urlscan.io logo urlscan.io
SecurityTrails logo

nps.cosibella.com.de Open in urlscan Pro
2606:4700:10::ac43:2682  Public Scan

Go To Rescan Add Verdict Report
URL: https://nps.cosibella.com.de/
Submission: On March 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:10::ac43:2682, located in United States and belongs to CLOUDFLARENET, US. The main domain is nps.cosibella.com.de.
TLS certificate: Issued by GTS CA 1P5 on March 29th 2024. Valid for: 3 months.
This is the only time nps.cosibella.com.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 11 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
18 6
2    2606:4700:10::ac43:2682 (United States)

ASN13335 (CLOUDFLARENET, US)
nps.cosibella.com.de
11    2606:4700:10::6816:31fd (United States)

ASN13335 (CLOUDFLARENET, US)
static.user.com
cosibellapl.user.com
widget.user.com
media.user.com
2    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 user.com
static.user.com — Cisco Umbrella Rank: 524848
cosibellapl.user.com
widget.user.com — Cisco Umbrella Rank: 121855
media.user.com — Cisco Umbrella Rank: 166968
77 KB
2 gstatic.com
fonts.gstatic.com
91 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 com.de
nps.cosibella.com.de
cosibella.com.de Failed
6 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 813
7 KB
18 5
Domain Requested by
5 cosibellapl.user.com 1 redirects cosibellapl.user.com
nps.cosibella.com.de
3 widget.user.com nps.cosibella.com.de
cosibellapl.user.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com nps.cosibella.com.de
2 static.user.com nps.cosibella.com.de
2 nps.cosibella.com.de static.cloudflareinsights.com
1 media.user.com
1 static.cloudflareinsights.com nps.cosibella.com.de
0 cosibella.com.de Failed nps.cosibella.com.de
18 9

This site contains links to these domains. Also see Links.

Domain
cosibella.com.de
Subject Issuer Validity Valid
nps.cosibella.com.de
GTS CA 1P5		 2024-03-29 -
2024-06-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 1 frames:

Frame: https://cosibella.com.de/de/links/lp-nps-user-1608?nps=null&email=null&user_id=null&transaction_id=null&transaction_value=null
Frame ID: 86A42B07BD77DDA28F479178D6954505
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vielen Dank für Ihren Eintrag

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

89 %
HTTPS

100 %
IPv6

5
Domains

9
Subdomains

6
IPs

1
Countries

182 kB
Transfer

393 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://cosibellapl.user.com/widget.js HTTP 301
  • https://widget.user.com/widget.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nps.cosibella.com.de/ 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nps.cosibella.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434f3be47c84d05429a98614ad30bf3ee2cdb8ab2d1cad60726ed0cff5cba95e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c0af553f4e5e67-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 29 Mar 2024 14:52:38 GMT
referrer-policy
same-origin
server
cloudflare
ue-backend
tenants
ue-node
apinode36
vary
Cookie, Origin
x-content-type-options
nosniff
x-frame-options
DENY
UnlayerPublicForms.ceb5ab934199da77cd22.css
static.user.com/static/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.user.com/static/css/UnlayerPublicForms.ceb5ab934199da77cd22.css
Requested by
Host: nps.cosibella.com.de
URL: https://nps.cosibella.com.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaceb89f5c44b75e211a159aea7ecf05eb2baaee5873b4404afbd7752b26dcc9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A9PC2AFVB9Q9DADE
age
71203
cf-polished
origSize=4015
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VWXluNhctGkwBe56yOHdxRjbcLbuhY7BGG/PxRLP2KkfC+TbveLm81tvRYjzkcRAfcxGSaxOK3Ro6ICERjG+zg==
cf-bgj
minify
last-modified
Tue, 26 Mar 2024 13:18:48 GMT
server
cloudflare
etag
W/"c63ddb8d86dc0ee7afd99f261e9d27f2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=432000
cf-ray
86c0af580e3e42c3-EWR
css2
fonts.googleapis.com/ 		1 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans&display=swap
Requested by
Host: nps.cosibella.com.de
URL: https://nps.cosibella.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b096f186d91b7557ed9e427cc811517095122a29f714bcc902d22580159d2a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Mar 2024 14:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 14:52:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Mar 2024 14:52:39 GMT
css2
fonts.googleapis.com/ 		5 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: nps.cosibella.com.de
URL: https://nps.cosibella.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ae6e4decd4fb974b41b2f37fa7b19c7a1c9b80127dd45be4bc24702c7145a4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Mar 2024 14:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 14:40:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Mar 2024 14:52:39 GMT
formsMultiselect.js
static.user.com/static/landingpage/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.user.com/static/landingpage/formsMultiselect.js
Requested by
Host: nps.cosibella.com.de
URL: https://nps.cosibella.com.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769f922205cb5bad4a35a17ae4377a6c9593d87f49cd65d2679e658c3c3bdc01

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DQQ9QYYHV72X9GMT
age
21490
cf-polished
origSize=6321
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8mLJ7ULsegllgJoFi0/fIkPG0LSgYaHWp78kiH33ov63rvRQYVnp2NtSdv+aY+N0s754CN4DAoiV/UMkwwYKPA==
cf-bgj
minify
last-modified
Wed, 21 Sep 2022 06:41:23 GMT
server
cloudflare
etag
W/"893e16bbee3ee47f5254a8df2cb8eb72"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
86c0af580e3f42c3-EWR
widget.js
widget.user.com/
Redirect Chain
  • https://cosibellapl.user.com/widget.js
  • https://widget.user.com/widget.js
149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget.js
Requested by
Host: nps.cosibella.com.de
URL: https://nps.cosibella.com.de/
Protocol
H3
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c885e6fb5f0e5e48b769b2be53ad58f33c09f0861179872907f13f975eb6991c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Aug 2023 06:03:33 GMT
server
cloudflare
x-amz-request-id
4XRK7AC0J73QX99X
age
6028
etag
W/"9f11295966ec1b0d997cde32b2bda20e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
86c0af586e8942c3-EWR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4ZuPOPq0mMMf/oa2dr/r9CsqR9yOJFjU13O6x+4DEovY+xnzFSjOtPqWuvBeXcSB7XoZ2Vzdbto=

Redirect headers

date
Fri, 29 Mar 2024 14:52:39 GMT
cf-cache-status
HIT
server
cloudflare
age
20127
vary
Accept-Encoding
location
https://widget.user.com/widget.js
cache-control
max-age=3600
cf-ray
86c0af581e5042c3-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: nps.cosibella.com.de
URL: https://nps.cosibella.com.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://nps.cosibella.com.de
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86c0af57f82743cf-EWR
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://nps.cosibella.com.de
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 08:11:45 GMT
x-content-type-options
nosniff
age
196854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 08:11:45 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://nps.cosibella.com.de
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 08:10:00 GMT
x-content-type-options
nosniff
age
196959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 08:10:00 GMT
widget-app.2f1311514d2416d3d6d9.js
widget.user.com/ 		92 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-app.2f1311514d2416d3d6d9.js
Requested by
Host: cosibellapl.user.com
URL: https://cosibellapl.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Aug 2023 06:03:33 GMT
server
cloudflare
x-amz-request-id
GZX29CX1VJY3BMAB
age
6004
etag
W/"f294a3ea881ab4414e2e49f086355597"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
86c0af590f2242c3-EWR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BsuMsQR1XMJmSbGPp4wOIO5W3bqY+WobfOuVpP0QfkV0ezzLK+N+vI/+ra1JdYU/eZ9m21KMX9I=
widget-actionsStore.2f1311514d2416d3d6d9.js
widget.user.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-actionsStore.2f1311514d2416d3d6d9.js
Requested by
Host: cosibellapl.user.com
URL: https://cosibellapl.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Aug 2023 06:03:33 GMT
server
cloudflare
x-amz-request-id
1EGTVEEH6PW63RZR
age
5978
etag
W/"0d051876f932526893b9cf6305e9ce28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cf-ray
86c0af593f4e42c3-EWR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IUXOI0+ni7rjRSHIoccshYtlN8mZlIyFS94MNnj3ZWoYL19TbWSle/VxqTv87HIRFBIB5ikyKCsyI82JE08VWA==
/
cosibellapl.user.com/api/v2/user-chatping/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cosibellapl.user.com/api/v2/user-chatping/
Requested by
Host: cosibellapl.user.com
URL: https://cosibellapl.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50dc8093055570b2500b69b74d7bea4220ce48ef183ab05bdc307f86f055864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ue-backend
tenants
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
vary
Cookie, Origin
allow
POST, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
https://nps.cosibella.com.de
access-control-allow-credentials
true
ue-node
apinode43
cf-ray
86c0af5af8ac42c3-EWR
/
cosibellapl.user.com/api/v2/user-chatping/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cosibellapl.user.com/api/v2/user-chatping/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://nps.cosibella.com.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://nps.cosibella.com.de
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c0af594bd832fc-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 29 Mar 2024 14:52:39 GMT
server
cloudflare
ue-backend
tenants
ue-node
apinode35
vary
Origin
rum
nps.cosibella.com.de/cdn-cgi/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nps.cosibella.com.de/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://nps.cosibella.com.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nps.cosibella.com.de
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86c0af596b6d5e67-EWR
favicon-png_s4nU7WM.png
media.user.com/uploads/gvplv1-cosibella-pl/ 		330 B
812 B 		Other
General
Check archive.org
Download Go to
Full URL
https://media.user.com/uploads/gvplv1-cosibella-pl/favicon-png_s4nU7WM.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68cfbf908ff442d265c9dc5e186d3de832718f3e960ddbaba34ae5fd2d5febee

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:52:39 GMT
x-amz-version-id
RCetuqwttvMvV3qXLDrVWx7FLFyPkjcz
cf-cache-status
HIT
x-amz-request-id
XNNSYC6ENNDZASNY
age
11425
cf-polished
origFmt=png, origSize=803
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="favicon-png_s4nU7WM.webp"
alt-svc
h3=":443"; ma=86400
content-length
330
x-amz-id-2
0VBGFdX5XbeQnJRay23vZgjEomdziMk5g+MkPJZ6jUrrEIxBUP7YJ99QEvQ6EFZ8KQNgS7uvLRI=
cf-bgj
imgq:100,h2pri
last-modified
Tue, 01 Aug 2023 11:32:44 GMT
server
cloudflare
etag
"6e9dbfff7ace5886c67ef253adb033e5"
vary
Accept
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
86c0af598f9442c3-EWR
/
cosibellapl.user.com/landing/api/v3/actions/18/perform_visit/ 		16 B
250 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cosibellapl.user.com/landing/api/v3/actions/18/perform_visit/
Requested by
Host: nps.cosibella.com.de
URL: https://nps.cosibella.com.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
X-CSRFToken
null
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:52:40 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ue-backend
tenants
alt-svc
h3=":443"; ma=86400
content-length
16
referrer-policy
same-origin
server
cloudflare
vary
Cookie, Origin
allow
POST, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
https://nps.cosibella.com.de
access-control-allow-credentials
true
ue-node
apinode18
cf-ray
86c0af5fe9e132fc-EWR
/
cosibellapl.user.com/landing/api/v3/actions/18/perform_visit/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cosibellapl.user.com/landing/api/v3/actions/18/perform_visit/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-csrftoken
Access-Control-Request-Method
POST
Origin
https://nps.cosibella.com.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://nps.cosibella.com.de
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c0af5f48fd32fc-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 29 Mar 2024 14:52:40 GMT
server
cloudflare
ue-backend
tenants
ue-node
apinode62
vary
Origin
lp-nps-user-1608
cosibella.com.de/de/links/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cosibella.com.de
URL
https://cosibella.com.de/de/links/lp-nps-user-1608?nps=null&email=null&user_id=null&transaction_id=null&transaction_value=null

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| getParameterByName function| isUEDefined function| redirectToNewUrl object| multiSelect object| civchat object| webpackChunkusercom_widget object| regeneratorRuntime function| parcelRequire object| UE function| userengage function| getCookie function| getParamFromURL function| validateEmail function| showToast function| performVisit function| performConversion function| isInViewport function| setObserver object| __cfBeacon object| UsercomInstance

3 Cookies

Domain/Path Name / Value
nps.cosibella.com.de/ Name: badge_cookie_fye81f
Value: a
.user.com/ Name: _ueuuid
Value: pU1L7W9QPY1qQTCN
.cosibella.com.de/ Name: __ca__chat
Value: ggjfnjey7gnl

1 Console Messages

Source Level URL
Text
other warning URL: https://nps.cosibella.com.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY