coldavathermvicour.com Open in urlscan Pro
50.63.179.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Submission: On August 10 via api (August 10th 2023, 12:04:02 pm UTC) from JP — Scanned from JP

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 18 domains to perform 48 HTTP transactions. The main IP is 50.63.179.9, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is coldavathermvicour.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 15th 2023. Valid for: 3 months.

This is the only time coldavathermvicour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	50.63.179.9 50.63.179.9	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1	18.65.214.97 18.65.214.97	16509 (AMAZON-02) (AMAZON-02)
7	2600:140b:1a0... 2600:140b:1a00:14::17dc:548b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2404:6800:400... 2404:6800:4004:826::2008	15169 (GOOGLE) (GOOGLE)
3	18.172.50.132 18.172.50.132	() ()
3	18.65.199.133 18.65.199.133	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:81d::200a	15169 (GOOGLE) (GOOGLE)
2	34.120.78.44 34.120.78.44	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2600:140b:1a0... 2600:140b:1a00:14::17dc:5499	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.228.157 151.101.228.157	54113 (FASTLY) (FASTLY)
1	2600:9000:26a... 2600:9000:26a6:1a00:2:53b2:240:93a1	() ()
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:140b:1a0... 2600:140b:1a00:14::17dc:5494	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2 4	172.217.31.166 172.217.31.166	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c15::9b	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:813::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:828::2004	15169 (GOOGLE) (GOOGLE)
48	25

1 50.63.179.9 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 9.179.63.50.host.secureserver.net

coldavathermvicour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.214.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-214-97.nrt57.r.cloudfront.net

d3h5jhobc20ump.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:140b:1a00:14::17dc:548b (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:826::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.172.50.132 (United States)

ASN- ()
PTR: server-18-172-50-132.nrt20.r.cloudfront.net

dl6fh5ptkejqa.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.199.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-199-133.nrt57.r.cloudfront.net

d1ayxb9ooonjts.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81d::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.78.44 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 44.78.120.34.bc.googleusercontent.com

sp.bitly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1a00:14::17dc:5499 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.228.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a6:1a00:2:53b2:240:93a1 (United States)

ASN- ()

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1a00:14::17dc:5494 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.31.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s22-in-f6.1e100.net

12389169.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c15::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:813::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:828::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 541 p.typekit.net — Cisco Umbrella Rank: 664	127 KB
7	cloudfront.net d3h5jhobc20ump.cloudfront.net dl6fh5ptkejqa.cloudfront.net d1ayxb9ooonjts.cloudfront.net	224 KB
6	doubleclick.net 2 redirects 12389169.fls.doubleclick.net — Cisco Umbrella Rank: 227576 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	4 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 180 adservice.google.com — Cisco Umbrella Rank: 116 www.google.com — Cisco Umbrella Rank: 3	2 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 368 www.linkedin.com — Cisco Umbrella Rank: 543 px4.ads.linkedin.com — Cisco Umbrella Rank: 5984	5 KB
4	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 21955 adservice.google.co.jp — Cisco Umbrella Rank: 98171	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	314 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	156 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
2	bitly.com sp.bitly.com — Cisco Umbrella Rank: 106661	19 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 710	395 B
1	t.co t.co — Cisco Umbrella Rank: 536	377 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 890	399 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 754	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 819	5 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 392	31 KB
1	coldavathermvicour.com coldavathermvicour.com	3 KB
48	18

	Domain	Requested by
7	use.typekit.net	coldavathermvicour.com
4	12389169.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	coldavathermvicour.com www.googletagmanager.com
3	px.ads.linkedin.com	3 redirects
3	d1ayxb9ooonjts.cloudfront.net	coldavathermvicour.com d3h5jhobc20ump.cloudfront.net
3	dl6fh5ptkejqa.cloudfront.net	coldavathermvicour.com
2	adservice.google.co.jp	adservice.google.com
2	adservice.google.com	12389169.fls.doubleclick.net
2	www.google.co.jp	coldavathermvicour.com
2	analytics.google.com	www.googletagmanager.com
2	www.facebook.com	coldavathermvicour.com
2	connect.facebook.net	coldavathermvicour.com connect.facebook.net
2	www.google-analytics.com	coldavathermvicour.com www.google-analytics.com
2	sp.bitly.com	dl6fh5ptkejqa.cloudfront.net
1	www.google.com	coldavathermvicour.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.twitter.com	coldavathermvicour.com
1	t.co	coldavathermvicour.com
1	p.typekit.net	coldavathermvicour.com
1	px4.ads.linkedin.com	coldavathermvicour.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	static.ads-twitter.com	coldavathermvicour.com
1	snap.licdn.com	coldavathermvicour.com
1	ajax.googleapis.com	coldavathermvicour.com
1	d3h5jhobc20ump.cloudfront.net	coldavathermvicour.com
1	coldavathermvicour.com
48	28

This site contains no links.

Subject Issuer	Validity	Valid
www.coldavathermvicour.com cPanel, Inc. Certification Authority	`2023-07-15` - `2023-10-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.bitly.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-27` - `2024-04-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-19` - `2023-08-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-12-25` - `2023-12-25`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-25` - `2023-12-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Frame ID: 5272162C43F3EA60429B03030491601D
Requests: 41 HTTP requests in this frame

Frame: https://12389169.fls.doubleclick.net/activityi;dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F
Frame ID: 4C8F735C991DDB30C9738502E63D8CAD
Requests: 1 HTTP requests in this frame

Frame: https://12389169.fls.doubleclick.net/activityi;dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F
Frame ID: 01DF01C1A6988DD81EEB8153F82C5EC3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F
Frame ID: 333810984342E9652AB6F2B415C4C484
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F
Frame ID: 12E0ADC170A3AE883DE8C65C61E8B23F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.co.jp/ddm/fls/i/dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F
Frame ID: B45A25F7A76D5065F8D1945FEC53EE34
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.co.jp/ddm/fls/i/dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F
Frame ID: 6EF92FE4417A0324C809CA6D0BB709E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The power of the link.

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

98 %
HTTPS

62 %
IPv6

18
Domains

28
Subdomains

25
IPs

4
Countries

905 kB
Transfer

2113 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3409844%26time%3D1691669036551%26url%3Dhttps%253A%252F%252Fcoldavathermvicour.com%252F29e3187faa6ac4c060988ea4872ab140%252Fcertified%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&cookiesTest=true&liSync=true&e_ipv6=AQIitx51FeCr_QAAAYnfVP-auI_MvVuD3rExXNbbyLMN9AmlNb6qwdRTuiVV4Flum165Kw

Request Chain 31

https://12389169.fls.doubleclick.net/activityi;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F HTTP 302
https://12389169.fls.doubleclick.net/activityi;dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F

Request Chain 34

https://12389169.fls.doubleclick.net/activityi;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F HTTP 302
https://12389169.fls.doubleclick.net/activityi;dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/ 9 KB
3 KB 461ms
142ms Document
text/html 50.63.179.9
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.63.179.9 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 9.179.63.50.host.secureserver.net
Software: Apache / PHP/7.4.33
Resource Hash: 778537a9fa5ac10b1720902c827d2ce87560c2beba9b60dae061170f20aeec2e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: br
content-length: 3153
content-type: text/html; charset=UTF-8
date: Thu, 10 Aug 2023 12:03:56 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 0ac9d15122a8f6eb11fc74e009bacbec.css
d3h5jhobc20ump.cloudfront.net/ 42 KB
28 KB 66ms
5ms Stylesheet
text/css 18.65.214.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3h5jhobc20ump.cloudfront.net/0ac9d15122a8f6eb11fc74e009bacbec.css
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-214-97.nrt57.r.cloudfront.net
Software: nginx /
Resource Hash: ae765b03f37e883a3bc2a65c693c2ad1f264acb1a89a18c56f7e464ef8847f0e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 01:59:31 GMT
content-encoding: gzip
via: 1.1 f9832575e3821f4db473b935967c7aaa.cloudfront.net (CloudFront)
last-modified: Fri, 28 Apr 2023 14:34:34 GMT
server: nginx
x-amz-cf-pop: NRT57-P4
age: 36265
etag: W/"bf636c31ca56084cb394191e76c05f20"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=315360000
x-amz-cf-id: ldHfI5afMBrj753YCtWP7_RcndALNBcKPy5tDGX38VixNR0hziDSPg==
expires: Mon, 25 Apr 2033 14:34:33 GMT

GET
H2 200 mys2uzu.js Show response
use.typekit.net/ 18 KB
7 KB 64ms
9ms Script
text/javascript 2600:140b:1a00:14::17dc:548b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/mys2uzu.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1a00:14::17dc:548b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fb54d4664a564135a46872a97a5e04b51a8d8900166da23826b771c432650b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 10 Aug 2023 12:03:56 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6744

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 169 KB
62 KB 86ms
43ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12389169

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebb3f76c8902707ff7d91f2bf1110328f71e45d5941f2cb1851b821eb5ecb993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 63842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 12:03:56 GMT

GET
H2 200 2b21cdf7bb0327252f60662d1fdfbc32.svg
dl6fh5ptkejqa.cloudfront.net/ 522 B
905 B 3ms
2ms Image
image/svg+xml 18.172.50.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl6fh5ptkejqa.cloudfront.net/2b21cdf7bb0327252f60662d1fdfbc32.svg
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.50.132 , United States, ASN (),
Reverse DNS: server-18-172-50-132.nrt20.r.cloudfront.net
Software: nginx /
Resource Hash: 10ee4f83b50510af01b23073e2986287d083d07a28f94afc5aa2f56c91d0304b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 00:58:21 GMT
via: 1.1 9d4ec6013bd4b3f7d0e3b64456e71412.cloudfront.net (CloudFront)
last-modified: Fri, 30 Aug 2019 16:24:32 GMT
server: nginx
x-amz-cf-pop: NRT20-P2
age: 3063935
etag: "140772d577519d4737ce475f66b4dfc9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 522
x-amz-cf-id: dkRIJFITOLV_MYGo2P7_d3PiKyF2kIglDMap2LSOmlMPrX1h9EgwRQ==
expires: Mon, 27 Aug 2029 16:24:31 GMT

GET
H2 200 518ec586a1814c0216f44b4844b86f5e.svg
d1ayxb9ooonjts.cloudfront.net/ 509 B
891 B 48ms
2ms Image
image/svg+xml 18.65.199.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ayxb9ooonjts.cloudfront.net/518ec586a1814c0216f44b4844b86f5e.svg
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.199.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-199-133.nrt57.r.cloudfront.net
Software: nginx /
Resource Hash: 50554df9b481511f6583a93a75ba8503564f4800a6291431f31055c8ec365371

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 03:20:12 GMT
via: 1.1 6bf7139ab1260e393b31dd78c4c70c42.cloudfront.net (CloudFront)
last-modified: Fri, 30 Aug 2019 16:24:31 GMT
server: nginx
x-amz-cf-pop: NRT57-P3
age: 17138624
etag: "a16b3edeb71936cc23a430da41c8ce84"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 509
x-amz-cf-id: Px6RdQp99DHHDudD7LpN3hJzWvp2ijbZfGffpNEfdH6TM2ND_-rzGw==
expires: Mon, 27 Aug 2029 16:24:30 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 46ms
3ms Script
text/javascript 2404:6800:4004:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 15:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Aug 2024 15:01:20 GMT

GET
H2 200 0b259cffe5ac15bfe1b9d94c1beb06e9.js Show response
dl6fh5ptkejqa.cloudfront.net/ 71 KB
71 KB 21ms
4ms Script
application/javascript 18.172.50.132

General

Check archive.org

Show headers Download Go to

Full URL: https://dl6fh5ptkejqa.cloudfront.net/0b259cffe5ac15bfe1b9d94c1beb06e9.js
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.50.132 , United States, ASN (),
Reverse DNS: server-18-172-50-132.nrt20.r.cloudfront.net
Software: nginx /
Resource Hash: 584c7859f5ee97ddc73d0647d6dc3de7ca98c8b154e391908bf95abd88a382c0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 01:59:31 GMT
via: 1.1 9d4ec6013bd4b3f7d0e3b64456e71412.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 15:17:34 GMT
server: nginx
x-amz-cf-pop: NRT20-P2
age: 36265
etag: "4af9bc69054c987593a4ee69d65da26a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 72193
x-amz-cf-id: Wgs_0uJ8NLx7nkZ4SVT2503JZLHVIP8xGuaYdCwwonuf9yMOjs-w5w==
expires: Fri, 21 Jan 2033 15:17:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 83ms
40ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8a1fe3aadad680373ee07232cb19f89611127c82530e81e5cab718d6e6f364b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 12:03:56 GMT

GET
H2 200 b1eaafb48b055f33a360d6e77586bc0f.js Show response
dl6fh5ptkejqa.cloudfront.net/ 40 KB
41 KB 6ms
5ms Script
application/javascript 18.172.50.132

General

Check archive.org

Show headers Download Go to

Full URL: https://dl6fh5ptkejqa.cloudfront.net/b1eaafb48b055f33a360d6e77586bc0f.js
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.50.132 , United States, ASN (),
Reverse DNS: server-18-172-50-132.nrt20.r.cloudfront.net
Software: nginx /
Resource Hash: 83c6a1e1d15f07e1e647f1c5a648b2f2dfad61f2dd9ca3dd9cf1ef381e4d1879

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 00:58:21 GMT
via: 1.1 9d4ec6013bd4b3f7d0e3b64456e71412.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 13:45:40 GMT
server: nginx
x-amz-cf-pop: NRT20-P2
age: 3063935
etag: "a8630206831ed8119fd8b402a3d51bd0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 41239
x-amz-cf-id: vM2ywsPZiC6cmBdNsuQkAg4koDCjXYKZTuz2ifRzpiGSIdJ_MHytUw==

GET
H2 200 03885108b01f0b92601b9be97af3aa9a.otf
d1ayxb9ooonjts.cloudfront.net/ 61 KB
41 KB 49ms
5ms Font
font/opentype 18.65.199.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/03885108b01f0b92601b9be97af3aa9a.otf
Requested by: Host: d3h5jhobc20ump.cloudfront.net
URL: https://d3h5jhobc20ump.cloudfront.net/0ac9d15122a8f6eb11fc74e009bacbec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.199.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-199-133.nrt57.r.cloudfront.net
Software: nginx /
Resource Hash: 2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9

Request headers

Referer: https://d3h5jhobc20ump.cloudfront.net/
Origin: https://coldavathermvicour.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 20:31:41 GMT
content-encoding: gzip
via: 1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2015 20:49:14 GMT
server: nginx
x-amz-cf-pop: NRT57-P3
age: 19150335
etag: W/"bf9f5d50c1b928ff21436517a1a95ad9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/opentype
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-id: tMQi9CSArMWnBbqPQdX7OJ7f_J4lwh4X4YIAYzYrtE7LnhGxM3FJlw==
expires: Sun, 20 Apr 2025 20:49:13 GMT

GET
H2 200 3e574ee721bb592fd3e6aab4a3780dbc.otf
d1ayxb9ooonjts.cloudfront.net/ 62 KB
41 KB 50ms
7ms Font
font/opentype 18.65.199.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ayxb9ooonjts.cloudfront.net/3e574ee721bb592fd3e6aab4a3780dbc.otf
Requested by: Host: d3h5jhobc20ump.cloudfront.net
URL: https://d3h5jhobc20ump.cloudfront.net/0ac9d15122a8f6eb11fc74e009bacbec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.199.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-199-133.nrt57.r.cloudfront.net
Software: nginx /
Resource Hash: 9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb

Request headers

Referer: https://d3h5jhobc20ump.cloudfront.net/
Origin: https://coldavathermvicour.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:40:06 GMT
content-encoding: gzip
via: 1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2015 20:49:14 GMT
server: nginx
x-amz-cf-pop: NRT57-P3
age: 18271430
etag: W/"f14eee643541cf03a10f26c944cc29f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/opentype
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-amz-cf-id: KbkcNOyYXKSj9Qg4JICzSwO8Ln-V71xM3wuQ4ZtlIem9jSyhWjs_hw==
expires: Sun, 20 Apr 2025 20:49:13 GMT

OPTIONS
H2 200 tp2
sp.bitly.com/com.snowplowanalytics.snowplow/ Frame 0
0 158ms
149ms Preflight 34.120.78.44
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.bitly.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.78.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 44.78.120.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://coldavathermvicour.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://coldavathermvicour.com
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 10 Aug 2023 12:03:55 GMT
server: akka-http
via: 1.1 google

POST
H3 200 tp2 Show response
sp.bitly.com/com.snowplowanalytics.snowplow/ 2 B
19 B 154ms
149ms XHR
text/plain 34.120.78.44
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.bitly.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: dl6fh5ptkejqa.cloudfront.net
URL: https://dl6fh5ptkejqa.cloudfront.net/b1eaafb48b055f33a360d6e77586bc0f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.78.44 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 44.78.120.34.bc.googleusercontent.com
Software: akka-http /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://coldavathermvicour.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
via: 1.1 google
server: akka-http
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://coldavathermvicour.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 42ms
3ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 11:30:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1992
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 10 Aug 2023 13:30:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 17ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Aug 2023 12:03:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: KHTMiSjng4x0gBsSjZsw4idSb8cXPnZ4J0SCSrHbx/aBczWpodSuKyPYaKHcx4U8NP7ce6VwN1i1WffHkxKvtw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 22ms
2ms Script
application/x-javascript 2600:140b:1a00:14::17dc:5499
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1a00:14::17dc:5499 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=85691
accept-ranges: bytes
content-length: 4862

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 55ms
17ms Script
application/javascript 151.101.228.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.228.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:30:18 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200123-IAD, cache-hnd18750-HND

GET
H2 200 l
use.typekit.net/af/0e8ca9/0000000000000000000148a6/21/ 17 KB
17 KB 12ms
7ms Font
application/font-woff2 2600:140b:1a00:14::17dc:548b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0e8ca9/0000000000000000000148a6/21/l?subset_id=2&fvd=n6&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:14::17dc:548b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 31fe8e1afce2f1487c323de595df41cd61a0a780e938fcfa219c00d0d8700a22

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
server: nginx
etag: "fa69ba7a0541237d29d5d63ab89ddf5c0ddcc122"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17180

GET
H2 200 l
use.typekit.net/af/651407/0000000000000000000148a4/21/ 17 KB
17 KB 24ms
19ms Font
application/font-woff2 2600:140b:1a00:14::17dc:548b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/651407/0000000000000000000148a4/21/l?subset_id=2&fvd=n4&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:14::17dc:548b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c2a3051b111255a7bb60f2c2f880119a34b9badd3094fe5da0809e9867189be9

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
server: nginx
etag: "1e687793ce64d9cbb865b34e0184a5d7d0d615aa"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17144

GET
H2 200 l
use.typekit.net/af/04aaaa/0000000000000000000148a2/21/ 17 KB
17 KB 14ms
10ms Font
application/font-woff2 2600:140b:1a00:14::17dc:548b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/04aaaa/0000000000000000000148a2/21/l?subset_id=2&fvd=n3&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:14::17dc:548b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 739d05993fb4c31c049518fb52a5784df194db6fd16bc428dcc16baf679aeca3

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
server: nginx
etag: "84a5a8f3c03b24dbec4386ecc1405d47828de8e4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17524

GET
H2 200 l
use.typekit.net/af/c6d995/0000000000000000000132df/21/ 22 KB
22 KB 33ms
28ms Font
application/font-woff2 2600:140b:1a00:14::17dc:548b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c6d995/0000000000000000000132df/21/l?subset_id=2&fvd=n4&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:14::17dc:548b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ce7a0e2e92f9b02f744009e39e82163283f4b6f648de2c513351b909ef7400d4

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
server: nginx
etag: "55559d7f4efc3f7fb33e7b9699ee2047fb65f3de"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22436

GET
H2 200 l
use.typekit.net/af/a5fac4/0000000000000000000132e3/21/ 23 KB
23 KB 41ms
37ms Font
application/font-woff2 2600:140b:1a00:14::17dc:548b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a5fac4/0000000000000000000132e3/21/l?subset_id=2&fvd=n7&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:14::17dc:548b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 449ad51e04f90d09cd5d6d1df91f8b69cf888ca97c7d2318e1e30b35d2b403d4

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
server: nginx
etag: "672c8850fd84c3f8278b634e73850f7f7b605f9a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23268

GET
H2 200 l
use.typekit.net/af/ed8887/0000000000000000000132e1/21/ 24 KB
24 KB 15ms
10ms Font
application/font-woff2 2600:140b:1a00:14::17dc:548b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ed8887/0000000000000000000132e1/21/l?subset_id=2&fvd=n5&v=3
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:14::17dc:548b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b46f010dcef0a7bf6dd266a0d2c899a08517b282e9b899b08a4d9e33609def23

Request headers

Referer: https://coldavathermvicour.com/
Origin: https://coldavathermvicour.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
server: nginx
etag: "816b6b90e41be7dcaac2711c46c41dfaf0935c86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24388

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3409844/domain/coldavathermvicour.com/ 36 B
399 B 40ms
12ms XHR
application/json 2600:9000:26a6:1a00:2:53b2:240:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3409844/domain/coldavathermvicour.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a6:1a00:2:53b2:240:93a1 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://coldavathermvicour.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 11:33:23 GMT
content-encoding: gzip
via: 1.1 187c00aa0bd9b6b4702d3ceb94c6952c.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-P1
age: 1833
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-amz-cf-id: OaFtCeiWfn8PenbIxK9koW3bcFXa5PuJ0c0xygjtAWenciU5YzE89Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3409844%26time%3D1691669036551%26url%3Dhttps%253A%252F%252Fcoldavathermvicour.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&cookiesTest=true&liSync=tru...

0
487 B

135ms
103ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&cookiesTest=true&liSync=true&e_ipv6=AQIitx51FeCr_QAAAYnfVP-auI_MvVuD3rExXNbbyLMN9AmlNb6qwdRTuiVV4Flum165Kw
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 12187C2B826B4087AB72B5DAF6479BC4 Ref B: TYAEDGE1119 Ref C: 2023-08-10T12:03:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCkGQIcsgaj2H5z6fO0g==

Redirect headers

date: Thu, 10 Aug 2023 12:03:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 48021C0A9E7C4A1FA9C047D8DBC65719 Ref B: TYO01EDGE2010 Ref C: 2023-08-10T12:03:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3409844&time=1691669036551&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&cookiesTest=true&liSync=true&e_ipv6=AQIitx51FeCr_QAAAYnfVP-auI_MvVuD3rExXNbbyLMN9AmlNb6qwdRTuiVV4Flum165Kw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCkGQGWKBNuiCQ0m9DoQ==

GET
H2 200 575684804151769 Show response
connect.facebook.net/signals/config/ 382 KB
109 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/575684804151769?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

748da16c031d26288953c306823663e995fa83b82f51c63ed1ae5b2018f16a41

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Aug 2023 12:03:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111417
x-xss-protection: 0
pragma: public
x-fb-debug: qDphGgb/zxgre3T6nBHK2Xy5PlvpbFZNcaI4xNewVU4Wiyb+pSOOamOZ118xDCOUJrIrOP8fO1E1QzhEkXrGYg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
218 B 49ms
2ms Image
image/gif 2600:140b:1a00:14::17dc:5494
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=mys2uzu&ht=tk&h=coldavathermvicour.com&f=173.175.5474.10294.10296.10302&a=549976&js=1.21.0&app=typekit&e=js&_=1691669036571
Requested by: Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:14::17dc:5494 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 10 Aug 2023 12:03:56 GMT
last-modified: Sat, 09 Oct 2021 02:10:38 GMT
server: nginx
etag: "6160fa1e-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 39ms
38ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1099402090&t=pageview&_s=1&dl=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&ul=en-us&de=UTF-8&dt=The%20power%20of%20the%20link.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=519859838&gjid=113057204&cid=80159069.1691669037&tid=UA-25224921-3&_gid=1881651150.1691669037&_r=1&_slc=1&cd2=user&z=242854132

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coldavathermvicour.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 12:03:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coldavathermvicour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 15ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=575684804151769&ev=PageView&dl=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&rl=&if=false&ts=1691669036591&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691669036590.1172499462&cs_est=true&it=1691669036562&coo=false&exp=a1&rqm=GET

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Aug 2023 12:03:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 adsct
t.co/i/ 43 B
377 B 111ms
98ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d4e005c5-b538-4e48-b1f0-75f44768c8ad&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=152980c4-a8c4-4942-a308-b92c98a8fb67&tw_document_href=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2pdk&type=javascript&version=2.3.29

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 96
date: Thu, 10 Aug 2023 12:03:56 GMT
strict-transport-security: max-age=0
server: tsa_m
content-type: image/gif;charset=utf-8
x-transaction-id: ee2a878c0641ccd3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8c84724e21f66ead9f8274834e8897b692ec6e091b24a543a2cb55d2f8733d76
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 183ms
167ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d4e005c5-b538-4e48-b1f0-75f44768c8ad&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=152980c4-a8c4-4942-a308-b92c98a8fb67&tw_document_href=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2pdk&type=javascript&version=2.3.29

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 164
date: Thu, 10 Aug 2023 12:03:55 GMT
strict-transport-security: max-age=631138519
server: tsa_m
content-type: image/gif;charset=utf-8
x-transaction-id: f18d8b807805c58d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: bb912d0e21a532256e853c0c70b76fc39ba08f9f44770285bc80078286109f0b
content-length: 43

GET
H2

200

activityi;dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua... Show response
12389169.fls.doubleclick.net/ Frame 4C8F
Redirect Chain

https://12389169.fls.doubleclick.net/activityi;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
https://12389169.fls.doubleclick.net/activityi;dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890...

612 B
525 B

43ms
43ms

Document
text/html

172.217.31.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12389169.fls.doubleclick.net/activityi;dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12389169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.31.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f6.1e100.net

Software

cafe /

Resource Hash

d618e7c5585a2a24e4e741958ed7b4672c71740c49582c1f759563b13d7fd3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coldavathermvicour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 12:03:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 12:03:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12389169.fls.doubleclick.net/activityi;dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 52ms
51ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12389169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ea4a8c6ad6c08fd76fe0f6c76ed705e489e1bace5cc1f89cbecdebedee121ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 12:03:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 47ms
46ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-768371374&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12389169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c663d3fffd036f6b52a90b1085e159edc6e37ba62f2f8223d89f79a4c24eb0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 12:03:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 10 Aug 2023 12:03:56 GMT

GET
H2

200

activityi;dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv... Show response
12389169.fls.doubleclick.net/ Frame 01DF
Redirect Chain

https://12389169.fls.doubleclick.net/activityi;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
https://12389169.fls.doubleclick.net/activityi;dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;ua...

599 B
515 B

45ms
44ms

Document
text/html

172.217.31.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12389169.fls.doubleclick.net/activityi;dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12389169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.31.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f6.1e100.net

Software

cafe /

Resource Hash

eef3b215b08d1f90131ebee71f3e10566d735c02a8f041b61a6ddfd3932693f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coldavathermvicour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 12:03:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 12:03:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12389169.fls.doubleclick.net/activityi;dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
250 B 120ms
40ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-567GCTL9BB&gtm=45je3890&_p=1099402090&_gaz=1&cid=80159069.1691669037&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691669036&sct=1&seg=0&dl=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&dt=The%20power%20of%20the%20link.&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 12:03:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coldavathermvicour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 140ms
35ms Ping
text/plain 2404:6800:4008:c15::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-567GCTL9BB&cid=80159069.1691669037&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c15::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 12:03:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coldavathermvicour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 92ms
43ms Image
image/gif 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-567GCTL9BB&cid=80159069.1691669037&gtm=45je3890&aip=1&z=712404461

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 12:03:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/768371374/ 3 KB
2 KB 93ms
53ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/768371374/?random=1691669036722&cv=11&fst=1691669036722&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&hn=www.googleadservices.com&frm=0&tiba=The%20power%20of%20the%20link.&auid=1444690488.1691669037&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-768371374&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd07ea8546c60a29cbb7a489a69f4a92cad7a886433687a63847646105c782f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 12:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref... Show response
adservice.google.com/ddm/fls/i/ Frame 3338 601 B
715 B 119ms
41ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F

Requested by

Host: 12389169.fls.doubleclick.net
URL: https://12389169.fls.doubleclick.net/activityi;dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4952d7cfa5422926ef72e7b7631bbef6b3b3a6885a59a794e39b513d8a34cb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12389169.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 340
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 12:03:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;... Show response
adservice.google.com/ddm/fls/i/ Frame 12E0 614 B
426 B 118ms
42ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F

Requested by

Host: 12389169.fls.doubleclick.net
URL: https://12389169.fls.doubleclick.net/activityi;dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f68e9c78ee68a576526fad4b8a5068b71b6e4e298b20db5e644f8125bf2720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12389169.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 12:03:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/768371374/ 42 B
455 B 111ms
45ms Image
image/gif 2404:6800:4004:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/768371374/?random=1691669036722&cv=11&fst=1691668800000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&frm=0&tiba=The%20power%20of%20the%20link.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=690760466&rmt_tld=0&ipr=y

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 12:03:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/768371374/ 42 B
154 B 41ms
40ms Image
image/gif 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/768371374/?random=1691669036722&cv=11&fst=1691668800000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&frm=0&tiba=The%20power%20of%20the%20link.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=690760466&rmt_tld=1&ipr=y

Requested by

Host: coldavathermvicour.com
URL: https://coldavathermvicour.com/29e3187faa6ac4c060988ea4872ab140/certified/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 12:03:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref... Show response
adservice.google.co.jp/ddm/fls/i/ Frame B45A 194 B
173 B 88ms
42ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/ddm/fls/i/dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPnhi6CG0oADFUwHewcdMj0Btg;src=12389169;type=conve0;cat=signu0;ord=6699500510557;auiddc=1444690488.1691669037;u1=free;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 12:03:57 GMT
expires: Thu, 10 Aug 2023 12:03:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;... Show response
adservice.google.co.jp/ddm/fls/i/ Frame 6EF9 194 B
303 B 78ms
40ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/ddm/fls/i/dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI3xi6CG0oADFY3LTAIdlUcOKw;src=12389169;type=conve0;cat=signu0;ord=1330349682510;auiddc=1444690488.1691669037;u1=%5BPlan%20Tier%5D;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 12:03:56 GMT
expires: Thu, 10 Aug 2023 12:03:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 4ms
2ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=575684804151769&ev=Microdata&dl=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&rl=&if=false&ts=1691669038097&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20The%20power%20of%20the%20link.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691669036590.1172499462&it=1691669036562&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Aug 2023 12:03:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 39ms
39ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-567GCTL9BB&gtm=45je3890&_p=1099402090&cid=80159069.1691669037&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1691669036&sct=1&seg=0&dl=https%3A%2F%2Fcoldavathermvicour.com%2F29e3187faa6ac4c060988ea4872ab140%2Fcertified%2F&dt=The%20power%20of%20the%20link.&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-567GCTL9BB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coldavathermvicour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 12:04:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coldavathermvicour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coldavathermvicour.com/	1970-01-20 13:54:30	Name: _sp_ses.b627 Value: *
.coldavathermvicour.com/	1970-01-20 23:30:29	Name: _sp_id.b627 Value: 2966a095-02dd-4b30-81da-73e91c7d3fa8.1691669037.1.1691669037..44fb58dd-0243-4974-9558-6bf53ed7a464..f2ce2081-b634-4cd0-89d4-d28345a45f1a.1691669036501.1
.coldavathermvicour.com/	1970-01-20 13:55:55	Name: _gid Value: GA1.2.1881651150.1691669037
.coldavathermvicour.com/	1970-01-20 13:54:29	Name: _gat Value: 1
.coldavathermvicour.com/	1970-01-20 16:04:05	Name: _fbp Value: fb.1.1691669036590.1172499462
coldavathermvicour.com/	1970-01-20 13:55:55	Name: ln_or Value: eyIzNDA5ODQ0IjoiZCJ9
.coldavathermvicour.com/	1970-01-20 16:04:05	Name: _gcl_au Value: 1.1.1444690488.1691669037
.coldavathermvicour.com/	1970-01-20 23:30:29	Name: _ga Value: GA1.1.80159069.1691669037
.coldavathermvicour.com/	1970-01-20 23:30:29	Name: _ga_567GCTL9BB Value: GS1.1.1691669036.1.0.1691669036.60.0.0
.linkedin.com/	1970-01-20 16:04:05	Name: li_sugr Value: ea361529-170e-4974-a0b3-961aa3a38585
.linkedin.com/	1970-01-20 22:40:05	Name: bcookie Value: "v=2&4d9202a1-fa83-44c1-875b-5fbe443cabdc"
.linkedin.com/	1970-01-20 13:55:55	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2978:u=1:x=1:i=1691669036:t=1691755436:v=2:sig=AQETAmzmxnXUaB9nnWehTAzvTsDyqyGo"
.t.co/	1970-01-20 23:30:29	Name: muc_ads Value: e4eef4b7-7ad8-45dd-a8b6-72762ccf63e1
.linkedin.com/	1970-01-20 14:37:41	Name: UserMatchHistory Value: AQKLLTNmGgsXdAAAAYnfVP67uLQ4t3-FCPK4edOyYTDBPsZIIOombhP1RYmHaybkjWVUrB93QOpcUQ
.linkedin.com/	1970-01-20 14:37:41	Name: AnalyticsSyncHistory Value: AQKyBkRLCXPOrQAAAYnfVP67Qoz3MiKdHtWRuX_OgS2sSUEViCoSuNcke_h3tTEUOll8Ol5la0NSVKmKWueJfw
.twitter.com/	1970-01-20 23:30:29	Name: personalization_id Value: "v1_2RhtNAzWgxJlj8Yp8pjkJA=="
.doubleclick.net/	1970-01-20 13:54:29	Name: test_cookie Value: CheckForPermission
.www.linkedin.com/	1970-01-20 22:40:05	Name: bscookie Value: "v=1&2023081012035614a73e98-0d20-4713-8929-b35ff6366bebAQH5Kjj2RxYuZdic2-OS1yCFseIQjjyk"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12389169.fls.doubleclick.net
adservice.google.co.jp
adservice.google.com
ajax.googleapis.com
analytics.google.com
analytics.twitter.com
cdn.linkedin.oribi.io
coldavathermvicour.com
connect.facebook.net
d1ayxb9ooonjts.cloudfront.net
d3h5jhobc20ump.cloudfront.net
dl6fh5ptkejqa.cloudfront.net
googleads.g.doubleclick.net
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
sp.bitly.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.linkedin.com
104.244.42.197
104.244.42.3
13.107.42.14
151.101.228.157
172.217.31.166
18.172.50.132
18.65.199.133
18.65.214.97
2001:4860:4802:34::181
2001:4860:4802:38::178
2404:6800:4004:813::2003
2404:6800:4004:81d::200a
2404:6800:4004:824::2002
2404:6800:4004:826::2002
2404:6800:4004:826::2008
2404:6800:4004:828::2004
2404:6800:4008:c15::9b
2600:140b:1a00:14::17dc:548b
2600:140b:1a00:14::17dc:5494
2600:140b:1a00:14::17dc:5499
2600:9000:26a6:1a00:2:53b2:240:93a1
2620:1ec:21::14
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
34.120.78.44
50.63.179.9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
10ee4f83b50510af01b23073e2986287d083d07a28f94afc5aa2f56c91d0304b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
31fe8e1afce2f1487c323de595df41cd61a0a780e938fcfa219c00d0d8700a22
449ad51e04f90d09cd5d6d1df91f8b69cf888ca97c7d2318e1e30b35d2b403d4
4952d7cfa5422926ef72e7b7631bbef6b3b3a6885a59a794e39b513d8a34cb8e
4ea4a8c6ad6c08fd76fe0f6c76ed705e489e1bace5cc1f89cbecdebedee121ea
50554df9b481511f6583a93a75ba8503564f4800a6291431f31055c8ec365371
584c7859f5ee97ddc73d0647d6dc3de7ca98c8b154e391908bf95abd88a382c0
739d05993fb4c31c049518fb52a5784df194db6fd16bc428dcc16baf679aeca3
748da16c031d26288953c306823663e995fa83b82f51c63ed1ae5b2018f16a41
778537a9fa5ac10b1720902c827d2ce87560c2beba9b60dae061170f20aeec2e
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
83c6a1e1d15f07e1e647f1c5a648b2f2dfad61f2dd9ca3dd9cf1ef381e4d1879
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae765b03f37e883a3bc2a65c693c2ad1f264acb1a89a18c56f7e464ef8847f0e
b46f010dcef0a7bf6dd266a0d2c899a08517b282e9b899b08a4d9e33609def23
c1f68e9c78ee68a576526fad4b8a5068b71b6e4e298b20db5e644f8125bf2720
c2a3051b111255a7bb60f2c2f880119a34b9badd3094fe5da0809e9867189be9
c663d3fffd036f6b52a90b1085e159edc6e37ba62f2f8223d89f79a4c24eb0dd
c8a1fe3aadad680373ee07232cb19f89611127c82530e81e5cab718d6e6f364b
cd07ea8546c60a29cbb7a489a69f4a92cad7a886433687a63847646105c782f9
ce7a0e2e92f9b02f744009e39e82163283f4b6f648de2c513351b909ef7400d4
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d618e7c5585a2a24e4e741958ed7b4672c71740c49582c1f759563b13d7fd3e8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb3f76c8902707ff7d91f2bf1110328f71e45d5941f2cb1851b821eb5ecb993
eef3b215b08d1f90131ebee71f3e10566d735c02a8f041b61a6ddfd3932693f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fb54d4664a564135a46872a97a5e04b51a8d8900166da23826b771c432650b0a

coldavathermvicour.com Open in urlscan Pro 50.63.179.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

62 %IPv6

18 Domains

28 Subdomains

25 IPs

4 Countries

905 kBTransfer

2113 kBSize

18 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

coldavathermvicour.com Open in urlscan Pro
50.63.179.9 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

62 %
IPv6

18
Domains

28
Subdomains

25
IPs

4
Countries

905 kB
Transfer

2113 kB
Size

18
Cookies

48 HTTP transactions
0 data transactions