www.nostraforma.com Open in urlscan Pro
188.68.40.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capitalsonethematch.com/
Effective URL:
https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Submission: On March 24 via api (March 24th 2022, 9:10:47 am UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 41 HTTP transactions. The main IP is 188.68.40.58, located in Hitzacker, Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is www.nostraforma.com.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.

This is the only time www.nostraforma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.79.19.196 45.79.19.196	63949 (LINODE-AP...) (LINODE-AP Linode)
2	54.167.93.226 54.167.93.226	14618 (AMAZON-AES) (AMAZON-AES)
1	52.218.89.59 52.218.89.59	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::ac43:48c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	95.211.116.27 95.211.116.27	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	99.86.7.112 99.86.7.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	52.29.211.69 52.29.211.69	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 27	188.68.40.58 188.68.40.58	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
41	11

2 45.79.19.196 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1118-196.members.linode.com

capitalsonethematch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.167.93.226 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-93-226.compute-1.amazonaws.com

denise.v4.byetnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.89.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:48c6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

backend.finalono.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.116.27 (Swifterbant, Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: dc1-ecs-pub-go-vip.kelkoo.com

de-go.kelkoogroup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-112.fra6.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.211.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-211-69.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 188.68.40.58 (Hitzacker, Germany) 1 redirects

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: ncws.nostraforma.com

www.nostraforma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	nostraforma.com 1 redirects www.nostraforma.com	280 KB
5	kelkoogroup.net 2 redirects de-go.kelkoogroup.net — Cisco Umbrella Rank: 773568	31 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 7406 api-js.datadome.co — Cisco Umbrella Rank: 7231	46 KB
2	finalono.com 1 redirects backend.finalono.com — Cisco Umbrella Rank: 894695	2 KB
2	byetnc.com denise.v4.byetnc.com Failed	4 KB
2	capitalsonethematch.com capitalsonethematch.com	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	41 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	7 KB
41	9

	Domain	Requested by
27	www.nostraforma.com	1 redirects de-go.kelkoogroup.net www.nostraforma.com
5	de-go.kelkoogroup.net	2 redirects backend.finalono.com de-go.kelkoogroup.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	backend.finalono.com	1 redirects denise.v4.byetnc.com
2	denise.v4.byetnc.com	capitalsonethematch.com denise.v4.byetnc.com
2	capitalsonethematch.com	capitalsonethematch.com
1	api-js.datadome.co	js.datadome.co
1	www.googletagmanager.com	de-go.kelkoogroup.net
1	js.datadome.co	de-go.kelkoogroup.net
1	s3-eu-west-1.amazonaws.com	denise.v4.byetnc.com
41	10

This site contains links to these domains. Also see Links.

Domain
www.trustedshops.de
www.trustedshops.com

Subject Issuer	Validity	Valid
byetnc.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.kelkoogroup.net Thawte RSA CA 2018	`2021-09-07` - `2022-10-07`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
nostraforma.com R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Frame ID: AC84BA0997BAD8C246B4D336231A1AC6
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Design Leuchten & Designer Lampen bei Nostraforma

Page URL History Show full URLs

http://capitalsonethematch.com/ Page URL
https://denise.v4.byetnc.com/api/user/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
https://backend.finalono.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=... HTTP 302
https://backend.finalono.com/v1/hybrid-web?q=67sghglzsesyo5g3hzkrw5lkuu Page URL
https://de-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1648113044082&.sig=1PJFDS7UGfr6HwRqmwmSl3iTKVg-&affili... HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b794... Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64... HTTP 303
https://www.nostraforma.com/de/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de HTTP 301
https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

41
Requests

93 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

11
IPs

4
Countries

435 kB
Transfer

875 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trustedshops.de/bewertung/info_XC7140D6EB4890F8800AFBF6C188BD716.html
Title: Trusted Shops geprüft

Search URL Search Domain Scan URL

URL: https://www.trustedshops.com/bewertung/info_XC7140D6EB4890F8800AFBF6C188BD716.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capitalsonethematch.com/ Page URL
https://denise.v4.byetnc.com/api/user/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjQwOTEwIiwiZCI6ImNhcGl0YWxzb25ldGhlbWF0Y2guY29tIn0.w3WVsGjTqzBX1e1VKPWqRcWjLVrg7EdmbGnWzZezBDU Page URL
https://backend.finalono.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=6897697179&visitorIPAddress=81.89.101.159&forceKKDeep=https%3A%2F%2Fwww.emotion-24.de&smart=true&sourcePlatform=tonic&cpc=0.0025&source=607789b61999752bb7a8e38b&campaignName=RON-DE-DESKTOP-Normalize-branded-klk-96966781-deeplink-high&geo=DE&auctionId=012805b1cd459be858c5a5b49bf71fa6bd341c928f.r.1648113042.1a81615430dd8121853d5c2b9af8db33&match=ron&device=desktop&browser=chrome&os=windows&long_campaign_id=609dd29a41237910d4ce467c&isRON=true HTTP 302
https://backend.finalono.com/v1/hybrid-web?q=67sghglzsesyo5g3hzkrw5lkuu Page URL
https://de-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1648113044082&.sig=1PJFDS7UGfr6HwRqmwmSl3iTKVg-&affiliationId=96966781&comId=10760523&country=de&cpcId=100104&merchantName=NOSTRAFORMA&searchId=1076100371079908_1648113044060_3376175&service=30&tokenId=0f6dc5ba-bb83-4d81-a348-2da8740ed333&url=https%3A%2F%2Fwww.nostraforma.com%2Fde%2F&custom1=6897697179&custom2=a~r-95af0b3cad284b308f6cf33ee6a25285%7C%7Cdt~2022-03-24%7C%7Ck~nostraforma&addedParams=true HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o= Page URL
https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64724d690990e9d3706c9bd8eb0d7ffb61bb58fb55b20c10f89db619389d2cec3a8d2295d38d1bea29a98597a5b8a70a20027460f858357aa4da228aeaf7bb267422af3bcb83e03e221b3ed60867f7fd36217882be8b707135994f1f22fb50ff4c19f0892b67e4e71feb2015613c23abcad8d2e7e4c3b8e0f1fbd4fbd345e70fcb6e996a50af896fbfe8d66dc1096a34fceebe5d19dbaa98c59d133176a32be7ae790911cfb279ea053307e8bf8deeb3990e0d589e3f21152d5473ee1f81230f803e08605e42099521071e2de515fe2e8ab54787422df7a1bdc4ed7e9706697524abfb1a612e2dee4ad4b64883ea&leadId=dc1-kls-prod-silo-02.prod.dc1.kelkoo.net_1648113044377_1200903&clickId=107699127_1648113044346_1281394&url=https%3A%2F%2Fwww.nostraforma.com%2Fde%2F%3Futm_campaign%3Dpreisvergleich%26utm_medium%3Dcpc%26utm_source%3Dkelkoo_de&initiator=timeout HTTP 303
https://www.nostraforma.com/de/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de HTTP 301
https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://backend.finalono.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=6897697179&visitorIPAddress=81.89.101.159&forceKKDeep=https%3A%2F%2Fwww.emotion-24.de&smart=true&sourcePlatform=tonic&cpc=0.0025&source=607789b61999752bb7a8e38b&campaignName=RON-DE-DESKTOP-Normalize-branded-klk-96966781-deeplink-high&geo=DE&auctionId=012805b1cd459be858c5a5b49bf71fa6bd341c928f.r.1648113042.1a81615430dd8121853d5c2b9af8db33&match=ron&device=desktop&browser=chrome&os=windows&long_campaign_id=609dd29a41237910d4ce467c&isRON=true HTTP 302
https://backend.finalono.com/v1/hybrid-web?q=67sghglzsesyo5g3hzkrw5lkuu

Request Chain 7

https://de-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1648113044082&.sig=1PJFDS7UGfr6HwRqmwmSl3iTKVg-&affiliationId=96966781&comId=10760523&country=de&cpcId=100104&merchantName=NOSTRAFORMA&searchId=1076100371079908_1648113044060_3376175&service=30&tokenId=0f6dc5ba-bb83-4d81-a348-2da8740ed333&url=https%3A%2F%2Fwww.nostraforma.com%2Fde%2F&custom1=6897697179&custom2=a~r-95af0b3cad284b308f6cf33ee6a25285%7C%7Cdt~2022-03-24%7C%7Ck~nostraforma&addedParams=true HTTP 307
https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
capitalsonethematch.com/ 7 KB
7 KB 320ms
133ms Document
text/html 45.79.19.196
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://capitalsonethematch.com/
Protocol: HTTP/1.1
Server: 45.79.19.196 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1118-196.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash: ffb303f36799eda6bd8e16a9dd5f51e2d2ecc04388055f2fd4383e0b36e28255

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: openresty/1.13.6.1
date: Thu, 24 Mar 2022 09:10:41 GMT
content-type: text/html; charset=utf-8
content-length: 7217
vary: Accept-Language
content-language: de
connection: close

GET
H/1.1 200
OK 0
capitalsonethematch.com/mtm/async/.eJxdjMEOwiAQRP-FY8Vi4kVt-i1mu26BBCjCWkmM_y61etDbm5eZeYhbsuIklJACks4VKyUaKVFag5kynwN4qhEhWgaXp0BsyAOjaXHyyxiRItcKU2Fl2DsJMTqLwHYKqixmU_6td92137VHaT1oUjDb8YN3GuLXxq... 274 B
574 B 1185ms
1058ms Fetch
text/html 45.79.19.196
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://capitalsonethematch.com/mtm/async/.eJxdjMEOwiAQRP-FY8Vi4kVt-i1mu26BBCjCWkmM_y61etDbm5eZeYhbsuIklJACks4VKyUaKVFag5kynwN4qhEhWgaXp0BsyAOjaXHyyxiRItcKU2Fl2DsJMTqLwHYKqixmU_6td92137VHaT1oUjDb8YN3GuLXxqBlo5p39fBzkK0OdNlSQQNBUzf3w359FM8X18tLJQ:1nXJUP:G_WUZnX2xEYxAimOL_yECEYVBuc/1/0
Requested by: Host: capitalsonethematch.com
URL: http://capitalsonethematch.com/
Protocol: HTTP/1.1
Server: 45.79.19.196 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1118-196.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://capitalsonethematch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:43 GMT
server: openresty/1.13.6.1
connection: close
content-type: text/html; charset=utf-8
content-length: 274
vary: Accept-Language
content-language: de

GET 012805b1cd459be858c5a5b49bf71fa6bd341c928f.r
denise.v4.byetnc.com/api/user/ 0
0

GET
H2 200 012805b1cd459be858c5a5b49bf71fa6bd341c928f.r
denise.v4.byetnc.com/api/user/ 3 KB
3 KB 319ms
101ms Document
text/html 54.167.93.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://denise.v4.byetnc.com/api/user/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjQwOTEwIiwiZCI6ImNhcGl0YWxzb25ldGhlbWF0Y2guY29tIn0.w3WVsGjTqzBX1e1VKPWqRcWjLVrg7EdmbGnWzZezBDU
Requested by: Host: capitalsonethematch.com
URL: http://capitalsonethematch.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.93.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-93-226.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://capitalsonethematch.com/

Response headers

date: Thu, 24 Mar 2022 09:10:43 GMT
content-type: text/html; charset=utf-8
content-length: 2854
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
accept-ch: UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data

GET
H/1.1 200
OK ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 7 KB
7 KB 142ms
48ms Image
image/gif 52.218.89.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by: Host: denise.v4.byetnc.com
URL: https://denise.v4.byetnc.com/api/user/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjQwOTEwIiwiZCI6ImNhcGl0YWxzb25ldGhlbWF0Y2guY29tIn0.w3WVsGjTqzBX1e1VKPWqRcWjLVrg7EdmbGnWzZezBDU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.89.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 09:10:44 GMT
Last-Modified: Fri, 12 Aug 2016 15:23:54 GMT
Server: AmazonS3
x-amz-request-id: P8D4JAN36X4E6HQB
ETag: "dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 6820
x-amz-id-2: LeMABlOMNSs/+1NfteuZQ/aYSuBNjK8e7UtDOg1aQ27wGNytovuSeC0Z9OySrxZoErH2/4hN2BQ=

GET
H2 200 012805b1cd459be858c5a5b49bf71fa6bd341c928f.r
denise.v4.byetnc.com/api/product/ 596 B
747 B 124ms
124ms XHR
text/html 54.167.93.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://denise.v4.byetnc.com/api/product/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?confirm=a8ca94622ece4af5999ef4147057429f&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fcapitalsonethematch.com%2F&reftaken=feed&refEqual=true&jsa=false&hastouch=false
Requested by: Host: denise.v4.byetnc.com
URL: https://denise.v4.byetnc.com/api/user/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjQwOTEwIiwiZCI6ImNhcGl0YWxzb25ldGhlbWF0Y2guY29tIn0.w3WVsGjTqzBX1e1VKPWqRcWjLVrg7EdmbGnWzZezBDU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.93.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-93-226.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:43 GMT
referrer-policy: no-referrer
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
content-length: 596
content-type: text/html; charset=utf-8

GET
H2

200

hybrid-web
backend.finalono.com/v1/
Redirect Chain

https://backend.finalono.com/v1/rtb?domain=shoppingwaves.net&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=6897697179&visitorIPAddress=81.89.101.159&fo...
https://backend.finalono.com/v1/hybrid-web?q=67sghglzsesyo5g3hzkrw5lkuu

1 KB
947 B

332ms
331ms

Document
text/html

2606:4700:20::ac43:48c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.finalono.com/v1/hybrid-web?q=67sghglzsesyo5g3hzkrw5lkuu
Requested by: Host: denise.v4.byetnc.com
URL: https://denise.v4.byetnc.com/api/user/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjQwOTEwIiwiZCI6ImNhcGl0YWxzb25ldGhlbWF0Y2guY29tIn0.w3WVsGjTqzBX1e1VKPWqRcWjLVrg7EdmbGnWzZezBDU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://denise.v4.byetnc.com/api/user/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjQwOTEwIiwiZCI6ImNhcGl0YWxzb25ldGhlbWF0Y2guY29tIn0.w3WVsGjTqzBX1e1VKPWqRcWjLVrg7EdmbGnWzZezBDU

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-api-version: 4.2.25
x-request-id: vs0b610dma9l7ldeekvp61bfp7rfs181
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uu%2BY4xRvxpO4CTCbMu8IYhGNMyzRG%2Bt8%2Fu0ckeOOjQQ8Xte40T5PEr0rld8gjmPL9rClQnHNSSlLafWK9ZM4Wvhudnq3oTiXd23W%2FP2W5fa%2F3K9xqsycVVhq9o8CMXNywnnLt89Mx9%2BZSRDmR7MardLG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f0e467c8dfb0f7a-MXP
content-encoding: br

Redirect headers

date: Thu, 24 Mar 2022 09:10:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
location: /v1/hybrid-web?q=67sghglzsesyo5g3hzkrw5lkuu
x-api-version: 4.2.25
x-request-id: fmaq7tpnahcp52d2l3b1vr4dve4aminv
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=facmLFi3kTwLTHsP4KqNJf0gT6UuuMbpLmVkQsLvguahl8l7pkFzN2SSQ%2FA8wQ%2BrQ%2FzatjSP32Nvmz2M9spcBVPzahGk%2BllBgHadm6Uo1yJAQeIo%2Fj3YRbwC%2FkysRM267WxUJsaA60919HaPIPqtrWX2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f0e467afa0a0f7a-MXP

GET
H/1.1

200
OK

go Show response
de-go.kelkoogroup.net/
Redirect Chain

https://de-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1648113044082&.sig=1PJFDS7UGfr6HwRqmwmSl3iTKVg-&affiliationId=96966781&comId=10760523&country=de&cpcId=100104&merchantName=NOSTRAFORMA&searchId=1...
https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b...

26 KB
27 KB

29ms
29ms

Document
text/html

95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=

Requested by

Host: backend.finalono.com
URL: https://backend.finalono.com/v1/hybrid-web?q=67sghglzsesyo5g3hzkrw5lkuu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

7ea9ed45e7ec4f314d45833a031337605070a08416f96b10425a1447e5b7afaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://backend.finalono.com/v1/hybrid-web?q=67sghglzsesyo5g3hzkrw5lkuu

Response headers

Date: Thu, 24 Mar 2022 09:10:44 GMT
leadId: dc1-kls-prod-silo-02.prod.dc1.kelkoo.net_1648113044377_1200903
Pragma: no-cache
Charset: utf-8
clickId: 107699127_1648113044346_1281394
country: de
X-DataDome: protected
Request-Time: PT0.012S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAIT0xq-KPV5sA2UCXRQ==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 26504
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=11
Connection: Keep-Alive

Redirect headers

Date: Thu, 24 Mar 2022 09:10:44 GMT
Pragma: no-cache
Charset: utf-8
clickId: 107699127_1648113044346_1281394
country: de
Location: /go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=
X-DataDome: protected
Request-Time: PT0.012S
X-Robots-Tag: noindex,nofollow
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAIT0xq-KPV5sA2UCXRQ==
Referrer-Policy: unsafe-url
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=98
Connection: Keep-Alive
Content-Type: text/plain

GET
H/1.1 200
OK p.png
de-go.kelkoogroup.net/assets/images/ 68 B
625 B 29ms
17ms Image
image/png 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de-go.kelkoogroup.net/assets/images/p.png?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64724d690990e9d3706c9bd8eb0d7ffb61bb58fb55b20c10f89db619389d2cec3a8d2295d38d1bea29a98597a5b8a70a20027460f858357aa4da228aeaf7bb267422af3bcb83e03e221b3ed60867f7fd36217882be8b707135994f1f22fb50ff4c19f0892b67e4e71feb2015613c23abcad8d2e7e4c3b8e0f1fbd4fbd345e70fcb6e996a50af896fbfe8d66dc1096a34fceebe5d19dbaa98c59d133176a32be7ae790911cfb279ea053307e8bf8deeb3990e0d589e3f21152d5473ee1f81230f803e08605e42099521071e2de515fe2e8ab54787422df7a1bdc4ed7e9706697524abfb1a612e2dee4ad4b64883ea&leadId=dc1-kls-prod-silo-02.prod.dc1.kelkoo.net_1648113044377_1200903&clickId=107699127_1648113044346_1281394

Requested by

Host: de-go.kelkoogroup.net
URL: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ApacheTracking: localhost
Date: Thu, 24 Mar 2022 09:10:44 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: PT0.001S
P3P: CP="Anything"
Connection: Keep-Alive
Content-Length: 68
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
ETag: "0fcfe4e20538eb8bce4012b044b9fd14fa55915d"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, must-revalidate
X-Robots-Tag: noindex,nofollow
Keep-Alive: timeout=40, max=59
Expires: Tue, 21 Mar 2023 07:16:21 GMT

GET
H2 200 tags.js Show response
js.datadome.co/ 249 KB
46 KB 41ms
7ms Script
text/javascript 99.86.7.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-112.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

1a682b9b78cd0f16c9dfc66284d185fc2d59bb2638a7cd2434fe805572f4f553

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 08:56:47 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 837
x-cache: Hit from cloudfront
content-length: 46385
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 07:56:44 GMT
server: Apache
etag: "3e201-5daf22fed0b6f-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: XeEQS3xHXYcMvGRAPjhM8Z9TUDDmObrjT0vXuJcwzpHjOO0dhmds0w==
expires: Thu, 24 Mar 2022 09:56:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
41 KB 37ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbc938022f0f0a9031622d8eb0a9506aeae2c752a633be16b36c566b2c41437b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41575
x-xss-protection: 0
expires: Thu, 24 Mar 2022 09:10:44 GMT

POST
H/1.1 200
OK fp
de-go.kelkoogroup.net/ 0
441 B 22ms
19ms Ping
text/plain 95.211.116.27
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://de-go.kelkoogroup.net/fp?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64724d690990e9d3706c9bd8eb0d7ffb61bb58fb55b20c10f89db619389d2cec3a8d2295d38d1bea29a98597a5b8a70a20027460f858357aa4da228aeaf7bb267422af3bcb83e03e221b3ed60867f7fd36217882be8b707135994f1f22fb50ff4c19f0892b67e4e71feb2015613c23abcad8d2e7e4c3b8e0f1fbd4fbd345e70fcb6e996a50af896fbfe8d66dc1096a34fceebe5d19dbaa98c59d133176a32be7ae790911cfb279ea053307e8bf8deeb3990e0d589e3f21152d5473ee1f81230f803e08605e42099521071e2de515fe2e8ab54787422df7a1bdc4ed7e9706697524abfb1a612e2dee4ad4b64883ea&leadId=dc1-kls-prod-silo-02.prod.dc1.kelkoo.net_1648113044377_1200903&clickId=107699127_1648113044346_1281394

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.116.27 Swifterbant, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

dc1-ecs-pub-go-vip.kelkoo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

ApacheTracking: localhost
Date: Thu, 24 Mar 2022 09:10:44 GMT
Referrer-Policy: unsafe-url
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
P3P: CP="Anything"
X-Robots-Tag: noindex,nofollow
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Request-Time: PT0.003S
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=40, max=86

POST
H2 200 / Show response
api-js.datadome.co/js/ 236 B
414 B 54ms
16ms XHR
application/json 52.29.211.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.211.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-211-69.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 4b6250d60e683617ee53732dc934ef227d3bc13ccf72e563f9aed13e9b00ee21

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 09:10:44 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 236
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZS487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5754
date: Thu, 24 Mar 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Mar 2022 09:34:50 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1129157249&t=pageview&_s=1&dl=https%3A%2F%2Fde-go.kelkoogroup.net%2Fgo%3Fcountry%3Dde%26k%3D2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40%26o%3D&dr=https%3A%2F%2Fbackend.finalono.com%2F&dp=%2F96966781%7C10760523%7C&ul=en-us&de=UTF-8&dt=Weiterleitung%20zu%20NOSTRAFORMA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=567628112&gjid=813957028&cid=1093102347.1648113045&tid=UA-168544891-7&_gid=1121973606.1648113045&_r=1&gtm=2wg3e05ZS487&cd1=96966781&cd2=dc1-kls-prod-silo-02.prod.dc1.kelkoo.net_1648113044377_1200903&cd3=10760523&cd4=a4c637f-17fbb314b99-9f03f&cd5=&cd6=96966781%7C10760523%7C&z=249538703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de-go.kelkoogroup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Primary Request / Show response
www.nostraforma.com/
Redirect Chain

https://de-go.kelkoogroup.net/redirect?country=de&k=612f7a9541cd6ea61eb554c0e4cff437139fa1a42a9ff82a114a64724d690990e9d3706c9bd8eb0d7ffb61bb58fb55b20c10f89db619389d2cec3a8d2295d38d1bea29a98597a5b8a...
https://www.nostraforma.com/de/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

188 KB
41 KB

471ms
471ms

Document
text/html

188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

687d2e3cd1500ca5b114cf90b772772b8fc5de25442a6b30ee8071d14ff64b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://de-go.kelkoogroup.net/go?country=de&k=2a2e43adf00cf8edc29714214fc01ffa4a4c958eaf7e24498f53f990b7942796656c7f584ced45fe3ecb222fef48d75d09acb3ab891262d95978276668177c11502c3f8e3153aeec3868f3b4d686267e9e655ff58492c9fd52d356bb645b3ab2e8491d460135ecccf8a2ec813b8ed3da355f6d7cd41b60c71b43899a5c21777b69ab14103f5ac46acae394aae10c90480812164b747a4862f1405e4699317f204c30e7c84fd8143390147aa9673f87b8dccfe2e40b16b6c55baf1f7c8da317b28411be704d1439d9c52adf49980fce1aef39e29e322f9e966d96cacac790f835b7b7107ad112e240636cec5884645d31c98b64e3152a7dbec3c4da67f86d42189e68a06a31f6d6ce5924649862da57516a71e98971a611863b0d57eef28113314fb0f4b3ebcf18cf5283cfff09fbc155c934e15fd6d43bff9e9360ed947a80dd4e32aee1fb895a1d126811a263ffb041a792f705073d9d155a2270710a68053e9c33c6a5376277f12644f3a86f0f4db2378943b441576ded40292a3b57f84358e6c44a49e9684944f5e36b0bd1a286b56ff918da659886c11ec0ee4711e60228116f9c6f9fc5ef489215f10a74a8a6541b20f4e2bd23b8f3897f51faedd00c93e07161c118bee1c26a69fdf3101bc982125eeb09b7c8066f745741bd036435cffdc3d0fbaf2f13bdec9b0a8e15d77d2d9708dd8e4446dce063d0934826519b6df3413b4fe8ffa7eaf144de9c1f54dd974005a2816b5df6428d60dbb30e4dab206e0585d94bd556fa63959e2a3948ee40&o=

Response headers

server: nginx
date: Thu, 24 Mar 2022 09:10:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; preload
front-end-https: on
x-ua-compatible: IE=Edge
content-encoding: gzip

Redirect headers

server: nginx
date: Thu, 24 Mar 2022 09:10:44 GMT
content-type: text/html
content-length: 162
location: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; preload
front-end-https: on
x-ua-compatible: IE=Edge

GET
H2 200 open-sans-v17-latin-regular.woff2
www.nostraforma.com/media/fonts/ 14 KB
14 KB 22ms
19ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/open-sans-v17-latin-regular.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

c48e0380855b0b3a91d9c14c434b2dc8d38c5adca55a8b4ebe2d1e3869407caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-382c"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 open-sans-v17-latin-italic.woff2
www.nostraforma.com/media/fonts/ 13 KB
14 KB 23ms
19ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/open-sans-v17-latin-italic.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

76391461f4bccbf60e2115abd64bad271c78c40a68df8912ea8cc588b02c3a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-35d4"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 open-sans-v17-latin-600.woff2
www.nostraforma.com/media/fonts/ 15 KB
15 KB 23ms
20ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/open-sans-v17-latin-600.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

a71b255c156dbf61b42e17db5e46b8a5e9f54e68ae99ba19c419c242b6ca0272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-3a20"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 open-sans-v17-latin-600italic.woff2
www.nostraforma.com/media/fonts/ 14 KB
14 KB 24ms
20ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/open-sans-v17-latin-600italic.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

62be4a76b89b192091274fdb5ca99694c163d5f1ea33ee5560c74c3c78ef1313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-361c"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 montserrat-v14-latin-regular.woff2
www.nostraforma.com/media/fonts/ 19 KB
19 KB 37ms
34ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/montserrat-v14-latin-regular.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

d109d2663d3381af49cb672689e27be667a5c925728f53beeeb7f30f106b921c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-4ae4"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 montserrat-v14-latin-500.woff2
www.nostraforma.com/media/fonts/ 19 KB
19 KB 37ms
35ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/montserrat-v14-latin-500.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

953c2ae7d1d53f032d3b0614c53b2b7db13bf0f713229aae06b74221b897949e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-4b48"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 montserrat-v14-latin-600.woff2
www.nostraforma.com/media/fonts/ 19 KB
19 KB 37ms
35ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/montserrat-v14-latin-600.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

f8deb3ed3065e64be16f4a8293b5849f4784f9f84a19ff9b80f4f3b276195130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-4b40"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 montserrat-v14-latin-italic.woff2
www.nostraforma.com/media/fonts/ 19 KB
20 KB 37ms
35ms Font
text/plain 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nostraforma.com/media/fonts/montserrat-v14-latin-italic.woff2

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

854571b586218b69615e5049517e8f4f5c990ce5beec8b0ce22247c4edb26cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
Origin: https://www.nostraforma.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Oct 2019 10:18:37 GMT
server: nginx
etag: W/"5da2f9fd-4ccc"
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 trustedshops.png
www.nostraforma.com/media/images/payment/ 9 KB
10 KB 29ms
14ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/payment/trustedshops.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

ab05286c6074b9f0881ac5a3765afba73c5a07d8995d2b5ef3d146a3d2ef583e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: W/"5d7b9961-255a"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 call.svg
www.nostraforma.com/media/images/svg/ 443 B
769 B 33ms
10ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/call.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

1a3dda4778bf43ebb589ae7e25f4c09b1149ed19224cc118cc3d75a7095bd7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-1bb"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 443
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 email.svg
www.nostraforma.com/media/images/svg/ 266 B
591 B 33ms
11ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/email.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

23d0a8a9d09beb1f3d1ff1958353d3847cecd81f75b4b1fb2d1626217e7d446b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-10a"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 266
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 https.svg
www.nostraforma.com/media/images/svg/ 382 B
708 B 33ms
11ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/https.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

79b9b5ef7aa530aa382ee071cd14d0ecf86c5fda455ae61ff58cb440a47913bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-17e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 382
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 logo.svg
www.nostraforma.com/media/images/logo/ 10 KB
10 KB 40ms
15ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/logo/logo.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

68943fca466b5757b55c2349655ea4980b4b303b5849031c1c14e1850333df85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Sep 2019 12:33:03 GMT
server: nginx
etag: "5d7251ff-2822"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 10274
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 search.svg
www.nostraforma.com/media/images/svg/ 394 B
720 B 34ms
15ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/search.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

90d2610f75d3e6b91d7dab64d8995f20794c07730801b5c20d597d4acd36c981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-18a"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 394
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 de.png
www.nostraforma.com/media/images/lang/ 1 KB
1 KB 34ms
15ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/lang/de.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

3a65df65be941f1a39bc994d1d9e205e071196d0559f28ab30a2415f7c942374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: W/"5d7b9961-5a0"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 en.png
www.nostraforma.com/media/images/lang/ 2 KB
2 KB 34ms
16ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/lang/en.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

75d1fd17f9d8815951a17eff522f12e7739e334717d5a3ceb9719c0147515d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: W/"5d7b9961-725"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 fr.png
www.nostraforma.com/media/images/lang/ 1 KB
1 KB 34ms
16ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/lang/fr.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

46539b0137fbf171f4374758e4e3869a2d65f3d7a0e97f27e87a7bbaea520d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: W/"5d7b9961-5a9"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 person.svg
www.nostraforma.com/media/images/svg/ 269 B
595 B 34ms
16ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/person.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

8bd2a7dcc65fb75904329c5bd3240de2b4f079f6f9f5faf7ae8db552dc64605d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-10d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 269
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 shopping_cart.svg
www.nostraforma.com/media/images/svg/ 481 B
806 B 35ms
15ms Image
image/svg+xml 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/svg/shopping_cart.svg

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

520164239929a4ddced6ef6a0f6fa8d72ecda05e63efd66c7fca96468289d8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Sep 2019 13:28:01 GMT
server: nginx
etag: "5d7b9961-1e1"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 481
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 blank.png
www.nostraforma.com/media/images/cms/ 68 B
388 B 35ms
15ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/cms/blank.png

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Sep 2019 12:33:03 GMT
server: nginx
etag: "5d7251ff-44"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 68
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 louis-poulsen-vl-studio_wide_8aa2eaf52d51d60a122cfb94f15eb6d4.webp
www.nostraforma.com/media/cache/generic/ 35 KB
35 KB 35ms
15ms Image
image/webp 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/cache/generic/louis-poulsen-vl-studio_wide_8aa2eaf52d51d60a122cfb94f15eb6d4.webp

Requested by

Host: www.nostraforma.com
URL: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

fec28cc41be49b92e4cc5c58478d14075334d4e6d35c38a7b932773540aab130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Mar 2022 12:30:43 GMT
server: nginx
etag: "62274c73-8ac8"
x-frame-options: SAMEORIGIN
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 35528
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 slider-controls.png
www.nostraforma.com/media/images/ 8 KB
5 KB 19ms
18ms Image
image/png 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/images/slider-controls.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

56e23428c41fed6b72bf6941224d6783cd35a0e0e886836cd95174828b77324b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 May 2021 09:12:32 GMT
server: nginx
etag: W/"60a77980-1ea2"
x-frame-options: SAMEORIGIN
content-type: image/png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 artemide_93096f31d7ead665d5cfb664408c9ff6.webp
www.nostraforma.com/media/cache/350x350/ 7 KB
7 KB 19ms
18ms Image
image/webp 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/cache/350x350/artemide_93096f31d7ead665d5cfb664408c9ff6.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

22658aa5b9faa788a171c254e2e1dfd4857704662b607920ff0167d72cc7a316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 19:16:04 GMT
server: nginx
etag: "612696f4-1a3a"
x-frame-options: SAMEORIGIN
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 6714
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 flos_5e98dd67c4d021e243decac1f8bde6e2.webp
www.nostraforma.com/media/cache/350x350/ 11 KB
11 KB 19ms
19ms Image
image/webp 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/cache/350x350/flos_5e98dd67c4d021e243decac1f8bde6e2.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

2bae3c3d8a1ff5c24aa135076b71781b9a0ff56ab6945c9d406f239f62f74991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 19:16:04 GMT
server: nginx
etag: "612696f4-2ba4"
x-frame-options: SAMEORIGIN
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 11172
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

GET
H2 200 foscarini_b8a579ec1a671e0015b2b1a988dccdec.webp
www.nostraforma.com/media/cache/350x350/ 19 KB
19 KB 19ms
19ms Image
image/webp 188.68.40.58
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nostraforma.com/media/cache/350x350/foscarini_b8a579ec1a671e0015b2b1a988dccdec.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.40.58 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

ncws.nostraforma.com

Software

nginx /

Resource Hash

bd42096bb2e29500d78b24511941b664b25f8eb48080cb1fb7f613e23d3ff6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nostraforma.com/?utm_campaign=preisvergleich&utm_medium=cpc&utm_source=kelkoo_de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:10:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 19:16:05 GMT
server: nginx
etag: "612696f5-4ae6"
x-frame-options: SAMEORIGIN
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 19174
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
front-end-https: on
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: denise.v4.byetnc.com
URL: https://denise.v4.byetnc.com/api/user/012805b1cd459be858c5a5b49bf71fa6bd341c928f.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjQyY2JiYjk3NzUzZTYxODBhOTRiNmMiLCJ0cyI6IjAzMjQwOTEwIiwiZCI6ImNhcGl0YWxzb25ldGhlbWF0Y2guY29tIn0.w3WVsGjTqzBX1e1VKPWqRcWjLVrg7EdmbGnWzZezBDU

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
capitalsonethematch.com/	1970-01-20 01:48:36	Name: mtm_delivered Value: ""
denise.v4.byetnc.com/	1969-12-31 23:59:59	Name: checkme Value: a8ca94622ece4af5999ef4147057429fb789
.kelkoogroup.net/	1970-01-20 10:34:09	Name: referer Value: https%3A%2F%2Fbackend.finalono.com%2F
.kelkoogroup.net/	1970-01-20 10:34:09	Name: kelkooID Value: a4c637f-17fbb314b99-9f03f
.de-go.kelkoogroup.net/	1970-01-20 19:19:45	Name: _ga Value: GA1.3.1093102347.1648113045
.de-go.kelkoogroup.net/	1970-01-20 01:49:59	Name: _gid Value: GA1.3.1121973606.1648113045
.de-go.kelkoogroup.net/	1970-01-20 01:48:33	Name: _gat_UA-168544891-7 Value: 1
.kelkoogroup.net/	1970-01-20 10:34:09	Name: datadome Value: zyO937d-8n5PWJ6IsiaoryHoMfsiZKz9KnaLCQCZ6jlT.PfEd34kFQABbBYa-mKLUePZOVNq-ggj2g8z3My_oWnxWBuIOVaHBIbe92qr__lmWZhRByNq9k5iDu-NgFo
.www.nostraforma.com/	1970-02-08 03:36:24	Name: PHPSESSID Value: i6119d7tcqr9sfqhpomog0a301

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
backend.finalono.com
capitalsonethematch.com
de-go.kelkoogroup.net
denise.v4.byetnc.com
js.datadome.co
s3-eu-west-1.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
www.nostraforma.com
denise.v4.byetnc.com
188.68.40.58
2606:4700:20::ac43:48c6
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
45.79.19.196
52.218.89.59
52.29.211.69
54.167.93.226
95.211.116.27
99.86.7.112
1a3dda4778bf43ebb589ae7e25f4c09b1149ed19224cc118cc3d75a7095bd7fc
1a682b9b78cd0f16c9dfc66284d185fc2d59bb2638a7cd2434fe805572f4f553
22658aa5b9faa788a171c254e2e1dfd4857704662b607920ff0167d72cc7a316
23d0a8a9d09beb1f3d1ff1958353d3847cecd81f75b4b1fb2d1626217e7d446b
2bae3c3d8a1ff5c24aa135076b71781b9a0ff56ab6945c9d406f239f62f74991
3a65df65be941f1a39bc994d1d9e205e071196d0559f28ab30a2415f7c942374
46539b0137fbf171f4374758e4e3869a2d65f3d7a0e97f27e87a7bbaea520d1d
4b6250d60e683617ee53732dc934ef227d3bc13ccf72e563f9aed13e9b00ee21
520164239929a4ddced6ef6a0f6fa8d72ecda05e63efd66c7fca96468289d8ba
56e23428c41fed6b72bf6941224d6783cd35a0e0e886836cd95174828b77324b
62be4a76b89b192091274fdb5ca99694c163d5f1ea33ee5560c74c3c78ef1313
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
687d2e3cd1500ca5b114cf90b772772b8fc5de25442a6b30ee8071d14ff64b6f
68943fca466b5757b55c2349655ea4980b4b303b5849031c1c14e1850333df85
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75d1fd17f9d8815951a17eff522f12e7739e334717d5a3ceb9719c0147515d36
76391461f4bccbf60e2115abd64bad271c78c40a68df8912ea8cc588b02c3a94
79b9b5ef7aa530aa382ee071cd14d0ecf86c5fda455ae61ff58cb440a47913bf
7ea9ed45e7ec4f314d45833a031337605070a08416f96b10425a1447e5b7afaf
854571b586218b69615e5049517e8f4f5c990ce5beec8b0ce22247c4edb26cd7
8bd2a7dcc65fb75904329c5bd3240de2b4f079f6f9f5faf7ae8db552dc64605d
90d2610f75d3e6b91d7dab64d8995f20794c07730801b5c20d597d4acd36c981
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
953c2ae7d1d53f032d3b0614c53b2b7db13bf0f713229aae06b74221b897949e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a71b255c156dbf61b42e17db5e46b8a5e9f54e68ae99ba19c419c242b6ca0272
ab05286c6074b9f0881ac5a3765afba73c5a07d8995d2b5ef3d146a3d2ef583e
bd42096bb2e29500d78b24511941b664b25f8eb48080cb1fb7f613e23d3ff6b9
c48e0380855b0b3a91d9c14c434b2dc8d38c5adca55a8b4ebe2d1e3869407caa
cbc938022f0f0a9031622d8eb0a9506aeae2c752a633be16b36c566b2c41437b
d109d2663d3381af49cb672689e27be667a5c925728f53beeeb7f30f106b921c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8deb3ed3065e64be16f4a8293b5849f4784f9f84a19ff9b80f4f3b276195130
fec28cc41be49b92e4cc5c58478d14075334d4e6d35c38a7b932773540aab130
ffb303f36799eda6bd8e16a9dd5f51e2d2ecc04388055f2fd4383e0b36e28255

www.nostraforma.com Open in urlscan Pro 188.68.40.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

93 %HTTPS

30 %IPv6

9 Domains

10 Subdomains

11 IPs

4 Countries

435 kBTransfer

875 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nostraforma.com Open in urlscan Pro
188.68.40.58 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

11
IPs

4
Countries

435 kB
Transfer

875 kB
Size

9
Cookies

41 HTTP transactions
0 data transactions