https://de-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1648095542816&.sig=Xnvnq2m4aUTEqd1GasD0ut61ZQo-&affili... HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e03422... Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64... HTTP 303
https://www.nostraforma.com/de/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de HTTP 301
https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

46
Requests

83 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

435 kB
Transfer

876 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trustedshops.de/bewertung/info_XC7140D6EB4890F8800AFBF6C188BD716.html
Title: Trusted Shops geprüft

Search URL Search Domain Scan URL

URL: https://www.trustedshops.com/bewertung/info_XC7140D6EB4890F8800AFBF6C188BD716.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://czpitalone.com/ Page URL
https://katie.v4.byetnc.com/api/user/01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAzMjQwNDE5IiwiZCI6ImN6cGl0YWxvbmUuY29tIn0.rNSAodGA3Otgu8wlIdzmypxZkVBEzeeM2p3iCgI-C9c Page URL
https://backend.finalono.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=6897697179&visitorIPAddress=81.89.101.159&forceKKDeep=https%3A%2F%2Fwww.emotion-24.de&smart=true&sourcePlatform=tonic&cpc=0.0025&source=50fa12fd889ea15e46008725&campaignName=RON-DE-DESKTOP-Normalize-branded-klk-96966781-deeplink-high&geo=DE&auctionId=01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r.1648095541.a74dc207ad82eb8a8a9317b179d9dcf5&match=ron&device=desktop&browser=chrome&os=windows&long_campaign_id=609dd29a41237910d4ce467c&isRON=true HTTP 302
https://backend.finalono.com/v1/hybrid-web?q=av2zakdkn3sbwwzbqn5colgbw4 Page URL
https://de-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1648095542816&.sig=Xnvnq2m4aUTEqd1GasD0ut61ZQo-&affiliationId=96966781&comId=10760523&country=de&cpcId=100104&merchantName=NOSTRAFORMA&searchId=1076100351080412_1648095542804_2570589&service=30&tokenId=0f6dc5ba-bb83-4d81-a348-2da8740ed333&url=https%3A%2F%2Fwww.nostraforma.com%2Fde%2F&custom1=6897697179&custom2=a~r-367d441fdf414745bd0ab893f88400f6%7C%7Cdt~2022-03-24%7C%7Ck~nostraforma&addedParams=true HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o= Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64724d690990e9d3706c9bd8eb0d7ffb61bb58fb55b20c10f89db619389d2cec3a8d2295d38d1bea29a98597a5b8a70a20027460f858357aa4da228aeaf7bb267422af3bcb83e03e221b3ed60867faf3c5c4993d865b0c68128057614152120a71e6aa022eebbda7077d16e917292dea69a0dc3cd185f9f2f71a669719694944118e6f6f8cd60e170bfc3a43eab289f05df313a7377993d79bce6e4d3cfa56c2761284d27144fb0e429753b6112eca1e3530c8898b0ab28bcc9ae896083f3cc14bceed5ebb451323536a2e3f8857f461f3da42a34f5fa50d4c58d9b6bdb46a59af022815b2b32fe0b30fb60a8693&leadId=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648095543085_1067884&clickId=10769997_1648095543049_1117432&url=https%3A%2F%2Fwww.nostraforma.com%2Fde%2F%3Futm_campaign%3Dpreisvergleich%26utm_medium%3Dcpc%26utm_source%3Dkelkoo_de&initiator=timeout HTTP 303
https://www.nostraforma.com/de/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de HTTP 301
https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://backend.finalono.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=6897697179&visitorIPAddress=81.89.101.159&forceKKDeep=https%3A%2F%2Fwww.emotion-24.de&smart=true&sourcePlatform=tonic&cpc=0.0025&source=50fa12fd889ea15e46008725&campaignName=RON-DE-DESKTOP-Normalize-branded-klk-96966781-deeplink-high&geo=DE&auctionId=01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r.1648095541.a74dc207ad82eb8a8a9317b179d9dcf5&match=ron&device=desktop&browser=chrome&os=windows&long_campaign_id=609dd29a41237910d4ce467c&isRON=true HTTP 302
https://backend.finalono.com/v1/hybrid-web?q=av2zakdkn3sbwwzbqn5colgbw4

Request Chain 9

https://de-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1648095542816&.sig=Xnvnq2m4aUTEqd1GasD0ut61ZQo-&affiliationId=96966781&comId=10760523&country=de&cpcId=100104&merchantName=NOSTRAFORMA&searchId=1076100351080412_1648095542804_2570589&service=30&tokenId=0f6dc5ba-bb83-4d81-a348-2da8740ed333&url=https%3A%2F%2Fwww.nostraforma.com%2Fde%2F&custom1=6897697179&custom2=a~r-367d441fdf414745bd0ab893f88400f6%7C%7Cdt~2022-03-24%7C%7Ck~nostraforma&addedParams=true HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=

46 HTTP transactions
-3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
czpitalone.com/ 4 KB
3 KB 794ms
761ms Document
text/html 185.53.178.53
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://czpitalone.com/
Protocol: HTTP/1.1
Server: 185.53.178.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 091ef757e754dcefdd7b41297425a28cf1b8f36e49a76ffcd8315ee8db7a945e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 24 Mar 2022 04:19:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Redirect: adtonic
X-Template: tpl_CleanPeppermint_twoclick
X-Language: german
Accept-CH: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip

GET
H/1.1 200
OK js3.js Show response
d1lxhc4jvstzrp.cloudfront.net/scripts/ 1 KB
2 KB 41ms
9ms Script
application/javascript 2600:9000:224a:da00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Requested by: Host: czpitalone.com
URL: http://czpitalone.com/
Protocol: HTTP/1.1
Server: 2600:9000:224a:da00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://czpitalone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:44:42 GMT
Via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT
Server: nginx
Age: 63259
ETag: "611b7ea2-46e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 1134
X-Amz-Cf-Id: qCOu1Fu3IGoKnjYRyvTMUVW94NJZgkAVCF255r4xzr94jU89xwAQ5A==

GET
H/1.1 200
OK track.php Show response
czpitalone.com/ 0
608 B 15ms
15ms XHR
text/html 185.53.178.53
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://czpitalone.com/track.php?domain=czpitalone.com&toggle=browserjs&uid=MTY0ODA5NTU0MS4wMzU6YjUzMzZlYTAzMjdkMzFlNTI2NDFmNjM4MjMzMWY2M2FmNWUwODZiOTk0YWI3MjEwZjhjY2ZmYmUzNzc2YzRjMzo2MjNiZjEzNTA4ODg5
Requested by: Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Protocol: HTTP/1.1
Server: 185.53.178.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://czpitalone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 04:19:01 GMT
Content-Encoding: gzip
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: browserjs
Vary: Accept-Encoding
Accept-CH-Lifetime: 30
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx

POST
H/1.1 201
Created ls.php
czpitalone.com/ 0
905 B 16ms
16ms XHR
text/javascript 185.53.178.53
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://czpitalone.com/ls.php
Requested by: Host: czpitalone.com
URL: http://czpitalone.com/
Protocol: HTTP/1.1
Server: 185.53.178.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://czpitalone.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 24 Mar 2022 04:19:01 GMT
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, OPTIONS
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_PJCdt0ngvTIRTopXbTiPoLwmUHZ3jPir3agP1ScOvYoTRABBf9P40azv3sona7qZ6pw9SVdbsx3iKnJBM6oUEw==
Access-Control-Allow-Origin: http://czpitalone.com
X-Log-Success: 623bf135a01583554358c6f7
Charset: utf-8
Accept-CH-Lifetime: 30
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Server: nginx

GET
H/1.1 200
OK track.php
czpitalone.com/ 0
601 B 36ms
21ms XHR
text/html 185.53.178.53
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://czpitalone.com/track.php?click=21d244395ba61a73bafb4667854b39de4301199e&domain=czpitalone.com&uid=MTY0ODA5NTU0MS4wMzU6YjUzMzZlYTAzMjdkMzFlNTI2NDFmNjM4MjMzMWY2M2FmNWUwODZiOTk0YWI3MjEwZjhjY2ZmYmUzNzc2YzRjMzo2MjNiZjEzNTA4ODg5&ts=fENsZWFuUGVwcGVybWludHx8ZjgyNTJ8fHx8fHx8NjIzYmYxMzUwODg2M3x8fDE2NDgwOTU1NDEuNzY1M3wzOTkxOWI5NWNhOWUxNDViYmYzZjg0ZTE1NjFjODMxMzc3MDE5OGRhfHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MXx8MHx8fDB8MHxXMTA9fHwxfFcxMD18YWY5MjY5ODk3MmVjZDU3MmQwNDlhYTA0M2ViZjIxYzY5ZDRjNWEwMHwwfGRwLXRlYW1pbnRlcm5ldDA5XzNwaHww&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
Requested by: Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Protocol: HTTP/1.1
Server: 185.53.178.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://czpitalone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 04:19:01 GMT
Content-Encoding: gzip
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Vary: Accept-Encoding
Accept-CH-Lifetime: 30
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
X-View-Match: true
Connection: keep-alive
Transfer-Encoding: chunked
Server: nginx

GET
H2 200 01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r
katie.v4.byetnc.com/api/user/ 3 KB
3 KB 328ms
104ms Document
text/html 52.201.207.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://katie.v4.byetnc.com/api/user/01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAzMjQwNDE5IiwiZCI6ImN6cGl0YWxvbmUuY29tIn0.rNSAodGA3Otgu8wlIdzmypxZkVBEzeeM2p3iCgI-C9c
Requested by: Host: czpitalone.com
URL: http://czpitalone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.207.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-207-23.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://czpitalone.com/

Response headers

date: Thu, 24 Mar 2022 04:19:02 GMT
content-type: text/html; charset=utf-8
content-length: 2827
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
accept-ch: UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data

GET
H/1.1 200
OK ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 7 KB
7 KB 148ms
49ms Image
image/gif 52.218.30.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by: Host: katie.v4.byetnc.com
URL: https://katie.v4.byetnc.com/api/user/01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAzMjQwNDE5IiwiZCI6ImN6cGl0YWxvbmUuY29tIn0.rNSAodGA3Otgu8wlIdzmypxZkVBEzeeM2p3iCgI-C9c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.30.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 04:19:03 GMT
Last-Modified: Fri, 12 Aug 2016 15:23:54 GMT
Server: AmazonS3
x-amz-request-id: JF8GP67RG99CBP6Q
ETag: "dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 6820
x-amz-id-2: hmFBvKt2TaZ3tI9zsYBGDBRlFf3DBpyi5L0y4PKdv4ChSF0ZoMRh02sQwY3Y6bdujE0ZYPajNIc=

GET
H2 200 01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r
katie.v4.byetnc.com/api/product/ 596 B
747 B 130ms
129ms XHR
text/html 52.201.207.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://katie.v4.byetnc.com/api/product/01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r?confirm=df48768aedd57705d258f980e96e9bdf&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fczpitalone.com%2F&reftaken=feed&refEqual=true&jsa=false&hastouch=false
Requested by: Host: katie.v4.byetnc.com
URL: https://katie.v4.byetnc.com/api/user/01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAzMjQwNDE5IiwiZCI6ImN6cGl0YWxvbmUuY29tIn0.rNSAodGA3Otgu8wlIdzmypxZkVBEzeeM2p3iCgI-C9c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.207.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-207-23.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:02 GMT
referrer-policy: no-referrer
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
content-length: 596
content-type: text/html; charset=utf-8

GET
H2

200

hybrid-web
backend.finalono.com/v1/
Redirect Chain

https://backend.finalono.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=6897697179&visitorIPAddress=81.89.101.159&fo...
https://backend.finalono.com/v1/hybrid-web?q=av2zakdkn3sbwwzbqn5colgbw4

1 KB
914 B

325ms
324ms

Document
text/html

2606:4700:20::681a:c8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.finalono.com/v1/hybrid-web?q=av2zakdkn3sbwwzbqn5colgbw4
Requested by: Host: katie.v4.byetnc.com
URL: https://katie.v4.byetnc.com/api/user/01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAzMjQwNDE5IiwiZCI6ImN6cGl0YWxvbmUuY29tIn0.rNSAodGA3Otgu8wlIdzmypxZkVBEzeeM2p3iCgI-C9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://katie.v4.byetnc.com/api/user/01a7eac6d2b0f6f3dfa4700e01496e1001493e5163.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAzMjQwNDE5IiwiZCI6ImN6cGl0YWxvbmUuY29tIn0.rNSAodGA3Otgu8wlIdzmypxZkVBEzeeM2p3iCgI-C9c

Response headers

date: Thu, 24 Mar 2022 04:19:02 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-api-version: 4.2.25
x-request-id: ml0vms8ko03dusmat17lqtslc5dsnrpq
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQVaeGdXIEiFM4b9qrNENDiWey7GzLxlJUHYml6LvHFxm1L6t51zJqVxqvjIhKsIhon5AprasvtblZs4Odt7aYohIlqYh6B3ZR%2F8obYe2JETpIc%2B1bs6wHBujrfOCaI3p4n8fuFYZ8odgBhFDpSRtNLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f0c9b3549d8694c-FRA
content-encoding: br

Redirect headers

date: Thu, 24 Mar 2022 04:19:02 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
location: /v1/hybrid-web?q=av2zakdkn3sbwwzbqn5colgbw4
x-api-version: 4.2.25
x-request-id: hc1s77lbr28oeht8s4h9mnim81nio4i5
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEjewbF66%2Bfa2ZYPNoTmTn42fkYManPWtAHQ4Dt7%2FKxGykPLLcBe15b%2FEnPysnahaQVxPMC5ofZdR2oobkUvULP%2Bv2DjjQPND%2BPzesX02hK%2FqteyGt%2BU4nJinhkA1HKjBtVVq7AGdoy3ABBcDTZsWKLA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f0c9b348931694c-FRA

GET
H/1.1

200
OK

go Show response
de-go.kelkoogroup.net/
Redirect Chain

https://de-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1648095542816&.sig=Xnvnq2m4aUTEqd1GasD0ut61ZQo-&affiliationId=96966781&comId=10760523&country=de&cpcId=100104&merchantName=NOSTRAFORMA&searchId=1...
https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95...

26 KB
27 KB

30ms
29ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=

Requested by

Host: backend.finalono.com
URL: https://backend.finalono.com/v1/hybrid-web?q=av2zakdkn3sbwwzbqn5colgbw4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

ee69a4dbbcbe85bab299e6a0da22adb3bb06c04ac58231325bee50440a26a5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://backend.finalono.com/v1/hybrid-web?q=av2zakdkn3sbwwzbqn5colgbw4

Response headers

Date: Thu, 24 Mar 2022 04:19:03 GMT
leadId: dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648095543085_1067884
Pragma: no-cache
Charset: utf-8
clickId: 10769997_1648095543049_1117432
country: de
X-DataDome: protected
Request-Time: PT0.011S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAB7L90IqAYA0AudWbow==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 26499
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=79
Connection: Keep-Alive

Redirect headers

Date: Thu, 24 Mar 2022 04:19:03 GMT
Pragma: no-cache
Charset: utf-8
clickId: 10769997_1648095543049_1117432
country: de
Location: /go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=
X-DataDome: protected
Request-Time: PT0.011S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAB7L90IqAYA0AudWbow==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=81
Connection: Keep-Alive
Content-Type: text/plain

GET
H/1.1 200
OK p.png
de-go.kelkoogroup.net/assets/images/ 68 B
625 B 21ms
21ms Image
image/png 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64724d690990e9d3706c9bd8eb0d7ffb61bb58fb55b20c10f89db619389d2cec3a8d2295d38d1bea29a98597a5b8a70a20027460f858357aa4da228aeaf7bb267422af3bcb83e03e221b3ed60867faf3c5c4993d865b0c68128057614152120a71e6aa022eebbda7077d16e917292dea69a0dc3cd185f9f2f71a669719694944118e6f6f8cd60e170bfc3a43eab289f05df313a7377993d79bce6e4d3cfa56c2761284d27144fb0e429753b6112eca1e3530c8898b0ab28bcc9ae896083f3cc14bceed5ebb451323536a2e3f8857f461f3da42a34f5fa50d4c58d9b6bdb46a59af022815b2b32fe0b30fb60a8693&leadId=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648095543085_1067884&clickId=10769997_1648095543049_1117432

Requested by

Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ApacheTracking: localhost
Date: Thu, 24 Mar 2022 04:19:03 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.002S
P3P: CP="Anything"
Connection: Keep-Alive
Content-Length: 68
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
ETag: "8cd2182d8743bc55ea6802f0645167b6925da230"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, must-revalidate
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=40, max=93
Expires: Tue, 21 Mar 2023 07:28:36 GMT

GET
H2 200 tags.js
js.datadome.co/ 252 KB
46 KB 80ms
23ms Script
text/javascript 52.85.32.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.32.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-32-42.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "3ee87-5dabaf0ad25dc-gzip"
age: 994
x-cache: Hit from cloudfront
content-length: 47081
access-control-allow-origin: *
last-modified: Mon, 21 Mar 2022 14:02:00 GMT
server: Apache
date: Thu, 24 Mar 2022 04:02:31 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 94fcf2ec0b048f48ffbd2e01f16d014c.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
x-amz-cf-id: Y54kmwG6HJ5IttZWr3IWjGYcwhMISPh9dyV7VSE5rFhtLw_frxPGyA==
expires: Thu, 24 Mar 2022 05:02:29 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 109 KB
41 KB 366ms
48ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41573
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Mar 2022 04:19:03 GMT

POST
H/1.1 200
OK fp
de-go.kelkoogroup.net/ 0
441 B 23ms
20ms Ping
text/plain 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64724d690990e9d3706c9bd8eb0d7ffb61bb58fb55b20c10f89db619389d2cec3a8d2295d38d1bea29a98597a5b8a70a20027460f858357aa4da228aeaf7bb267422af3bcb83e03e221b3ed60867faf3c5c4993d865b0c68128057614152120a71e6aa022eebbda7077d16e917292dea69a0dc3cd185f9f2f71a669719694944118e6f6f8cd60e170bfc3a43eab289f05df313a7377993d79bce6e4d3cfa56c2761284d27144fb0e429753b6112eca1e3530c8898b0ab28bcc9ae896083f3cc14bceed5ebb451323536a2e3f8857f461f3da42a34f5fa50d4c58d9b6bdb46a59af022815b2b32fe0b30fb60a8693&leadId=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648095543085_1067884&clickId=10769997_1648095543049_1117432

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

ApacheTracking: localhost
Date: Thu, 24 Mar 2022 04:19:03 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
P3P: CP="Anything"
X-Robots-Tag: noindex,nofollow
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Request-Time: PT0.003S
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=87

POST
H2 200 /
api-js.datadome.co/js/ 235 B
413 B 92ms
12ms XHR
application/json 52.59.8.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.8.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-8-57.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:19:03 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
expires: 0

GET
H2

200

Primary Request / Show response
www.nostraforma.com/
Redirect Chain

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64724d690990e9d3706c9bd8eb0d7ffb61bb58fb55b20c10f89db619389d2cec3a8d2295d38d1bea29a98597a5b8a...
https://www.nostraforma.com/de/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

188 KB
41 KB

437ms
436ms

Document
text/html

188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

6b1c1663e68edf6108bf2b45f3f8e60013ccf4f72c3fa2a5e2d5c5450e20dc09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=

Response headers

server: nginx
date: Thu, 24 Mar 2022 04:19:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; preload
front-end-https: on
x-ua-compatible: IE=Edge
content-encoding: gzip

Redirect headers

server: nginx
date: Thu, 24 Mar 2022 04:19:03 GMT
content-type: text/html
content-length: 162
location: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; preload
front-end-https: on
x-ua-compatible: IE=Edge

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 122ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 857
date: Thu, 24 Mar 2022 04:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Mar 2022 06:04:46 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 1 B
210 B 43ms
43ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1796751954&t=pageview&_s=1&dl=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3D2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949%26o%3D&dr=https%3A%2F%2Fbackend.finalono.com%2F&dp=%2F96966781%7C10760523%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20NOSTRAFORMA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1469393922&gjid=272551001&cid=1911541091.1648095543&tid=UA-168544891-7&_gid=865933601.1648095543&_r=1&gtm=2wg3e05ZS487&cd1=96966781&cd2=dc1-kls-prod-srv-01.prod.dc1.kelkoo.net_1648095543085_1067884&cd3=10760523&cd4=a4c6365-17fba263f2d-90ab5&cd5=&cd6=96966781%7C10760523%7C&z=1028502837

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8ed3e14f7c8ad07bbe9d67e5d811b73dba530dcf7e0342270c2591f740df3c7a37f3fe85d71a3c78ffc8e148df81bbb354cb2ade9e91562b2d4dd7374e12d6523d55382e95f70ad6a772ae5756efa9757efcd5ea88eef14d2924052af8c32bce0dcd7bb2a5c9966cb7cc3b48feed8f7db17da095efa8b1d4e5d2e34dca52d3ebdb44c09be330423f1e1b49d84cc959e37b1a097c0a83df4a8b079b9b289534e0564a70e2b07c9501cbfa798be4e3aa9a4717bf2f21b5733c671366ae567299131d7d6075d0311bf5831fb252393226ea504f075e87fbf60dad935cd600149ab2b749f8bab1221d15117ef9585a1a8a3c639b1d6c16c6aa4084fae4f3e05584bd4eb75e7354306e759c80780bbb01925d4741ef9c96daddb89f5f5109c8673196f4c21fea23b0bb71393e331d8c3837f968aed35351e9e56a1dd1faa8d6a683fb02a5ec1e2e1bad04dc7ca20929fd97863302f09e5b83f8b0acc706acc6a0016bdfd152c1526c1e154cfd95613caed310e64aa1874cfa21cfd98d2ee96dfaff6682d18e4be46da1dfaf5fcebc4f3c7e55d06e116b748e80a140852c4a04913fe2bd19fa5d0ca28fcda2078ebe366adfa554d624b434ef1958471da97926b5368492482bbdb6fee86ee18d2bd2f4fd880703c013b5ebdac0125f1a592d530fad072bd1d98b96abdf340b31b849f2c7af879c4cde5f5c60f99866532e49d80f3d426604459249725497121d22338ee2a715d9edbf3afda8b77a0c0940159c3e1ebc8bab09bfe31b64ff949&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:19:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 open-sans-v17-latin-regular.woff2
www.nostraforma.com/media/fonts/ 14 KB
14 KB 11ms
10ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/open-sans-v17-latin-regular.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

c48e0380855b0b3a91d9c14c434b2dc8d38c5adca55a8b4ebe2d1e3869407caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-382c"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 open-sans-v17-latin-italic.woff2
www.nostraforma.com/media/fonts/ 13 KB
14 KB 12ms
10ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/open-sans-v17-latin-italic.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

76391461f4bccbf60e2115abd64bad271c78c40a68df8912ea8cc588b02c3a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-35d4"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 open-sans-v17-latin-600.woff2
www.nostraforma.com/media/fonts/ 15 KB
15 KB 12ms
11ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/open-sans-v17-latin-600.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

a71b255c156dbf61b42e17db5e46b8a5e9f54e68ae99ba19c419c242b6ca0272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-3a20"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 open-sans-v17-latin-600italic.woff2
www.nostraforma.com/media/fonts/ 14 KB
14 KB 12ms
11ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/open-sans-v17-latin-600italic.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

62be4a76b89b192091274fdb5ca99694c163d5f1ea33ee5560c74c3c78ef1313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-361c"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 montserrat-v14-latin-regular.woff2
www.nostraforma.com/media/fonts/ 19 KB
19 KB 12ms
11ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/montserrat-v14-latin-regular.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

d109d2663d3381af49cb672689e27be667a5c925728f53beeeb7f30f106b921c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-4ae4"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 montserrat-v14-latin-500.woff2
www.nostraforma.com/media/fonts/ 19 KB
19 KB 13ms
11ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/montserrat-v14-latin-500.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

953c2ae7d1d53f032d3b0614c53b2b7db13bf0f713229aae06b74221b897949e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-4b48"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 montserrat-v14-latin-600.woff2
www.nostraforma.com/media/fonts/ 19 KB
19 KB 13ms
12ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/montserrat-v14-latin-600.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

f8deb3ed3065e64be16f4a8293b5849f4784f9f84a19ff9b80f4f3b276195130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-4b40"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 montserrat-v14-latin-italic.woff2
www.nostraforma.com/media/fonts/ 19 KB
20 KB 13ms
12ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/montserrat-v14-latin-italic.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

854571b586218b69615e5049517e8f4f5c990ce5beec8b0ce22247c4edb26cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-4ccc"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 trustedshops.png
www.nostraforma.com/media/images/payment/ 9 KB
10 KB 14ms
12ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/payment/trustedshops.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

ab05286c6074b9f0881ac5a3765afba73c5a07d8995d2b5ef3d146a3d2ef583e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: W/"5d7b9961-255a"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 call.svg
www.nostraforma.com/media/images/svg/ 443 B
769 B 14ms
12ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/call.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

1a3dda4778bf43ebb589ae7e25f4c09b1149ed19224cc118cc3d75a7095bd7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-1bb"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 443
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 email.svg
www.nostraforma.com/media/images/svg/ 266 B
591 B 14ms
12ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/email.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

23d0a8a9d09beb1f3d1ff1958353d3847cecd81f75b4b1fb2d1626217e7d446b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-10a"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 266
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 https.svg
www.nostraforma.com/media/images/svg/ 382 B
708 B 14ms
13ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/https.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

79b9b5ef7aa530aa382ee071cd14d0ecf86c5fda455ae61ff58cb440a47913bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-17e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 382
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 logo.svg
www.nostraforma.com/media/images/logo/ 10 KB
10 KB 21ms
19ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/logo/logo.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

68943fca466b5757b55c2349655ea4980b4b303b5849031c1c14e1850333df85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Sep 2019 12:33:03 GMT
server: nginx
etag: "5d7251ff-2822"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 10274
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 search.svg
www.nostraforma.com/media/images/svg/ 394 B
720 B 21ms
19ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/search.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

90d2610f75d3e6b91d7dab64d8995f20794c07730801b5c20d597d4acd36c981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-18a"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 394
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 de.png
www.nostraforma.com/media/images/lang/ 1 KB
1 KB 21ms
20ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/lang/de.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

3a65df65be941f1a39bc994d1d9e205e071196d0559f28ab30a2415f7c942374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: W/"5d7b9961-5a0"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 en.png
www.nostraforma.com/media/images/lang/ 2 KB
2 KB 21ms
20ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/lang/en.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

75d1fd17f9d8815951a17eff522f12e7739e334717d5a3ceb9719c0147515d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: W/"5d7b9961-725"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 fr.png
www.nostraforma.com/media/images/lang/ 1 KB
1 KB 21ms
20ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/lang/fr.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

46539b0137fbf171f4374758e4e3869a2d65f3d7a0e97f27e87a7bbaea520d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: W/"5d7b9961-5a9"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 person.svg
www.nostraforma.com/media/images/svg/ 269 B
595 B 21ms
20ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/person.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

8bd2a7dcc65fb75904329c5bd3240de2b4f079f6f9f5faf7ae8db552dc64605d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-10d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 269
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 shopping_cart.svg
www.nostraforma.com/media/images/svg/ 481 B
806 B 22ms
21ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/shopping_cart.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

520164239929a4ddced6ef6a0f6fa8d72ecda05e63efd66c7fca96468289d8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-1e1"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 481
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 blank.png
www.nostraforma.com/media/images/cms/ 68 B
388 B 22ms
21ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/cms/blank.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Sep 2019 12:33:03 GMT
server: nginx
etag: "5d7251ff-44"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 68
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 louis-poulsen-vl-studio_wide_8aa2eaf52d51d60a122cfb94f15eb6d4.webp
www.nostraforma.com/media/cache/generic/ 35 KB
35 KB 22ms
21ms Image
image/webp 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/cache/generic/louis-poulsen-vl-studio_wide_8aa2eaf52d51d60a122cfb94f15eb6d4.webp

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

fec28cc41be49b92e4cc5c58478d14075334d4e6d35c38a7b932773540aab130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Mar 2022 12:30:43 GMT
server: nginx
etag: "62274c73-8ac8"
x-frame-options: SAMEORIGIN
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 35528
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 slider-controls.png
www.nostraforma.com/media/images/ 8 KB
5 KB 10ms
10ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/slider-controls.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

56e23428c41fed6b72bf6941224d6783cd35a0e0e886836cd95174828b77324b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 May 2021 09:12:32 GMT
server: nginx
etag: W/"60a77980-1ea2"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 artemide_93096f31d7ead665d5cfb664408c9ff6.webp
www.nostraforma.com/media/cache/350x350/ 7 KB
7 KB 10ms
10ms Image
image/webp 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/cache/350x350/artemide_93096f31d7ead665d5cfb664408c9ff6.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

22658aa5b9faa788a171c254e2e1dfd4857704662b607920ff0167d72cc7a316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 19:16:04 GMT
server: nginx
etag: "612696f4-1a3a"
x-frame-options: SAMEORIGIN
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 6714
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 flos_5e98dd67c4d021e243decac1f8bde6e2.webp
www.nostraforma.com/media/cache/350x350/ 11 KB
11 KB 10ms
10ms Image
image/webp 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/cache/350x350/flos_5e98dd67c4d021e243decac1f8bde6e2.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

2bae3c3d8a1ff5c24aa135076b71781b9a0ff56ab6945c9d406f239f62f74991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 19:16:04 GMT
server: nginx
etag: "612696f4-2ba4"
x-frame-options: SAMEORIGIN
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 11172
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 foscarini_b8a579ec1a671e0015b2b1a988dccdec.webp
www.nostraforma.com/media/cache/350x350/ 19 KB
19 KB 10ms
10ms Image
image/webp 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/cache/350x350/foscarini_b8a579ec1a671e0015b2b1a988dccdec.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

bd42096bb2e29500d78b24511941b664b25f8eb48080cb1fb7f613e23d3ff6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:19:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 19:16:05 GMT
server: nginx
etag: "612696f5-4ae6"
x-frame-options: SAMEORIGIN
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 19174
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
katie.v4.byetnc.com/	1969-12-31 23:59:59	Name: checkme Value: df48768aedd57705d258f980e96e9bdfb789
.kelkoogroup.net/	1970-01-20 10:33:51	Name: referer Value: https%3A%2F%2Fbackend.finalono.com%2F
.kelkoogroup.net/	1970-01-20 10:33:51	Name: kelkooID Value: a4c6365-17fba263f2d-90ab5
.de-go.kelkoogroup.net/	1970-01-20 19:19:27	Name: _ga Value: GA1.3.1911541091.1648095543
.de-go.kelkoogroup.net/	1970-01-20 01:49:41	Name: _gid Value: GA1.3.865933601.1648095543
.de-go.kelkoogroup.net/	1970-01-20 01:48:15	Name: _gat_UA-168544891-7 Value: 1
.kelkoogroup.net/	1970-01-20 10:33:51	Name: datadome Value: imBtgL~U~e~juF4CcnUJ3sQojiVrQFz6yt3yFfU-qHGXOoXRU28d.5.F9n1LjSyHKCMFN0tGPsZ_RAAcXgRM1x5zZe_PVm2CSTMPP.VAD~J1HNdyFzFVngBDEuqgz.U
.www.nostraforma.com/	1970-02-08 03:35:49	Name: PHPSESSID Value: bv4kv6cpeni9hu6ic6crs2rgur

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
backend.finalono.com
czpitalone.com
d1lxhc4jvstzrp.cloudfront.net
de-go.kelkoogroup.net
js.datadome.co
katie.v4.byetnc.com
s3-eu-west-1.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
www.nostraforma.com
185.53.178.53
188.68.40.58
2600:9000:224a:da00:1f:4100:9540:21
2606:4700:20::681a:c8a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
52.201.207.23
52.218.30.211
52.59.8.57
52.85.32.42
95.211.116.27
091ef757e754dcefdd7b41297425a28cf1b8f36e49a76ffcd8315ee8db7a945e
1a3dda4778bf43ebb589ae7e25f4c09b1149ed19224cc118cc3d75a7095bd7fc
22658aa5b9faa788a171c254e2e1dfd4857704662b607920ff0167d72cc7a316
23d0a8a9d09beb1f3d1ff1958353d3847cecd81f75b4b1fb2d1626217e7d446b
2bae3c3d8a1ff5c24aa135076b71781b9a0ff56ab6945c9d406f239f62f74991
3a65df65be941f1a39bc994d1d9e205e071196d0559f28ab30a2415f7c942374
46539b0137fbf171f4374758e4e3869a2d65f3d7a0e97f27e87a7bbaea520d1d
520164239929a4ddced6ef6a0f6fa8d72ecda05e63efd66c7fca96468289d8ba
56e23428c41fed6b72bf6941224d6783cd35a0e0e886836cd95174828b77324b
62be4a76b89b192091274fdb5ca99694c163d5f1ea33ee5560c74c3c78ef1313
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68943fca466b5757b55c2349655ea4980b4b303b5849031c1c14e1850333df85
6b1c1663e68edf6108bf2b45f3f8e60013ccf4f72c3fa2a5e2d5c5450e20dc09
75d1fd17f9d8815951a17eff522f12e7739e334717d5a3ceb9719c0147515d36
76391461f4bccbf60e2115abd64bad271c78c40a68df8912ea8cc588b02c3a94
79b9b5ef7aa530aa382ee071cd14d0ecf86c5fda455ae61ff58cb440a47913bf
854571b586218b69615e5049517e8f4f5c990ce5beec8b0ce22247c4edb26cd7
8bd2a7dcc65fb75904329c5bd3240de2b4f079f6f9f5faf7ae8db552dc64605d
90d2610f75d3e6b91d7dab64d8995f20794c07730801b5c20d597d4acd36c981
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
953c2ae7d1d53f032d3b0614c53b2b7db13bf0f713229aae06b74221b897949e
a71b255c156dbf61b42e17db5e46b8a5e9f54e68ae99ba19c419c242b6ca0272
ab05286c6074b9f0881ac5a3765afba73c5a07d8995d2b5ef3d146a3d2ef583e
bd42096bb2e29500d78b24511941b664b25f8eb48080cb1fb7f613e23d3ff6b9
c48e0380855b0b3a91d9c14c434b2dc8d38c5adca55a8b4ebe2d1e3869407caa
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637
d109d2663d3381af49cb672689e27be667a5c925728f53beeeb7f30f106b921c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee69a4dbbcbe85bab299e6a0da22adb3bb06c04ac58231325bee50440a26a5c3
f8deb3ed3065e64be16f4a8293b5849f4784f9f84a19ff9b80f4f3b276195130
fec28cc41be49b92e4cc5c58478d14075334d4e6d35c38a7b932773540aab130

www.nostraforma.com Open in urlscan Pro 188.68.40.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

83 %HTTPS

36 %IPv6

10 Domains

11 Subdomains

12 IPs

4 Countries

435 kBTransfer

876 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nostraforma.com Open in urlscan Pro
188.68.40.58 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

83 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

435 kB
Transfer

876 kB
Size

8
Cookies

46 HTTP transactions
-3 data transactions