coldavathermvicour.com Open in urlscan Pro
50.63.179.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Submission: On August 11 via automatic, source phishtank (August 11th 2023, 3:50:06 am UTC) — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 18 domains to perform 47 HTTP transactions. The main IP is 50.63.179.9, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is coldavathermvicour.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 15th 2023. Valid for: 3 months.

This is the only time coldavathermvicour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	50.63.179.9 50.63.179.9	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1	65.9.7.214 65.9.7.214	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:480... 2a02:26f0:480:f::213:7ece	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	52.222.206.94 52.222.206.94	16509 (AMAZON-02) (AMAZON-02)
3	52.222.206.105 52.222.206.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2	34.120.78.44 34.120.78.44	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:c200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7eda	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
47	25

1 50.63.179.9 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 9.179.63.50.host.secureserver.net

coldavathermvicour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-214.fra56.r.cloudfront.net

d3h5jhobc20ump.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.206.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-94.fra56.r.cloudfront.net

dl6fh5ptkejqa.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.206.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-105.fra56.r.cloudfront.net

d1ayxb9ooonjts.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

12389169.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.78.44 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 44.78.120.34.bc.googleusercontent.com

sp.bitly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:c200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7eda (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 541 p.typekit.net — Cisco Umbrella Rank: 664	127 KB
7	cloudfront.net d3h5jhobc20ump.cloudfront.net dl6fh5ptkejqa.cloudfront.net d1ayxb9ooonjts.cloudfront.net	224 KB
6	doubleclick.net 2 redirects 12389169.fls.doubleclick.net — Cisco Umbrella Rank: 227576 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	4 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 368 www.linkedin.com — Cisco Umbrella Rank: 543 px4.ads.linkedin.com — Cisco Umbrella Rank: 5984	5 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5933 adservice.google.de — Cisco Umbrella Rank: 12711	1 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2770 adservice.google.com — Cisco Umbrella Rank: 116 www.google.com — Cisco Umbrella Rank: 3	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	315 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	bitly.com sp.bitly.com — Cisco Umbrella Rank: 106661	19 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	156 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 710	396 B
1	t.co t.co — Cisco Umbrella Rank: 536	377 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 890	375 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 754	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 819	5 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 392	31 KB
1	coldavathermvicour.com coldavathermvicour.com	3 KB
47	18

	Domain	Requested by
7	use.typekit.net	coldavathermvicour.com
4	12389169.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	coldavathermvicour.com www.googletagmanager.com
3	px.ads.linkedin.com	3 redirects
3	d1ayxb9ooonjts.cloudfront.net	coldavathermvicour.com d3h5jhobc20ump.cloudfront.net
3	dl6fh5ptkejqa.cloudfront.net	coldavathermvicour.com
2	adservice.google.de	adservice.google.com
2	www.facebook.com	coldavathermvicour.com
2	adservice.google.com	12389169.fls.doubleclick.net
2	www.google.de	coldavathermvicour.com
2	sp.bitly.com	dl6fh5ptkejqa.cloudfront.net
2	connect.facebook.net	coldavathermvicour.com connect.facebook.net
2	www.google-analytics.com	coldavathermvicour.com www.google-analytics.com
1	www.google.com	coldavathermvicour.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	p.typekit.net	coldavathermvicour.com
1	analytics.twitter.com	coldavathermvicour.com
1	t.co	coldavathermvicour.com
1	px4.ads.linkedin.com	coldavathermvicour.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.ads-twitter.com	coldavathermvicour.com
1	snap.licdn.com	coldavathermvicour.com
1	ajax.googleapis.com	coldavathermvicour.com
1	d3h5jhobc20ump.cloudfront.net	coldavathermvicour.com
1	coldavathermvicour.com
47	28

This site contains no links.

Subject Issuer	Validity	Valid
www.coldavathermvicour.com cPanel, Inc. Certification Authority	`2023-07-15` - `2023-10-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-20` - `2023-08-18`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.bitly.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-27` - `2024-04-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-11-14` - `2023-11-14`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Frame ID: 178036FE679CE5E7E6C88F6E3931297A
Requests: 40 HTTP requests in this frame

Frame: https://12389169.fls.doubleclick.net/activityi;dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F
Frame ID: 1DA0CFAFE0EBF158B9BE0E78ED565494
Requests: 1 HTTP requests in this frame

Frame: https://12389169.fls.doubleclick.net/activityi;dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F
Frame ID: BF7F87A6A0EFDA0A0DE7650821704565
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F
Frame ID: 2A7056850B884B495D562621B260F1B6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F
Frame ID: B53AD1B765AF1485BA7F0216D5DB3550
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F
Frame ID: E912CA9090D85907DC7906017033A77F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F
Frame ID: A4D382D1D0D65CFD25CFC83BAD2D267D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The power of the link.

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

62 %
IPv6

18
Domains

28
Subdomains

25
IPs

3
Countries

905 kB
Transfer

2113 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://12389169.fls.doubleclick.net/activityi;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F HTTP 302
https://12389169.fls.doubleclick.net/activityi;dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F

Request Chain 26

https://12389169.fls.doubleclick.net/activityi;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F HTTP 302
https://12389169.fls.doubleclick.net/activityi;dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F

Request Chain 33

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3409844%26time%3D1691725801580%26url%3Dhttps%253A%252F%252Fcoldavathermvicour.com%252Fee3eb8018e98e4b08b9b95f2a189b9bc%252Fcertified%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&cookiesTest=true&liSync=true&e_ipv6=AQIytK1BOYO2KQAAAYnitynyTQBD7tQneEpRHbdKd3QKwV4E1BLRO-G18yARPBdvhtuVjxzcpHD99exYFG9cOG0oQiswbA

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/ 9 KB
3 KB 992ms
647ms Document
text/html 50.63.179.9
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.179.9 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 9.179.63.50.host.secureserver.net
Software: Apache / PHP/7.4.33
Resource Hash: 71f9f923e5b7d0dcf0310c7f7371520945be003101320b96221f23acd028b67e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 3159
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 03:50:00 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 0ac9d15122a8f6eb11fc74e009bacbec.css
d3h5jhobc20ump.cloudfront.net/ 42 KB
28 KB 39ms
8ms Stylesheet
text/css 65.9.7.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3h5jhobc20ump.cloudfront.net/0ac9d15122a8f6eb11fc74e009bacbec.css
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-214.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ae765b03f37e883a3bc2a65c693c2ad1f264acb1a89a18c56f7e464ef8847f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:10:11 GMT
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified: Fri, 28 Apr 2023 14:34:34 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 221990
etag: W/"bf636c31ca56084cb394191e76c05f20"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=315360000
x-amz-cf-id: BWCpjEcvCKZhVR4ezvkObgqHjJs2kct5sO7NA1acBTKZP71v4jZDCg==
expires: Mon, 25 Apr 2033 14:34:33 GMT

GET
H2 200 mys2uzu.js Show response
use.typekit.net/ 18 KB
7 KB 60ms
16ms Script
text/javascript 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/mys2uzu.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fb54d4664a564135a46872a97a5e04b51a8d8900166da23826b771c432650b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 11 Aug 2023 03:50:01 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6744

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 169 KB
63 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12389169

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04895819a5020573235473b1b2b70c14aa7b6919a3356bfe2d3bcd29bae80186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63924
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 03:50:01 GMT

GET
H2 200 2b21cdf7bb0327252f60662d1fdfbc32.svg
dl6fh5ptkejqa.cloudfront.net/ 522 B
902 B 51ms
14ms Image
image/svg+xml 52.222.206.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl6fh5ptkejqa.cloudfront.net/2b21cdf7bb0327252f60662d1fdfbc32.svg
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-94.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 10ee4f83b50510af01b23073e2986287d083d07a28f94afc5aa2f56c91d0304b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 20 May 2023 19:05:24 GMT
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified: Fri, 30 Aug 2019 16:24:32 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 7116277
etag: "140772d577519d4737ce475f66b4dfc9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 522
x-amz-cf-id: X0uPSVXIX1Otayre_WwTvHwR0tNSTNcn9BFdKPhBYeapo11zH2fQHQ==
expires: Mon, 27 Aug 2029 16:24:31 GMT

GET
H2 200 518ec586a1814c0216f44b4844b86f5e.svg
d1ayxb9ooonjts.cloudfront.net/ 509 B
888 B 33ms
6ms Image
image/svg+xml 52.222.206.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/518ec586a1814c0216f44b4844b86f5e.svg
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-105.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 50554df9b481511f6583a93a75ba8503564f4800a6291431f31055c8ec365371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:11:29 GMT
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
last-modified: Fri, 30 Aug 2019 16:24:31 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1795112
etag: "a16b3edeb71936cc23a430da41c8ce84"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 509
x-amz-cf-id: 8l6uqiUaSoA153CjOh0YDFg5Lj7LlldeSFkVhJz7z1388kmanv2D6g==
expires: Mon, 27 Aug 2029 16:24:30 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 14:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 14:17:25 GMT

GET
H2 200 0b259cffe5ac15bfe1b9d94c1beb06e9.js Show response
dl6fh5ptkejqa.cloudfront.net/ 71 KB
71 KB 48ms
7ms Script
application/javascript 52.222.206.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl6fh5ptkejqa.cloudfront.net/0b259cffe5ac15bfe1b9d94c1beb06e9.js
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-94.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 584c7859f5ee97ddc73d0647d6dc3de7ca98c8b154e391908bf95abd88a382c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:10:11 GMT
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 15:17:34 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 221990
etag: "4af9bc69054c987593a4ee69d65da26a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 72193
x-amz-cf-id: VECZXX5UNx8926lfMacq9FIt5w9baDEio1S3gTbVSj-H-r1669DcMg==
expires: Fri, 21 Jan 2033 15:17:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 54ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7551085b282eddd5ef20aa46315c3a9e733c0d993fd51f301969bd0901aca32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92572
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 11 Aug 2023 03:50:01 GMT

GET
H2 200 b1eaafb48b055f33a360d6e77586bc0f.js Show response
dl6fh5ptkejqa.cloudfront.net/ 40 KB
41 KB 51ms
15ms Script
application/javascript 52.222.206.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl6fh5ptkejqa.cloudfront.net/b1eaafb48b055f33a360d6e77586bc0f.js
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-94.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 83c6a1e1d15f07e1e647f1c5a648b2f2dfad61f2dd9ca3dd9cf1ef381e4d1879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 23:28:26 GMT
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 13:45:40 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 2089295
etag: "a8630206831ed8119fd8b402a3d51bd0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 41239
x-amz-cf-id: 57Mr0qNnltj747kvMUWQANw7Cz2nLRHlqg8ALf0E3QCkaIWCR9tI_Q==

GET
H2 200 03885108b01f0b92601b9be97af3aa9a.otf
d1ayxb9ooonjts.cloudfront.net/ 61 KB
41 KB 31ms
9ms Font
font/opentype 52.222.206.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/03885108b01f0b92601b9be97af3aa9a.otf
Requested by: Host: d3h5jhobc20ump.cloudfront.net
URL: https://d3h5jhobc20ump.cloudfront.net/0ac9d15122a8f6eb11fc74e009bacbec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-105.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9

Request headers

Referer: https://d3h5jhobc20ump.cloudfront.net/
Origin: https://coldavathermvicour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 01:21:22 GMT
content-encoding: gzip
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2015 20:49:14 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 2687319
etag: W/"bf9f5d50c1b928ff21436517a1a95ad9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/opentype
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-id: kFp0j9tr3cRGnVVNxRDcGqeG4nyvjfI48HkF5R_KXC6dUy-G8tsOpw==
expires: Sun, 20 Apr 2025 20:49:13 GMT

GET
H2 200 3e574ee721bb592fd3e6aab4a3780dbc.otf
d1ayxb9ooonjts.cloudfront.net/ 62 KB
41 KB 33ms
13ms Font
font/opentype 52.222.206.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/3e574ee721bb592fd3e6aab4a3780dbc.otf
Requested by: Host: d3h5jhobc20ump.cloudfront.net
URL: https://d3h5jhobc20ump.cloudfront.net/0ac9d15122a8f6eb11fc74e009bacbec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-105.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb

Request headers

Referer: https://d3h5jhobc20ump.cloudfront.net/
Origin: https://coldavathermvicour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 07:25:35 GMT
content-encoding: gzip
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2015 20:49:14 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 2060665
etag: W/"f14eee643541cf03a10f26c944cc29f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/opentype
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-id: 0ao95cw53fqoIJIeO739ubmXv0zt82pUl-v8ivm9E_HxrTN5BnrHIw==
expires: Sun, 20 Apr 2025 20:49:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Aug 2023 03:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 18
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 11 Aug 2023 05:49:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Aug 2023 03:50:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: qTbDyuXwU7G3OQoL1w6i0H8fXTAwjcbJqDf/K16m8QzuwQJ2hJwcz7q+A7sOskrt/CokxcofHKvScv9wWlYuzw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 53ms
14ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=61876
accept-ranges: bytes
content-length: 4862

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 57ms
12ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230093-FRA

GET
H2 200 l
use.typekit.net/af/0e8ca9/0000000000000000000148a6/21/ 17 KB
17 KB 57ms
13ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0e8ca9/0000000000000000000148a6/21/l?subset_id=2&fvd=n6&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 31fe8e1afce2f1487c323de595df41cd61a0a780e938fcfa219c00d0d8700a22

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
server: nginx
etag: "fa69ba7a0541237d29d5d63ab89ddf5c0ddcc122"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17180

GET
H2 200 l
use.typekit.net/af/651407/0000000000000000000148a4/21/ 17 KB
17 KB 58ms
15ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/651407/0000000000000000000148a4/21/l?subset_id=2&fvd=n4&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c2a3051b111255a7bb60f2c2f880119a34b9badd3094fe5da0809e9867189be9

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
server: nginx
etag: "1e687793ce64d9cbb865b34e0184a5d7d0d615aa"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17144

GET
H2 200 l
use.typekit.net/af/04aaaa/0000000000000000000148a2/21/ 17 KB
17 KB 68ms
25ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/04aaaa/0000000000000000000148a2/21/l?subset_id=2&fvd=n3&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 739d05993fb4c31c049518fb52a5784df194db6fd16bc428dcc16baf679aeca3

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
server: nginx
etag: "84a5a8f3c03b24dbec4386ecc1405d47828de8e4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17524

GET
H2 200 l
use.typekit.net/af/c6d995/0000000000000000000132df/21/ 22 KB
22 KB 68ms
26ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c6d995/0000000000000000000132df/21/l?subset_id=2&fvd=n4&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ce7a0e2e92f9b02f744009e39e82163283f4b6f648de2c513351b909ef7400d4

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
server: nginx
etag: "55559d7f4efc3f7fb33e7b9699ee2047fb65f3de"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22436

GET
H2 200 l
use.typekit.net/af/a5fac4/0000000000000000000132e3/21/ 23 KB
23 KB 57ms
15ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a5fac4/0000000000000000000132e3/21/l?subset_id=2&fvd=n7&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 449ad51e04f90d09cd5d6d1df91f8b69cf888ca97c7d2318e1e30b35d2b403d4

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
server: nginx
etag: "672c8850fd84c3f8278b634e73850f7f7b605f9a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23268

GET
H2 200 l
use.typekit.net/af/ed8887/0000000000000000000132e1/21/ 24 KB
24 KB 68ms
26ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ed8887/0000000000000000000132e1/21/l?subset_id=2&fvd=n5&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b46f010dcef0a7bf6dd266a0d2c899a08517b282e9b899b08a4d9e33609def23

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
server: nginx
etag: "816b6b90e41be7dcaac2711c46c41dfaf0935c86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24388

GET
H2

200

activityi;dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv... Show response
12389169.fls.doubleclick.net/ Frame 1DA0
Redirect Chain

https://12389169.fls.doubleclick.net/activityi;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
https://12389169.fls.doubleclick.net/activityi;dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;u...

610 B
526 B

51ms
51ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12389169.fls.doubleclick.net/activityi;dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12389169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

00fa30707e7091008e707eed270a3e3b93ba6bf30b4899b73c0692366214e3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coldavathermvicour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 350
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 03:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 03:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12389169.fls.doubleclick.net/activityi;dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12389169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

958a768815e4cbd2cbffe66053f975c1d9c5ce3ab1b9b2331e10823d9952d8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 11 Aug 2023 03:50:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-768371374&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12389169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abbbd36503866c6a79fba920f246e204ed54baa8d328d9f1e809aad1067a80ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72305
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 03:50:01 GMT

OPTIONS
H2 200 tp2
sp.bitly.com/com.snowplowanalytics.snowplow/ Frame 0
0 135ms
103ms Preflight 34.120.78.44
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.bitly.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.78.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 44.78.120.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://coldavathermvicour.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://coldavathermvicour.com
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 11 Aug 2023 03:50:01 GMT
server: akka-http
via: 1.1 google

POST
H3 200 tp2 Show response
sp.bitly.com/com.snowplowanalytics.snowplow/ 2 B
19 B 105ms
96ms XHR
text/plain 34.120.78.44
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.bitly.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: dl6fh5ptkejqa.cloudfront.net
URL: https://dl6fh5ptkejqa.cloudfront.net/b1eaafb48b055f33a360d6e77586bc0f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.78.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 44.78.120.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://coldavathermvicour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
via: 1.1 google
server: akka-http
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://coldavathermvicour.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2

200

activityi;dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver... Show response
12389169.fls.doubleclick.net/ Frame BF7F
Redirect Chain

https://12389169.fls.doubleclick.net/activityi;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
https://12389169.fls.doubleclick.net/activityi;dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafv...

597 B
508 B

52ms
52ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12389169.fls.doubleclick.net/activityi;dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12389169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

4799dd1eb6ec13e78d648ea8ac1282e574b08c2b9c89a2749fad2d7413895dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coldavathermvicour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 335
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 03:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 03:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12389169.fls.doubleclick.net/activityi;dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 36ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-567GCTL9BB&gtm=45je3890&_p=38831570&_gaz=1&cid=1191302298.1691725802&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691725801&sct=1&seg=0&dl=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&dt=The%20power%20of%20the%20link.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:50:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coldavathermvicour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 76ms
20ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-567GCTL9BB&cid=1191302298.1691725802&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:50:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coldavathermvicour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-567GCTL9BB&cid=1191302298.1691725802&gtm=45je3890&aip=1&z=413649851

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:50:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 15ms
15ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=38831570&t=pageview&_s=1&dl=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&ul=en-us&de=UTF-8&dt=The%20power%20of%20the%20link.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1431662509&gjid=1784737096&cid=1191302298.1691725802&tid=UA-25224921-3&_gid=392345514.1691725802&_r=1&_slc=1&cd2=user&z=283093800

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coldavathermvicour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:50:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coldavathermvicour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 575684804151769 Show response
connect.facebook.net/signals/config/ 382 KB
109 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/575684804151769?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

748da16c031d26288953c306823663e995fa83b82f51c63ed1ae5b2018f16a41

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Aug 2023 03:50:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111417
x-xss-protection: 0
pragma: public
x-fb-debug: YQXAi1HSpB4hUHc4hRXzQ/6/yPlYKRtOt4rOg2+RA9y7wls48TbJ44EDNG3XtffGIGWkcrNJOH48GHYpnvZlrA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3409844/domain/coldavathermvicour.com/ 36 B
375 B 30ms
8ms XHR
application/json 2600:9000:20eb:c200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3409844/domain/coldavathermvicour.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://coldavathermvicour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:49:26 GMT
content-encoding: gzip
via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 35
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: QPlU-7V4QOPirxYJepMz_p5j4cAzUP1lQBxE29WqVDRSlJ7LPqWgcA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3409844%26time%3D1691725801580%26url%3Dhttps%253A%252F%252Fcoldavathermvicour.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&cookiesTest=true&liSync=tru...

0
265 B

130ms
103ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&cookiesTest=true&liSync=true&e_ipv6=AQIytK1BOYO2KQAAAYnitynyTQBD7tQneEpRHbdKd3QKwV4E1BLRO-G18yARPBdvhtuVjxzcpHD99exYFG9cOG0oQiswbA
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:02 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8D223DA87D8746CDA53083C87CF62590 Ref B: FRAEDGE1808 Ref C: 2023-08-11T03:50:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCnZt9w98CYpKvgvxZlg==

Redirect headers

date: Fri, 11 Aug 2023 03:50:01 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F55A17433A6C46DFAB372BB0531EA20E Ref B: FRAEDGE1222 Ref C: 2023-08-11T03:50:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691725801580&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&cookiesTest=true&liSync=true&e_ipv6=AQIytK1BOYO2KQAAAYnitynyTQBD7tQneEpRHbdKd3QKwV4E1BLRO-G18yARPBdvhtuVjxzcpHD99exYFG9cOG0oQiswbA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCnZt7xFhWz74Yu23aXg==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 168ms
110ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=19b106f7-4ced-4e22-bdd2-f7f56654ee62&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e517ab61-d41b-46d2-8fef-2d874f52bb02&tw_document_href=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2pdk&type=javascript&version=2.3.29

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 90
date: Fri, 11 Aug 2023 03:50:00 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 59dffadf776b026a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c6e4e34ec342a235e12d23ed29bb4c3f8ddecefe63de18b620c384e5c508c89e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 240ms
182ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=19b106f7-4ced-4e22-bdd2-f7f56654ee62&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e517ab61-d41b-46d2-8fef-2d874f52bb02&tw_document_href=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2pdk&type=javascript&version=2.3.29

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 162
date: Fri, 11 Aug 2023 03:50:01 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: c72ed9dccd9cafdd
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 167dc7574da6b56680d836e2d9d40a64e5da9c0b17681b21296c26439780b3ae
content-length: 43

GET
H2 200 p.gif
p.typekit.net/ 35 B
205 B 68ms
13ms Image
image/gif 2a02:26f0:480:f::213:7eda
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=mys2uzu&ht=tk&h=coldavathermvicour.com&f=173.175.5474.10294.10296.10302&a=549976&js=1.21.0&app=typekit&e=js&_=1691725801588
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7eda Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:50:01 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/768371374/ 3 KB
2 KB 52ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/768371374/?random=1691725801602&cv=11&fst=1691725801602&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&hn=www.googleadservices.com&frm=0&tiba=The%20power%20of%20the%20link.&auid=48460938.1691725801&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-768371374&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb0c54b7f74a30d256eecb0f25e044812a885ccb52776738b3a87416e5611f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep... Show response
adservice.google.com/ddm/fls/i/ Frame 2A70 609 B
422 B 76ms
45ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F

Requested by

Host: 12389169.fls.doubleclick.net
URL: https://12389169.fls.doubleclick.net/activityi;dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

116e9475b79a43ff06290a22024fcee19ea01b94a1c2147d058c2d3bb4befa65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12389169.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 03:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h... Show response
adservice.google.com/ddm/fls/i/ Frame B53A 596 B
713 B 62ms
44ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F

Requested by

Host: 12389169.fls.doubleclick.net
URL: https://12389169.fls.doubleclick.net/activityi;dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c25a4328a67e6c5b77516fc42e67fb94ecf654e7dfb1a56f599dcaf70272de57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12389169.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 338
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 03:50:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=575684804151769&ev=PageView&dl=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&rl=&if=false&ts=1691725801649&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691725801648.835491602&cs_est=true&it=1691725801545&coo=false&exp=a1&rqm=GET

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 03:50:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/768371374/ 42 B
455 B 44ms
22ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/768371374/?random=1691725801602&cv=11&fst=1691722800000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&frm=0&tiba=The%20power%20of%20the%20link.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2373959190&rmt_tld=0&ipr=y

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:50:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/768371374/ 42 B
154 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/768371374/?random=1691725801602&cv=11&fst=1691722800000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&frm=0&tiba=The%20power%20of%20the%20link.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2373959190&rmt_tld=1&ipr=y

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/ee3eb8018e98e4b08b9b95f2a189b9bc/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:50:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h... Show response
adservice.google.de/ddm/fls/i/ Frame E912 194 B
515 B 107ms
44ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPTD0tvZ04ADFXZUwgod5T0E4w;src=12389169;type=conve0;cat=signu0;ord=2570416328233;auiddc=48460938.1691725801;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 03:50:01 GMT
expires: Fri, 11 Aug 2023 03:50:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep... Show response
adservice.google.de/ddm/fls/i/ Frame A4D3 194 B
150 B 105ms
44ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJfC0tvZ04ADFa9DwgodioUDRw;src=12389169;type=conve0;cat=signu0;ord=1456938314710;auiddc=48460938.1691725801;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 03:50:01 GMT
expires: Fri, 11 Aug 2023 03:50:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 7ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=575684804151769&ev=Microdata&dl=https%3A%2F%2Fcoldavathermvicour.com%2Fee3eb8018e98e4b08b9b95f2a189b9bc%2Fcertified%2F&rl=&if=false&ts=1691725803153&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20The%20power%20of%20the%20link.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691725801648.835491602&it=1691725801545&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 03:50:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coldavathermvicour.com/	1970-01-20 16:05:01	Name: _gcl_au Value: 1.1.48460938.1691725801
.coldavathermvicour.com/	1970-01-20 13:55:27	Name: _sp_ses.b627 Value: *
.coldavathermvicour.com/	1970-01-20 23:31:25	Name: _sp_id.b627 Value: 5bb97b63-36d5-427b-9de1-1dc3edacf68d.1691725801.1.1691725801..93d983c6-d9d9-4270-9ce9-6fa2cca2fc07..ee214919-b47c-4443-92fb-8409f3555236.1691725801434.1
.coldavathermvicour.com/	1970-01-20 23:31:25	Name: _ga Value: GA1.2.1191302298.1691725802
.coldavathermvicour.com/	1970-01-20 13:56:52	Name: _gid Value: GA1.2.392345514.1691725802
.coldavathermvicour.com/	1970-01-20 13:55:25	Name: _gat Value: 1
.coldavathermvicour.com/	1970-01-20 23:31:25	Name: _ga_567GCTL9BB Value: GS1.1.1691725801.1.0.1691725801.60.0.0
coldavathermvicour.com/	1970-01-20 13:56:52	Name: ln_or Value: eyIzNDA5ODQ0IjoiZCJ9
.coldavathermvicour.com/	1970-01-20 16:05:01	Name: _fbp Value: fb.1.1691725801648.835491602
.doubleclick.net/	1970-01-20 23:17:01	Name: IDE Value: AHWqTUmCtkSbtazPNHyoK1NyUD1PRJWeZAJfHWTFSHso_8jlZoJxzDaaM65Ou3oN
.linkedin.com/	1970-01-20 16:05:01	Name: li_sugr Value: 34c3bee6-683e-4329-8241-f065c19e1f3d
.linkedin.com/	1970-01-20 22:41:01	Name: bcookie Value: "v=2&0ce3f24b-6253-4101-8f60-42414e4d0db0"
.linkedin.com/	1970-01-20 13:56:52	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3056:u=1:x=1:i=1691725801:t=1691812201:v=2:sig=AQH_Jy7ImDm0uNrwve1oKPD6XveUvxCO"
.t.co/	1970-01-20 23:31:25	Name: muc_ads Value: 8d8a4716-bae5-47d1-8a9a-f5a64f5beba8
.linkedin.com/	1970-01-20 14:38:37	Name: UserMatchHistory Value: AQLOmXt79uwn1gAAAYnityka7WDaQ3zRoPeGAudxxefzyGKMYpDZYQd79xdc8eiE4aGEzy7v6hfjwQ
.linkedin.com/	1970-01-20 14:38:37	Name: AnalyticsSyncHistory Value: AQJLzArL0MhFLAAAAYnitykaBnxpR8Ecc2uOWVXvcnkOB4jwKEbFxiXbiUzcv_pBBmeyCMgXIJrmI5SSW-IhZw
.twitter.com/	1970-01-20 23:31:25	Name: personalization_id Value: "v1_WUHwKhJX5sAC9zT8+3sDCQ=="
.www.linkedin.com/	1970-01-20 22:41:01	Name: bscookie Value: "v=1&202308110350014785eb2f-386a-4ac6-8a9f-4e5cf6022e9aAQGCELolB2i-p4qhBchYUfRSSkNYBkQD"
.linkedin.com/	1970-01-20 18:14:37	Name: li_gc Value: MTswOzE2OTE3MjU4MDE7MjswMjEVbpHoNX8O3cIPB76AF9PNA9a/ib8x90MyRYmV1Qunlw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12389169.fls.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
cdn.linkedin.oribi.io
coldavathermvicour.com
connect.facebook.net
d1ayxb9ooonjts.cloudfront.net
d3h5jhobc20ump.cloudfront.net
dl6fh5ptkejqa.cloudfront.net
googleads.g.doubleclick.net
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
sp.bitly.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.244.42.195
104.244.42.197
13.107.42.14
146.75.120.157
2001:4860:4802:34::36
216.58.206.38
2600:9000:20eb:c200:2:53b2:240:93a1
2620:1ec:21::14
2a00:1450:4001:80b::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9d
2a02:26f0:3500:16::215:148d
2a02:26f0:480:f::213:7ece
2a02:26f0:480:f::213:7eda
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.120.78.44
50.63.179.9
52.222.206.105
52.222.206.94
65.9.7.214
00fa30707e7091008e707eed270a3e3b93ba6bf30b4899b73c0692366214e3cb
04895819a5020573235473b1b2b70c14aa7b6919a3356bfe2d3bcd29bae80186
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
10ee4f83b50510af01b23073e2986287d083d07a28f94afc5aa2f56c91d0304b
116e9475b79a43ff06290a22024fcee19ea01b94a1c2147d058c2d3bb4befa65
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
31fe8e1afce2f1487c323de595df41cd61a0a780e938fcfa219c00d0d8700a22
449ad51e04f90d09cd5d6d1df91f8b69cf888ca97c7d2318e1e30b35d2b403d4
4799dd1eb6ec13e78d648ea8ac1282e574b08c2b9c89a2749fad2d7413895dde
50554df9b481511f6583a93a75ba8503564f4800a6291431f31055c8ec365371
584c7859f5ee97ddc73d0647d6dc3de7ca98c8b154e391908bf95abd88a382c0
71f9f923e5b7d0dcf0310c7f7371520945be003101320b96221f23acd028b67e
739d05993fb4c31c049518fb52a5784df194db6fd16bc428dcc16baf679aeca3
748da16c031d26288953c306823663e995fa83b82f51c63ed1ae5b2018f16a41
7551085b282eddd5ef20aa46315c3a9e733c0d993fd51f301969bd0901aca32b
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
83c6a1e1d15f07e1e647f1c5a648b2f2dfad61f2dd9ca3dd9cf1ef381e4d1879
958a768815e4cbd2cbffe66053f975c1d9c5ce3ab1b9b2331e10823d9952d8c7
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
abbbd36503866c6a79fba920f246e204ed54baa8d328d9f1e809aad1067a80ce
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae765b03f37e883a3bc2a65c693c2ad1f264acb1a89a18c56f7e464ef8847f0e
b46f010dcef0a7bf6dd266a0d2c899a08517b282e9b899b08a4d9e33609def23
c25a4328a67e6c5b77516fc42e67fb94ecf654e7dfb1a56f599dcaf70272de57
c2a3051b111255a7bb60f2c2f880119a34b9badd3094fe5da0809e9867189be9
ce7a0e2e92f9b02f744009e39e82163283f4b6f648de2c513351b909ef7400d4
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fb0c54b7f74a30d256eecb0f25e044812a885ccb52776738b3a87416e5611f40
fb54d4664a564135a46872a97a5e04b51a8d8900166da23826b771c432650b0a

coldavathermvicour.com Open in urlscan Pro 50.63.179.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

62 %IPv6

18 Domains

28 Subdomains

25 IPs

3 Countries

905 kBTransfer

2113 kBSize

19 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

coldavathermvicour.com Open in urlscan Pro
50.63.179.9 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

62 %
IPv6

18
Domains

28
Subdomains

25
IPs

3
Countries

905 kB
Transfer

2113 kB
Size

19
Cookies

47 HTTP transactions
0 data transactions