www.deflikindgoms.com Open in urlscan Pro
2606:4700:3037::ac43:83ef Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.deflikindgoms.com/
Submission: On March 15 via manual (March 15th 2022, 10:57:39 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 20 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3037::ac43:83ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.deflikindgoms.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2022. Valid for: a year.

This is the only time www.deflikindgoms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3037::ac43:83ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2.18.234.194 2.18.234.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	104.92.71.148 104.92.71.148	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	13.225.80.45 13.225.80.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	207.154.218.208 207.154.218.208	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.190.117.114 35.190.117.114	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:20e... 2600:9000:20eb:4200:15:1dc0:1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.127.244.142 3.127.244.142	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.130.83 151.101.130.83	54113 (FASTLY) (FASTLY)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
44	21

8 2606:4700:3037::ac43:83ef (United States)

ASN13335 (CLOUDFLARENET, US)

www.deflikindgoms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-194.deploy.static.akamaitechnologies.com

www.tripadvisor.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.71.148 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-71-148.deploy.static.akamaitechnologies.com

www.jscache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-45.fra2.r.cloudfront.net

tr.additive-apps.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.154.218.208 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

api.marketing-cloud.additive-apps.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.117.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.117.190.35.bc.googleusercontent.com

cdn.tr.additive-apps.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

europe-west1-additive-visor-230210.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4200:15:1dc0:1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pushpanda.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.244.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-244-142.eu-central-1.compute.amazonaws.com

app.pushpanda.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.83 (United States)

ASN54113 (FASTLY, US)

static.tacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	deflikindgoms.com www.deflikindgoms.com	32 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	15 KB
4	clarity.ms 1 redirects i.clarity.ms — Cisco Umbrella Rank: 1864 c.clarity.ms — Cisco Umbrella Rank: 547	24 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 338 c.bing.com — Cisco Umbrella Rank: 193	13 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	195 KB
3	tripadvisor.co.uk www.tripadvisor.co.uk — Cisco Umbrella Rank: 37542	28 KB
2	tacdn.com static.tacdn.com — Cisco Umbrella Rank: 9812	3 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	138 KB
2	pushpanda.io cdn.pushpanda.io — Cisco Umbrella Rank: 542002 app.pushpanda.io — Cisco Umbrella Rank: 754883	85 KB
2	additive-apps.tech api.marketing-cloud.additive-apps.tech cdn.tr.additive-apps.tech	672 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	32 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6433	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
1	cloudfunctions.net europe-west1-additive-visor-230210.cloudfunctions.net	347 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	additive-apps.cloud tr.additive-apps.cloud	9 KB
1	tripadvisor.com www.tripadvisor.com — Cisco Umbrella Rank: 8152	919 B
1	jscache.com 1 redirects www.jscache.com — Cisco Umbrella Rank: 15658	1 KB
44	20

	Domain	Requested by
8	www.deflikindgoms.com	www.deflikindgoms.com
5	www.facebook.com	www.deflikindgoms.com connect.facebook.net
4	connect.facebook.net	www.deflikindgoms.com connect.facebook.net
3	bat.bing.com	www.deflikindgoms.com bat.bing.com
3	www.tripadvisor.co.uk	www.deflikindgoms.com www.jscache.com
2	c.clarity.ms	1 redirects
2	static.tacdn.com	www.tripadvisor.co.uk
2	i.clarity.ms	bat.bing.com i.clarity.ms
2	static.xx.fbcdn.net	www.facebook.com
2	www.googleadservices.com	www.deflikindgoms.com
1	c.bing.com	1 redirects
1	www.google.de	www.deflikindgoms.com
1	www.google.com	www.deflikindgoms.com
1	app.pushpanda.io	cdn.pushpanda.io
1	cdn.pushpanda.io	www.deflikindgoms.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	europe-west1-additive-visor-230210.cloudfunctions.net	www.deflikindgoms.com
1	cdn.tr.additive-apps.tech	www.deflikindgoms.com
1	api.marketing-cloud.additive-apps.tech	tr.additive-apps.cloud
1	www.googletagmanager.com	www.deflikindgoms.com
1	www.google-analytics.com	www.deflikindgoms.com
1	tr.additive-apps.cloud	www.deflikindgoms.com
1	www.tripadvisor.com	www.deflikindgoms.com
1	www.jscache.com	1 redirects
44	24

This site contains links to these domains. Also see Links.

Domain
wa.me
v8a-moving-pictures.com
hohenwart.guestnet.info
www.hohenwart.com
www.tripadvisor.co.uk
www.facebook.com
www.instagram.com
www.youtube.com
www.pfefferlechner.it
www.belvita.it
www.merano-suedtirol.it
www.bookingsouthtyrol.com
www.suedtirol.info
www.additive.eu

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-15` - `2023-03-14`	a year	crt.sh
www.tripadvisor.com DigiCert SHA2 Extended Validation Server CA	`2021-05-26` - `2022-06-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tr.additive-apps.cloud Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-22` - `2022-03-22`	3 months	crt.sh
api.marketing-cloud.additive-apps.tech R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
cdn.tr.additive-apps.tech GTS CA 1D4	`2022-02-20` - `2022-05-21`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
cdn.pushpanda.io Amazon	`2021-10-08` - `2022-11-06`	a year	crt.sh
app.pushpanda.io R3	`2022-03-02` - `2022-05-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
static.tacdn.com GlobalSign RSA OV SSL CA 2018	`2022-02-04` - `2023-03-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.deflikindgoms.com/
Frame ID: 20B16EDFDB55637EAC76371B608C063A
Requests: 37 HTTP requests in this frame

Frame: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/wellness-heaven.html
Frame ID: ACF01432E108CF70E91142C268A53E09
Requests: 1 HTTP requests in this frame

Frame: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/holiday-check.html
Frame ID: 508A17F58D5496EABBEDF62FA8AE7467
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=216201631731655&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f8e4e0cde1aa8%26domain%3Dwww.deflikindgoms.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.deflikindgoms.com%252Ff9247cffd13%26relation%3Dparent.parent&container_width=1584&href=https%3A%2F%2Fwww.facebook.com%2Fhotelhohenwart%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=large
Frame ID: 7F987A43AF95831BA4FDE253D0BA1190
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E931E685F147E1A56D77987397B6E53F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wellness Hotel Hohenwart | Schenna, Meran | South Tyrol

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

44
Requests

95 %
HTTPS

55 %
IPv6

20
Domains

24
Subdomains

21
IPs

3
Countries

595 kB
Transfer

1773 kB
Size

16
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/393346316850

Search URL Search Domain Scan URL

URL: https://v8a-moving-pictures.com/hohenwart_schenna/index_en.html?autoRotateSpeed=5
Title: 360° Virtual Tour

Search URL Search Domain Scan URL

URL: https://v8a-moving-pictures.com/hohenwart_schenna/index_en.html?nav_id=5663-62472&autoRotateSpeed=5%20
Title: luxury SPA area

Search URL Search Domain Scan URL

URL: https://v8a-moving-pictures.com/hohenwart_schenna/index_en.html?nav_id=5663-62471&autoRotateSpeed=5%20
Title: saunas and steam baths,

Search URL Search Domain Scan URL

URL: https://v8a-moving-pictures.com/hohenwart_schenna/index_en.html?nav_id=5663-62476&autoRotateSpeed=5
Title: relaxation rooms

Search URL Search Domain Scan URL

URL: https://v8a-moving-pictures.com/hohenwart_schenna/index_en.html?nav_id=5663-62472&autoRotateSpeed=5
Title: saltwater pool on the rooftop terrace

Search URL Search Domain Scan URL

URL: https://v8a-moving-pictures.com/hohenwart_schenna/index_en.html?nav_id=5663-62465&autoRotateSpeed=5%20
Title: breakfast buffet

Search URL Search Domain Scan URL

URL: https://hohenwart.guestnet.info/en/home%20
Title: activity program

Search URL Search Domain Scan URL

URL: https://v8a-moving-pictures.com/hohenwart_schenna/index_en.html?nav_id=5663-62462&autoRotateSpeed=5
Title: 82 ft sports swimming pool

Search URL Search Domain Scan URL

URL: https://v8a-moving-pictures.com/hohenwart_schenna/index_en.html?nav_id=5663-62477&autoRotateSpeed=5
Title: gym

Search URL Search Domain Scan URL

URL: https://www.hohenwart.com/en/hotel-rooms-prices/rooms-prices/offers/lets-go-toerggelen_2021.html
Title: Törggelen

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.co.uk/Hotel_Review-g194911-d539558-Reviews-Hotel_Hohenwart-Scena_Province_of_South_Tyrol_Trentino_Alto_Adige.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hotelhohenwart

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hotel_hohenwart

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Hohenwart1

Search URL Search Domain Scan URL

URL: http://www.pfefferlechner.it/
Title: Pfefferlechner Traditional Winery

Search URL Search Domain Scan URL

URL: https://www.belvita.it/wellness-hotel

Search URL Search Domain Scan URL

URL: https://www.merano-suedtirol.it/en/merano-and-environs.html

Search URL Search Domain Scan URL

URL: https://www.merano-suedtirol.it/en/scena.html

Search URL Search Domain Scan URL

URL: https://www.bookingsouthtyrol.com/scenaschenna/hotel-hohenwart

Search URL Search Domain Scan URL

URL: https://www.suedtirol.info/en/accommodation/accommodation-search/Hotel-Hohenwart_a_8658

Search URL Search Domain Scan URL

URL: http://www.additive.eu/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2 HTTP 301
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2

Request Chain 40

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=117B951F038A4CD495006B2100ADE3B0&RedC=c.clarity.ms&MXFR=105FA83AF9AF63D43D9AB952FDAF6D79 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=117B951F038A4CD495006B2100ADE3B0&MUID=25A406F881D56B8B3175179080BE6A55

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.deflikindgoms.com/ 127 KB
28 KB 551ms
497ms Document
text/html 2606:4700:3037::ac43:83ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:83ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b11e25881b96bc17ef17bd8112bbcd4d3613d42d13d43937549121236425278

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V80yxL0HO7EbqJvQrJEdHHM2SSgJAg4MQ9hgxNhhvRVJc9ciQOqaw0EyW%2BL7KruNj2pkyvr4nsA9DT6OOKfasBmqauYC0PAffblX7FObZfN8Y62h1LEqBRTK1moEbUkVPpPHt7bcgr1nJAOi7hpmy4RD8gQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ec8d94cce389259-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 6610a0d6eb897663051bfbbfc49a31c2.css
www.deflikindgoms.com/modules/cssJsCombinator/ 0
0 123ms
122ms Stylesheet
text/html 2606:4700:3037::ac43:83ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.deflikindgoms.com/modules/cssJsCombinator/6610a0d6eb897663051bfbbfc49a31c2.css
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:83ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJaZCA2fPxBRHopTROS8sNa%2FmPkgrXfQdK6prk50M%2FhVhZ72k7dwdDgmpSa0YdDCF3%2F9Uv81UWQfxnpe6pj2JoahYfWfeNhGhideAHhAmGJEJ24UPwrr31ow4mxigQT4VPhVG9Sx6mbwJ2x0Ya%2BZ0HXoDTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6ec8d95009959259-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 bell.png
www.deflikindgoms.com/themes/custom/images/ 564 B
564 B 123ms
123ms Image
text/html 2606:4700:3037::ac43:83ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.deflikindgoms.com/themes/custom/images/bell.png
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:83ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YzU9%2FgsJQ5wwNUQiMwoTViNXmK1HmAxt0q8HNVVnE1zJoC6KY0TR07hjib9%2BA2dF4ZSOGPrWZreP09B4%2FFyIAQeAk8qU3Z3JaP78GC%2BLnU3JCMIM8SKKokqYBZZNOhu%2FfPIHjB1lJa2FaWlOgJHYJvNY%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6ec8d95009969259-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 CoE2017_WidgetAsset-14348-2.png
www.tripadvisor.co.uk/img/cdsi/img2/awards/ 15 KB
16 KB 242ms
137ms Image
image/png 2.18.234.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripadvisor.co.uk/img/cdsi/img2/awards/CoE2017_WidgetAsset-14348-2.png
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-194.deploy.static.akamaitechnologies.com
Software: envoy /
Resource Hash: 3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: https://www.tripadvisor.com
date: Tue, 15 Mar 2022 22:57:35 GMT
server: envoy
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
cache-control: private, max-age=43200
content-type: image/png
content-length: 15558
expires: Wed, 16 Mar 2022 10:57:35 GMT

GET
H3 200 email-decode.min.js Show response
www.deflikindgoms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 52ms
52ms Script
application/javascript 2606:4700:3037::ac43:83ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deflikindgoms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:83ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Mar 2022 18:25:01 GMT
server: cloudflare
etag: W/"622f887d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0h4yk1ti2W7MHSN5PJPQg%2B8gw5pWjHyQ2T7k5Fpe1zeJlhhYj%2FzxTP5Uryez6b6NmT7xuKi1f0uBV04sE7NAygKGd25cO5m06pEdTtOdEXKDRIvA893rAfkGBByxy%2BTIevU22erCvf9%2FNM9Ksqh0BC8fEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec8d950df9d9bb3-FRA
vary: Accept-Encoding
expires: Thu, 17 Mar 2022 22:57:34 GMT

GET
H2

200

wejs Show response
www.tripadvisor.com/
Redirect Chain

https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2

277 B
919 B

203ms
183ms

Script
application/x-javascript

2.18.234.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Server: 2.18.234.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-194.deploy.static.akamaitechnologies.com
Software: envoy /
Resource Hash: c5290c1d03e311d84c1a0e3b10eb57cf688ef82ffe8e9d50166a953555bf2e92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:35 GMT
content-encoding: gzip
server: envoy
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
cache-control: no-cache,no-store,must-revalidate
content-type: application/x-javascript;charset=UTF-8
content-length: 253
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:35 GMT
server: envoy
timing-allow-origin: https://www.tripadvisor.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
location: https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
cache-control: max-age=0, no-cache, no-store
content-type: text/plain; charset=utf-8
content-length: 0
expires: Tue, 15 Mar 2022 22:57:35 GMT

GET
H3 404 facebook.png
www.deflikindgoms.com/themes/custom/plugins/imageShare/ 564 B
564 B 167ms
166ms Image
text/html 2606:4700:3037::ac43:83ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.deflikindgoms.com/themes/custom/plugins/imageShare/facebook.png
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:83ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjV6MnKOUyIx%2BzxaDlAEihp%2FxVT4co6ZstcevMMn14UbEFTWUuhs5%2FVHyfAqN5SnPdPLAquhCoo022ekKByiaIwz%2BurDnkTK223dFG4rUlmkNY9b03Ojw1EXZnl1wzZOTZdUADYV3Iu2hSJQjcEhhFszyx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6ec8d950dfa79bb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 39a495cd3b7d5ddab3b8be845344190c.js
www.deflikindgoms.com/modules/cssJsCombinator/ 0
0 164ms
163ms Script
text/html 2606:4700:3037::ac43:83ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.deflikindgoms.com/modules/cssJsCombinator/39a495cd3b7d5ddab3b8be845344190c.js
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:83ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7GuyBM1VcO%2FmBsPD5aX%2FjjxGKXtr7C1l6tjyPNeDKNCorhS7QGo7jzVLmCB2pp3CidElANnw0JfgYJNAoUIkG9bB5k5GxJWmHu80k%2F%2B2qRIcp%2FmMMymqF2MfJHPsaUfg%2B8lyEvM5bpuyzfC46Qmq59UV3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6ec8d950dfa89bb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 133ms
49ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

37adfa46b47d25263e6aa9d11888a0a3be8c21fab0eac748c2ec828099409339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17280
x-xss-protection: 0
server: cafe
etag: 8400793797420563360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 22:57:34 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 142ms
60ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14889
x-xss-protection: 0
server: cafe
etag: 11178597599353190569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 22:57:34 GMT

GET
H2 200 main.js Show response
tr.additive-apps.cloud/ 30 KB
9 KB 60ms
7ms Script
application/javascript 13.225.80.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.additive-apps.cloud/main.js
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-45.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e9c2ff2e4a7634d3bcfe453a858a78423b1e9dca13d7b4caa0b6370a0923d3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:41:22 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 15:26:57 GMT
server: AmazonS3
age: 62173
etag: W/"ca89999d4579e2c203e8bf61b7ede37e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: iNbuOweb9Lw7kzjoCg5TBKdJFr1fbrdBHEIsHFdHiZ0EirnTmV2l6A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4964
date: Tue, 15 Mar 2022 21:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Mar 2022 23:34:50 GMT

GET
H2 404 gtm.js
www.googletagmanager.com/ 0
0 135ms
48ms Script
text/html 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456M88
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: 569bBvrcANTpIHqSzhdiNBUynr+37J1gIcNpYE6DHhpsbUjzDn4V4Nw+JJ1tg8lre3NHIMp95ZFmX3/7fD/uEw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Mar 2022 22:57:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 404 wellness-heaven.html Show response
www.deflikindgoms.com/en/information/information-service/hotel-reviews/ Frame ACF0 564 B
648 B 153ms
152ms Document
text/html 2606:4700:3037::ac43:83ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/wellness-heaven.html
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:83ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/

Response headers

date: Tue, 15 Mar 2022 22:57:35 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OnJdvEVPkrHMsZyYIdWtwPveowSzpfFb1BvsLJbMkDZ4GYwq6kpdEvHNikzUiAtusL72HzwXrpb1DPNLSKNbHCdzh1pBM87tf0qmcnByIO1m9OSdDzJ8O3QKP07riDDzKiC4Vy%2FM%2FnjOyzQGw6vStQcKAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ec8d950efc59bb3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 holiday-check.html Show response
www.deflikindgoms.com/en/information/information-service/hotel-reviews/ Frame 508A 564 B
653 B 161ms
161ms Document
text/html 2606:4700:3037::ac43:83ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/holiday-check.html
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:83ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/

Response headers

date: Tue, 15 Mar 2022 22:57:35 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OGd8FFNQS%2B4slY2tKsNvfVvMmxY7O%2FRwrqV1URsDUsk%2F2v0qynaICYxrpCHg31uUUcHXGmw3p4wdh%2F2TfR1GneQG%2FshBIZqBjhDUhgMl5Vl7NQ6dhdsOSOKveWfmqNy2nO8HQ6Eu11pth%2B62NPjgI1w6UQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ec8d950efc79bb3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1224626914242084 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 59ms
49ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1224626914242084?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d31a2abeb037e4ea4067a5abbdc34e92b041228f2c3f23bb87738065a928d571

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: nUxkqxVcmRLuvOi4kAJyJIr6J6DukLhDJ/XhlAr9ia04JQpGAtoW7Mp101E5Sb/enlpVWT4i8KcSN3xUp8l+Tw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Mar 2022 22:57:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_EN/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57e61fa3cc97aa570cc9d61f88b9d17ef0118a07bcf5cd806d9d72d85a0a8268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BSvUmZQV51AssO99rAtoAg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: GIgZUZaFpjnwdEakiR6Czq3ZxpvimpFOU0KFhBYQX1qIFaW/bzCCdjAjyDO/EHohhTrOWHZzEYvmywT3zlVa/g==
x-fb-content-md5: d66644efb6e97a876a537339a7c8a524
x-frame-options: DENY
date: Tue, 15 Mar 2022 22:57:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "69123a40198f4dcbbca1c076256aa9df"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 23:03:00 GMT

GET
H2 200 bf8440ca.json Show response
api.marketing-cloud.additive-apps.tech/w/config/ 15 B
175 B 33ms
7ms XHR
application/json 207.154.218.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.marketing-cloud.additive-apps.tech/w/config/bf8440ca.json
Requested by: Host: tr.additive-apps.cloud
URL: https://tr.additive-apps.cloud/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.154.218.208 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 69b74503365b54990581bab8b47f3c2dab97b19bb50e2f8e7a8e01bb3708c76c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
last-modified: Tue, 15 Mar 2022 22:57:04 GMT
server: nginx/1.10.3
etag: "623119c0-f"
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15

GET
H2 200 pixel.gif
cdn.tr.additive-apps.tech/ 43 B
497 B 68ms
15ms Image
image/gif 35.190.117.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tr.additive-apps.tech/pixel.gif?r=kcjyi5zr16l441jbhkyq8r&entity=bf8440ca&payload=eyJtZXRhX2RhdGEiOnsidXVpZCI6ImYwNjkzZTA0LTQ5NDQtNDdhZC01ODY2LTVlNjJjN2MxMjc0MCIsInBhZ2UiOiJodHRwczovL3d3dy5kZWZsaWtpbmRnb21zLmNvbS8iLCJtYV91dWlkIjpudWxsLCJzZXNzaW9uX3V1aWQiOiIxMjVhNzNlNC0yYjE3LWUwYmYtNTRmZC02MmFhMGM2MTE3NDQiLCJyZWZlcnJlciI6IiIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzYifX0=
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.117.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.117.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:30:18 GMT
age: 1636
x-guploader-uploadid: ADPycduOMHWh3dLMU9sdE-WIDqH0alm2gFMmk6XKnQ_simUa9th6Pf4NxtlOqoXIBLsyNwj4CuaO7U03C8hqgGHk7ZorFc_SiQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 43
last-modified: Tue, 24 Sep 2019 12:56:20 GMT
server: UploadServer
etag: "df3e567d6f16d040326c7a0ea29a4f41"
x-goog-hash: crc32c=6jWeOQ==, md5=3z5WfW8W0EAybHoOoppPQQ==
x-goog-generation: 1569329780170153
cache-control: public, max-age=3600
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif
expires: Tue, 15 Mar 2022 23:30:18 GMT

GET
H2 200 pixel
europe-west1-additive-visor-230210.cloudfunctions.net/ 43 B
347 B 80ms
27ms Image
image/gif 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://europe-west1-additive-visor-230210.cloudfunctions.net/pixel?r=aa9bkkuu7l8aslkugpzxll&entity=bf8440ca&payload=eyJtZXRhX2RhdGEiOnsidXVpZCI6ImYwNjkzZTA0LTQ5NDQtNDdhZC01ODY2LTVlNjJjN2MxMjc0MCIsInBhZ2UiOiJodHRwczovL3d3dy5kZWZsaWtpbmRnb21zLmNvbS8iLCJtYV91dWlkIjpudWxsLCJzZXNzaW9uX3V1aWQiOiIxMjVhNzNlNC0yYjE3LWUwYmYtNTRmZC02MmFhMGM2MTE3NDQiLCJyZWZlcnJlciI6IiIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzYifX0=
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
server: Google Frontend
x-powered-by: Express
content-type: image/gif
x-cloud-trace-context: 161088031dac9d744ee7243c7e0c2249
function-execution-id: 30heetyjq7we
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 280 KB
80 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9121e24c103f234417b9db876815b798

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1849ac8c216b5d402ab95e0d282fbe63125d7d0ad8b7bb22215c74f6554ddce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.deflikindgoms.com/
Origin: https://www.deflikindgoms.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6xjLFHZu82kAxB0+DAEvcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 15 Mar 2023 21:57:21 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81452
x-fb-rlafr: 0
x-fb-debug: KNbnlEDMbUBjKg2CaBMEb9QMhId4Khn0gk+BWtU3xmz/8I/ivFHg5c0+QBDrUPNv5ugMGRiLSt3xjCKOduVQOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9b56a20e677b242783bb57644fd007a2
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 22:57:34 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6fe842f1abfb62da708141426bfa2d88"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=216201631731655&ev=fb_page_view&dl=https%3A%2F%2Fwww.deflikindgoms.com%2F&rl=&if=false&ts=1647385054965&sw=1600&sh=1200&at=

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 15 Mar 2022 22:57:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1224626914242084&ev=PageView&dl=https%3A%2F%2Fwww.deflikindgoms.com%2F&rl=&if=false&ts=1647385054987&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647385054986.2084921833&it=1647385054893&coo=false&exp=p1&rqm=GET

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 15 Mar 2022 22:57:34 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036408298/ 2 KB
2 KB 136ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036408298/?random=1647385055000&cv=9&fst=1647385055000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.deflikindgoms.com%2F&tiba=Wellness%20Hotel%20Hohenwart%20%7C%20Schenna%2C%20Meran%20%7C%20South%20Tyrol&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9674b799e9b6220ff4c17dc1474b916769debf67b25ed89a45ac7c1479210d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1032
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 48ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD2A43A396864FF1828958DB3BB080AF Ref B: FRAEDGE1518 Ref C: 2022-03-15T22:57:35Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 sdk.js Show response
cdn.pushpanda.io/sdk/ 84 KB
84 KB 59ms
8ms Script
application/javascript 2600:9000:20eb:4200:15:1dc0:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushpanda.io/sdk/sdk.js
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4200:15:1dc0:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fba37cab3990e5e17f6688f48d6a4f15dfa75243356d4d4698269808b27cca6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:35:37 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Thu, 25 Feb 2021 23:32:02 GMT
server: AmazonS3
age: 44519
etag: "4329bb7c1b249aefcd9ad028b5606d93"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 85775
x-amz-cf-id: SO1FBb3mSQNuou6ADbXVJTTYmE48t3qZzMAXmw5h-PyLdErrMCG30g==

GET
H3 200 like.php Show response
www.facebook.com/v2.12/plugins/ Frame 7F98 44 KB
14 KB 124ms
115ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=216201631731655&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f8e4e0cde1aa8%26domain%3Dwww.deflikindgoms.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.deflikindgoms.com%252Ff9247cffd13%26relation%3Dparent.parent&container_width=1584&href=https%3A%2F%2Fwww.facebook.com%2Fhotelhohenwart%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9121e24c103f234417b9db876815b798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bcf7d022a8ae5e56553ce9b872bd5619de1c2cac661d7be00bca30cc73e5a898

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v6.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: cHbJlCYlbiL4DpEwSOOZgHt226SAP9a7sSOvUGVte8Bap6k/M0Z2AP/6n4rxQgvc1GotAfNY1eOC2WU620EkQw==
date: Tue, 15 Mar 2022 22:57:35 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0

GET
H2 200 5948448.js Show response
bat.bing.com/p/action/ 823 B
805 B 154ms
154ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5948448.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c11e14d2851b9f40db94d279eb1827143bfe0aa2000c4713d7915d5da5daa5fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:34 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 221ABF70558148E0A75F1484D53D2F91 Ref B: FRAEDGE1518 Ref C: 2022-03-15T22:57:35Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 655

GET
H2 204 0
bat.bing.com/action/ 0
150 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5948448&Ver=2&mid=4821ca88-153e-4245-a909-f073a5755450&sid=4dadcb70a4b311ecb609c99d290192dc&vid=4dadd110a4b311ec993e390a8f82fd3a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Wellness%20Hotel%20Hohenwart%20%7C%20Schenna,%20Meran%20%7C%20South%20Tyrol&p=https%3A%2F%2Fwww.deflikindgoms.com%2F&r=&lt=901&evt=pageLoad&msclkid=N&sv=1&rn=309175
Requested by: Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CEA19D4BFBB342519307353DD291DEB9 Ref B: FRAEDGE1518 Ref C: 2022-03-15T22:57:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK www.deflikindgoms.com Show response
app.pushpanda.io/api/push/project/990524f0-4313-11e9-82bb-359bdc37c594/ 164 B
603 B 104ms
78ms Fetch
application/json 3.127.244.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pushpanda.io/api/push/project/990524f0-4313-11e9-82bb-359bdc37c594/www.deflikindgoms.com

Requested by

Host: cdn.pushpanda.io
URL: https://cdn.pushpanda.io/sdk/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

3.127.244.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-244-142.eu-central-1.compute.amazonaws.com

Software

nginx/1.17.3 /

Resource Hash

399209352be45ffd8f409337a8be59bf89798ae6a211bc3bf41581d002f161cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:57:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.17.3
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
X-RateLimit-Remaining: 179
Cache-Control: no-cache, private
Transfer-Encoding: chunked
X-RateLimit-Limit: 180
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/1036408298/ 42 B
548 B 135ms
51ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1036408298/?random=1647385055000&cv=9&fst=1647381600000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.deflikindgoms.com%2F&tiba=Wellness%20Hotel%20Hohenwart%20%7C%20Schenna%2C%20Meran%20%7C%20South%20Tyrol&fmt=3&is_vtc=1&random=1443146099&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1036408298/ 42 B
548 B 137ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036408298/?random=1647385055000&cv=9&fst=1647381600000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.deflikindgoms.com%2F&tiba=Wellness%20Hotel%20Hohenwart%20%7C%20Schenna%2C%20Meran%20%7C%20South%20Tyrol&fmt=3&is_vtc=1&random=1443146099&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 7F98 400 B
1004 B 22ms
7ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=216201631731655&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f8e4e0cde1aa8%26domain%3Dwww.deflikindgoms.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.deflikindgoms.com%252Ff9247cffd13%26relation%3Dparent.parent&container_width=1584&href=https%3A%2F%2Fwww.facebook.com%2Fhotelhohenwart%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:35 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: jjNh08Szkmkj764MSIMaDTAjRki4O9HZONdZzNyDx2B9tVr4RwhCTETpCFGYUauSdK9B3HrCSzaDJ6n/KDA1qw==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Mar 2023 05:54:10 GMT

GET
H2 200 cco2Lfx01q4.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yw/l/en_US/ Frame 7F98 522 KB
137 KB 21ms
8ms XHR
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yw/l/en_US/cco2Lfx01q4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52bace53099f2b3d7559a90683f826433200a1f41680a389fc6e27c3b7cd220a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2msnyuY1BB3wWSykHdb5Zg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139360
x-fb-rlafr: 0
x-fb-debug: Ir7Dhc0a1rIqoZlzHjR/uSfVRT/7ECsuiYGxOOPcoUe42CkAALJP/MDWiS3dpl4LYoV5dk9XEC3lif92fxq7ZA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 14 Mar 2023 20:28:24 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 7F98 67 B
101 B 26ms
26ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1647385055192&t_start=1647385055192&t_domcontent=1647385055197&t_layout=1647385055228&t_onload=1647385055228&t_paint=1647385055228&t_creport=1647385055228&t_tti=1647385055197&lid=7075464936388498002-0

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=216201631731655&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f8e4e0cde1aa8%26domain%3Dwww.deflikindgoms.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.deflikindgoms.com%252Ff9247cffd13%26relation%3Dparent.parent&container_width=1584&href=https%3A%2F%2Fwww.facebook.com%2Fhotelhohenwart%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: eNLTMmHT6a0PFZI6N3tv0NhPpGGsPTy/+MBDEiLW+piNcTLMK2DClB7hWQJDeGZGB34EbQGpl2TWLFxvJ+QWMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Mar 2022 22:57:35 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
i.clarity.ms/s/0.6.32/ 53 KB
23 KB 329ms
96ms Script
application/javascript 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5948448.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:34 GMT
content-encoding: br
etag: "1d8380e6acd1d90"
last-modified: Tue, 15 Mar 2022 01:45:58 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 WidgetEmbed-certificateOfExcellence Show response
www.tripadvisor.co.uk/ 11 KB
5 KB 166ms
166ms Script
text/javascript 2.18.234.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripadvisor.co.uk/WidgetEmbed-certificateOfExcellence?year=2019&locationId=539558&display_version=2&uniq=757&lang=en_UK
Requested by: Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-194.deploy.static.akamaitechnologies.com
Software: envoy /
Resource Hash: 31a26f4a971a46d217027693dfc1b66f1b5467344d0d21348bc897b019942402

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:35 GMT
content-encoding: gzip
server: envoy
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
vary: User-Agent,Accept-Encoding
content-language: en-GB
content-type: text/javascript;charset=UTF-8
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-length: 3247
expires: 0

GET
H2 200 t4b_widget_coe-v2381509749a.css
static.tacdn.com/css2/build/concat/ 12 KB
2 KB 56ms
7ms Stylesheet
text/css 151.101.130.83
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
Requested by: Host: www.tripadvisor.co.uk
URL: https://www.tripadvisor.co.uk/WidgetEmbed-certificateOfExcellence?year=2019&locationId=539558&display_version=2&uniq=757&lang=en_UK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:35 GMT
content-encoding: gzip
age: 689745
x-cache: HIT
x-cache-hits: 6912
content-length: 2172
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Mar 2022 12:32:50 GMT
server: envoy
x-timer: S1647385056.528678,VS0,VE0
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:21:50 GMT

GET
H2 200 cdswidgets_min-c-v2395114504a.js Show response
static.tacdn.com/js3/build/concat/widget/ 2 KB
787 B 56ms
8ms Script
application/x-javascript 151.101.130.83
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
Requested by: Host: www.tripadvisor.co.uk
URL: https://www.tripadvisor.co.uk/WidgetEmbed-certificateOfExcellence?year=2019&locationId=539558&display_version=2&uniq=757&lang=en_UK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:57:35 GMT
content-encoding: gzip
age: 1810176
x-cache: HIT
x-cache-hits: 27202
content-length: 647
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Thu, 17 Feb 2022 12:32:46 GMT
server: envoy
x-timer: S1647385056.528729,VS0,VE0
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
cache-control: max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Feb 2023 00:07:59 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E931 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.deflikindgoms.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.deflikindgoms.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Tue, 15 Mar 2022 22:57:35 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=117B951F038A4CD495006B2100ADE3B0&RedC=c.clarity.ms&MXFR=105FA83AF9AF63D43D9AB952FDAF6D79
https://c.clarity.ms/c.gif?CtsSyncId=117B951F038A4CD495006B2100ADE3B0&MUID=25A406F881D56B8B3175179080BE6A55

42 B
369 B

27ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=117B951F038A4CD495006B2100ADE3B0&MUID=25A406F881D56B8B3175179080BE6A55
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:34 GMT
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7c5ed6a6f22cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 22:57:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2A521E54395341F490D4737506B8BE30 Ref B: FRAEDGE1518 Ref C: 2022-03-15T22:57:35Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=117B951F038A4CD495006B2100ADE3B0&MUID=25A406F881D56B8B3175179080BE6A55
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 coe-14348-2.png
www.tripadvisor.co.uk/img/cdsi/img2/awards/v2/ 5 KB
6 KB 108ms
108ms Image
image/png 2.18.234.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripadvisor.co.uk/img/cdsi/img2/awards/v2/coe-14348-2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-194.deploy.static.akamaitechnologies.com
Software: envoy /
Resource Hash: 63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.deflikindgoms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: https://www.tripadvisor.com
date: Tue, 15 Mar 2022 22:57:35 GMT
server: envoy
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
cache-control: private, max-age=43200
content-type: image/png
content-length: 5516
expires: Wed, 16 Mar 2022 10:57:35 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
98 B 291ms
290ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.deflikindgoms.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.deflikindgoms.com
date: Tue, 15 Mar 2022 22:57:35 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.deflikindgoms.com/	1970-01-20 01:36:28	Name: flow Value: 7056
www.deflikindgoms.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: uisoan8aobo2jscl65m43en0rs
www.deflikindgoms.com/	1969-12-31 23:59:59	Name: channel_id Value: 489
www.deflikindgoms.com/	1970-01-20 01:36:39	Name: additivemc_session_information Value: eyJmaXJzdFBhZ2UiOiJodHRwczovL3d3dy5kZWZsaWtpbmRnb21zLmNvbS8iLCJyZWZlcnJlciI6IiIsImFjaWQiOm51bGx9
www.deflikindgoms.com/	1970-01-20 01:36:39	Name: additivemc_session_uuid Value: 125a73e4-2b17-e0bf-54fd-62aa0c611744
.deflikindgoms.com/	1970-01-20 03:46:01	Name: _fbp Value: fb.1.1647385054986.2084921833
.bing.com/	1970-01-20 10:58:01	Name: MUID Value: 25A406F881D56B8B3175179080BE6A55
.deflikindgoms.com/	1970-01-20 01:37:51	Name: _uetsid Value: 4dadcb70a4b311ecb609c99d290192dc
.deflikindgoms.com/	1970-01-20 10:58:01	Name: _uetvid Value: 4dadd110a4b311ec993e390a8f82fd3a
.doubleclick.net/	1970-01-20 01:36:25	Name: test_cookie Value: CheckForPermission
.deflikindgoms.com/	1970-01-20 10:22:01	Name: _clck Value: hvas11\|1\|ezs\|0
.c.bing.com/	1970-01-20 10:58:01	Name: SRM_B Value: 25A406F881D56B8B3175179080BE6A55
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:58:01	Name: MUID Value: 25A406F881D56B8B3175179080BE6A55
.c.clarity.ms/	1970-01-20 01:36:25	Name: ANONCHK Value: 0
.deflikindgoms.com/	1970-01-20 01:37:51	Name: _clsk Value: b1s4gb\|1647385056082\|1\|1\|i.clarity.ms/collect

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.deflikindgoms.com/modules/cssJsCombinator/6610a0d6eb897663051bfbbfc49a31c2.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.deflikindgoms.com/themes/custom/images/bell.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456M88 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.deflikindgoms.com/modules/cssJsCombinator/39a495cd3b7d5ddab3b8be845344190c.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.deflikindgoms.com/themes/custom/plugins/imageShare/facebook.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/wellness-heaven.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/holiday-check.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.marketing-cloud.additive-apps.tech
app.pushpanda.io
bat.bing.com
c.bing.com
c.clarity.ms
cdn.pushpanda.io
cdn.tr.additive-apps.tech
connect.facebook.net
europe-west1-additive-visor-230210.cloudfunctions.net
googleads.g.doubleclick.net
i.clarity.ms
static.tacdn.com
static.xx.fbcdn.net
tr.additive-apps.cloud
www.deflikindgoms.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.jscache.com
www.tripadvisor.co.uk
www.tripadvisor.com
104.92.71.148
13.225.80.45
142.250.186.34
151.101.130.83
2.18.234.194
2001:4860:4802:36::36
207.154.218.208
2600:9000:20eb:4200:15:1dc0:1c0:93a1
2606:4700:3037::ac43:83ef
2620:1ec:c11::200
2a00:1450:4001:801::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.127.244.142
35.190.117.114
52.142.114.2
52.167.85.21
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1849ac8c216b5d402ab95e0d282fbe63125d7d0ad8b7bb22215c74f6554ddce3
1fba37cab3990e5e17f6688f48d6a4f15dfa75243356d4d4698269808b27cca6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b11e25881b96bc17ef17bd8112bbcd4d3613d42d13d43937549121236425278
31a26f4a971a46d217027693dfc1b66f1b5467344d0d21348bc897b019942402
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37adfa46b47d25263e6aa9d11888a0a3be8c21fab0eac748c2ec828099409339
399209352be45ffd8f409337a8be59bf89798ae6a211bc3bf41581d002f161cf
3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
4e9c2ff2e4a7634d3bcfe453a858a78423b1e9dca13d7b4caa0b6370a0923d3f
52bace53099f2b3d7559a90683f826433200a1f41680a389fc6e27c3b7cd220a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57e61fa3cc97aa570cc9d61f88b9d17ef0118a07bcf5cd806d9d72d85a0a8268
63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625
69b74503365b54990581bab8b47f3c2dab97b19bb50e2f8e7a8e01bb3708c76c
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
bcf7d022a8ae5e56553ce9b872bd5619de1c2cac661d7be00bca30cc73e5a898
c11e14d2851b9f40db94d279eb1827143bfe0aa2000c4713d7915d5da5daa5fd
c5290c1d03e311d84c1a0e3b10eb57cf688ef82ffe8e9d50166a953555bf2e92
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd
d31a2abeb037e4ea4067a5abbdc34e92b041228f2c3f23bb87738065a928d571
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9674b799e9b6220ff4c17dc1474b916769debf67b25ed89a45ac7c1479210d1
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.deflikindgoms.com Open in urlscan Pro 2606:4700:3037::ac43:83ef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

55 %IPv6

20 Domains

24 Subdomains

21 IPs

3 Countries

595 kBTransfer

1773 kBSize

16 Cookies

22 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.deflikindgoms.com Open in urlscan Pro
2606:4700:3037::ac43:83ef Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

55 %
IPv6

20
Domains

24
Subdomains

21
IPs

3
Countries

595 kB
Transfer

1773 kB
Size

16
Cookies

44 HTTP transactions
0 data transactions