urlscan.io logo urlscan.io
SecurityTrails logo

www.deflikindgoms.com Open in urlscan Pro
104.21.12.51  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.deflikindgoms.com/
Submission: On March 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 19 domains to perform 41 HTTP transactions. The main IP is 104.21.12.51, located in and belongs to CLOUDFLARENET, US. The main domain is www.deflikindgoms.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2022. Valid for: a year.
This is the only time www.deflikindgoms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 104.21.12.51 13335 (CLOUDFLAR...)
4 2.21.142.175 16625 (AKAMAI-AS)
1 3 151.101.66.83 54113 (FASTLY)
2 172.217.23.98 15169 (GOOGLE)
1 52.222.236.71 16509 (AMAZON-02)
1 172.217.16.142 15169 (GOOGLE)
1 142.250.181.232 15169 (GOOGLE)
4 185.60.216.19 32934 (FACEBOOK)
1 207.154.218.208 14061 (DIGITALOC...)
1 35.190.117.114 15169 (GOOGLE)
1 216.239.36.54 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 4 13.107.21.200 8068 (MICROSOFT...)
1 13.224.195.4 16509 (AMAZON-02)
4 157.240.20.35 32934 (FACEBOOK)
1 142.250.185.100 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
1 3.127.244.142 16509 (AMAZON-02)
2 20.62.48.180 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
41 20
8    104.21.12.51 (None, )

ASN13335 (CLOUDFLARENET, US)
www.deflikindgoms.com
4    2.21.142.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-175.deploy.static.akamaitechnologies.com
www.tripadvisor.co.uk
www.tripadvisor.com
3    151.101.66.83 (United States)

ASN54113 (FASTLY, US)
www.jscache.com
static.tacdn.com
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
www.googleadservices.com
1    52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net
tr.additive-apps.cloud
1    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com
1    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
4    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
1    207.154.218.208 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
api.marketing-cloud.additive-apps.tech
1    35.190.117.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.117.190.35.bc.googleusercontent.com
cdn.tr.additive-apps.tech
1    216.239.36.54 (United States)

ASN15169 (GOOGLE, US)
europe-west1-additive-visor-230210.cloudfunctions.net
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads.g.doubleclick.net
4    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    13.224.195.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-4.fra2.r.cloudfront.net
cdn.pushpanda.io
4    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.google.de
1    3.127.244.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-244-142.eu-central-1.compute.amazonaws.com
app.pushpanda.io
2    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
Apex Domain
Subdomains		 Transfer
8 deflikindgoms.com
www.deflikindgoms.com
32 KB
4 clarity.ms
e.clarity.ms — Cisco Umbrella Rank: 1869
c.clarity.ms — Cisco Umbrella Rank: 547
24 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
437 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 338
c.bing.com — Cisco Umbrella Rank: 193
13 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
194 KB
3 tripadvisor.co.uk
www.tripadvisor.co.uk — Cisco Umbrella Rank: 37542
28 KB
2 tacdn.com
static.tacdn.com — Cisco Umbrella Rank: 9812
3 KB
2 pushpanda.io
cdn.pushpanda.io — Cisco Umbrella Rank: 542002
app.pushpanda.io — Cisco Umbrella Rank: 754883
85 KB
2 additive-apps.tech
api.marketing-cloud.additive-apps.tech
cdn.tr.additive-apps.tech
666 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 101
32 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6433
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
2 KB
1 cloudfunctions.net
europe-west1-additive-visor-230210.cloudfunctions.net
349 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 additive-apps.cloud
tr.additive-apps.cloud
8 KB
1 tripadvisor.com
www.tripadvisor.com — Cisco Umbrella Rank: 8152
917 B
1 jscache.com
www.jscache.com — Cisco Umbrella Rank: 15658
443 B
41 19
Domain Requested by
8 www.deflikindgoms.com www.deflikindgoms.com
4 www.facebook.com www.deflikindgoms.com
connect.facebook.net
4 connect.facebook.net www.deflikindgoms.com
connect.facebook.net
3 bat.bing.com www.deflikindgoms.com
bat.bing.com
3 www.tripadvisor.co.uk www.deflikindgoms.com
www.jscache.com
2 c.clarity.ms 1 redirects
2 static.tacdn.com www.tripadvisor.co.uk
2 e.clarity.ms bat.bing.com
e.clarity.ms
2 www.googleadservices.com www.deflikindgoms.com
1 c.bing.com 1 redirects
1 app.pushpanda.io cdn.pushpanda.io
1 www.google.de www.deflikindgoms.com
1 www.google.com www.deflikindgoms.com
1 cdn.pushpanda.io www.deflikindgoms.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 europe-west1-additive-visor-230210.cloudfunctions.net www.deflikindgoms.com
1 cdn.tr.additive-apps.tech www.deflikindgoms.com
1 api.marketing-cloud.additive-apps.tech tr.additive-apps.cloud
1 www.googletagmanager.com www.deflikindgoms.com
1 www.google-analytics.com www.deflikindgoms.com
1 tr.additive-apps.cloud www.deflikindgoms.com
1 www.tripadvisor.com www.deflikindgoms.com
1 www.jscache.com 1 redirects
41 23
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-15 -
2023-03-14		 a year crt.sh
www.tripadvisor.com
DigiCert SHA2 Extended Validation Server CA		 2021-05-26 -
2022-06-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tr.additive-apps.cloud
Amazon		 2021-11-16 -
2022-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-22 -
2022-03-22		 3 months crt.sh
api.marketing-cloud.additive-apps.tech
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
cdn.tr.additive-apps.tech
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
cdn.pushpanda.io
Amazon		 2021-10-08 -
2022-11-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
app.pushpanda.io
R3		 2022-03-02 -
2022-05-31		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
static.tacdn.com
GlobalSign RSA OV SSL CA 2018		 2022-02-04 -
2023-03-07		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.deflikindgoms.com/
Frame ID: 627254933890CE5DE1398B6BD368AD0E
Requests: 37 HTTP requests in this frame

Frame: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/wellness-heaven.html
Frame ID: EEF4FCCD6BA2EE8F40ABB7F0CDCFA64B
Requests: 1 HTTP requests in this frame

Frame: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/holiday-check.html
Frame ID: 69382CCAEEC91E4E9B33C39112D57264
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=216201631731655&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24579258ec28c%26domain%3Dwww.deflikindgoms.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.deflikindgoms.com%252Ff30d86145e72498%26relation%3Dparent.parent&container_width=1584&href=https%3A%2F%2Fwww.facebook.com%2Fhotelhohenwart%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=large
Frame ID: D1B60CC99B1780AD2DA1D4EBBA147753
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F2B8B4FA482653DEBE2C1D0FB73F257C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wellness Hotel Hohenwart | Schenna, Meran | South Tyrol

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

41
Requests

95 %
HTTPS

0 %
IPv6

19
Domains

23
Subdomains

20
IPs

4
Countries

443 kB
Transfer

1205 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
Request Chain 37
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=28D3F1686B4844F4B2DAEB630970E506&RedC=c.clarity.ms&MXFR=0878824A1A4B676339D393221E4B6981 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=28D3F1686B4844F4B2DAEB630970E506&MUID=1B1DEFB4F1546F7D0805FEDCF0866EF9

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.deflikindgoms.com/ 		127 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7833510476f619e066633f188d806b6f2bca32e75ef4a2bce4607ea51f37bbe8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
cache-control
no-store
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuhBP9yr9AE9fPa1MLKBwxrLMgys3aeFb%2FRJMmLAiedyvTpzrO%2Br1LmW53Z6Mn5fS3hN5A%2BHoj%2FmrULdjC8oTaEt1bzRTmM5zGRc4vi2uo6NAV3f5bjjRNBLFd4VfKS2QLvH%2Fmiq9QE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ec8d7577a571e5d-MUC
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
6610a0d6eb897663051bfbbfc49a31c2.css
www.deflikindgoms.com/modules/cssJsCombinator/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.deflikindgoms.com/modules/cssJsCombinator/6610a0d6eb897663051bfbbfc49a31c2.css
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaqLRaw3Tcj%2B7tUaO809%2Bdch14m3q3tMWlL0xFqnzjN7GqAKEGKJQcWneZ2zhMepg4Szjo%2FXo9HEK6gAG96%2F7KXAGkU2qq%2B%2BfrwuG%2BdfYATJtaVMiKCqKukbGPNKUNz1lLLbThWnTkI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
6ec8d75dfd741e5d-MUC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bell.png
www.deflikindgoms.com/themes/custom/images/ 		564 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deflikindgoms.com/themes/custom/images/bell.png
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BFSh4FQ4h%2BpSVZ%2F9uTATemHVg%2FEbwgklXbjNxL%2F3v3KIdpgpuU86o9RoW5qQSOeDlR5H7Zo2iRfCKNlWpqGrRyC4%2BVUIqgsJhSQ85GqLOflGW7EdlmRUO1Nd7ThYYv5NMV8lfGQU4g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
6ec8d75dfd781e5d-MUC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
CoE2017_WidgetAsset-14348-2.png
www.tripadvisor.co.uk/img/cdsi/img2/awards/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.co.uk/img/cdsi/img2/awards/CoE2017_WidgetAsset-14348-2.png
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.142.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-175.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
https://www.tripadvisor.com
date
Tue, 15 Mar 2022 22:56:15 GMT
server
envoy
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
cache-control
private, max-age=43200
content-type
image/png
content-length
15558
expires
Wed, 16 Mar 2022 10:56:15 GMT
email-decode.min.js
www.deflikindgoms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.deflikindgoms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Mar 2022 18:25:01 GMT
server
cloudflare
etag
W/"622f887d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBU4Wkiktu0gt%2FIUOryI%2BI8fBJ4kU9ePEMvb557Mo0AJh4z174WmYO8IXBt9pTqKNqPCuBMmtK07%2F70UHHylcXgzcdrL3qxlUQ8t6Y7ybtkIG038MjdAT24IQm9eLNdgVL%2BouIvnuF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ec8d75ed8966d86-MUC
vary
Accept-Encoding
expires
Thu, 17 Mar 2022 22:56:15 GMT
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
277 B
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Server
2.21.142.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-175.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
c5290c1d03e311d84c1a0e3b10eb57cf688ef82ffe8e9d50166a953555bf2e92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
server
envoy
timing-allow-origin
https://www.tripadvisor.com
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
cache-control
no-cache,no-store,must-revalidate
content-type
application/x-javascript;charset=UTF-8
content-length
253
expires
0

Redirect headers

date
Tue, 15 Mar 2022 22:56:15 GMT
via
1.1 varnish
x-cache
MISS
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
x-cache-hits
0
content-length
0
x-served-by
cache-hhn4072-HHN
pragma
no-cache
server
envoy
x-timer
S1647384975.208830,VS0,VE153
content-type
text/plain; charset=utf-8
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
facebook.png
www.deflikindgoms.com/themes/custom/plugins/imageShare/ 		564 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deflikindgoms.com/themes/custom/plugins/imageShare/facebook.png
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCkL3FsIJSHkWQeYD7lAoeTrwFGKH0dpcPJ1ovQh2Fa7XCzPGJX2wagvsKVqwe6BtOqyxAyZyiWps4pTxRiICv0RtmZ4XgPp3ZYE4E2fQEsm%2FKmp6RpOlDhx1Sd3DrtRVJLr4ihkm8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
6ec8d75ed8986d86-MUC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
39a495cd3b7d5ddab3b8be845344190c.js
www.deflikindgoms.com/modules/cssJsCombinator/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.deflikindgoms.com/modules/cssJsCombinator/39a495cd3b7d5ddab3b8be845344190c.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UV5vSAgP7nvkNzjvxqTwq1q3B3EY7KdfjXzzjG%2FYIEs3iQEPsHvWjwDUpnpjcj0Iqyj7lKryyomns45SbfAq%2BkEHwr%2FOFsUpi9uUtW268CgvGi5zQCnw0pgBt2kyPTjoKJwv7e5Fb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
6ec8d75ed8996d86-MUC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
conversion.js
www.googleadservices.com/pagead/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
37adfa46b47d25263e6aa9d11888a0a3be8c21fab0eac748c2ec828099409339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17280
x-xss-protection
0
server
cafe
etag
8400793797420563360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Mar 2022 22:56:15 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14889
x-xss-protection
0
server
cafe
etag
11178597599353190569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Mar 2022 22:56:15 GMT
main.js
tr.additive-apps.cloud/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.additive-apps.cloud/main.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e9c2ff2e4a7634d3bcfe453a858a78423b1e9dca13d7b4caa0b6370a0923d3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:37:03 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 15:26:57 GMT
server
AmazonS3
age
26353
etag
W/"ca89999d4579e2c203e8bf61b7ede37e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
content-type
application/javascript
x-amz-cf-id
QXVs_5kQW0d43cF9MtxtQDsI2axNS0IiFWobhSfK0Q1PlBdGuz_uDA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3089
date
Tue, 15 Mar 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Mar 2022 00:04:46 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N456M88
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
K+YK1b1q1TRGr/KEPzRZnsWHD7vmq2kJSxmX7f8yxO1M+tJeyuDVjoFLi/0tw43nmpCr4FiiEY1xtExxbIsVuA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Tue, 15 Mar 2022 22:56:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
wellness-heaven.html
www.deflikindgoms.com/en/information/information-service/hotel-reviews/ Frame EEF4 		564 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/wellness-heaven.html
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pO12KfjlaERGvGlH5jCbICQSZLHDeMhaDm1yzTW4N4hoKrA74h7KGfz1mCll9MPCgCVbHn%2FyazbYYgkfqHAlz0SvmJ2MKS%2FdPywNwb6XdH8QIX0WaMwKfn5nELcfZLyX%2F7yUBw0S0lI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ec8d75ef8eb6d86-MUC
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
holiday-check.html
www.deflikindgoms.com/en/information/information-service/hotel-reviews/ Frame 6938 		564 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/holiday-check.html
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgUI69vfnH7fxYsO6X8QlcfldWN1rF%2FpKVRNkrzEXrdWlYqWEQPGtihkEtwII8h4iqA2IxqAQV9EUPY6IIEbcyEabH7USbp6Ki2u4gCuUV%2FafG%2BxMCfpUnR1UIjzr1l1j5V5p8gaznw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ec8d75ef8ed6d86-MUC
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sdk.js
connect.facebook.net/en_EN/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_EN/sdk.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
b43aaea55adc0142ebfbf3f437c6d6ff1b415c2e4d369a6de63b20657ffd9c93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
oe9cFw8fims98/4QSwmt6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 15 Mar 2022 22:58:59 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
nhtsV8KL89jlBa42iSuFTNvDZWBFoA1MaXAO+n7zAiH1adtPw74UPW8K9YNRWr3QZl+8OuEzoE/3MaYbp7lrCA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d6d62360fa360d8d86fa46b28b94c728
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Mar 2022 22:56:15 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"14ba3e4de2bb7fa94a57274c61ee54ca"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
1224626914242084
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1224626914242084?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
d31a2abeb037e4ea4067a5abbdc34e92b041228f2c3f23bb87738065a928d571
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89094
x-xss-protection
0
pragma
public
x-fb-debug
rYoIVa+55MHPcZfpCw66pGTbrRPZ7h4T6mIGyZZFnGAXKGVILEW8Jtm3eRdxXMYb/auZgp3uX/97NNG76+24yg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 15 Mar 2022 22:56:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		280 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=9121e24c103f234417b9db876815b798
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
c845b326cd5519cdc1521e46ccc846a9ea476e3e5b53c49b44dcb90ab27a3d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.deflikindgoms.com/
Origin
https://www.deflikindgoms.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Ybmg59iKZ9hpl2QHK56waA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 15 Mar 2023 21:56:40 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
81451
x-fb-rlafr
0
x-fb-debug
rBtq/HiibSBBJbl4GutG9+1sEtUUY1KrFCXgn0tDlcdHUXUDsT2FD06TY+rrkB3+jp5oFLjjetFKPw+Q7BxvSQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c892d1bc8338cc761c5a904cdb114c85
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Mar 2022 22:56:15 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6fe842f1abfb62da708141426bfa2d88"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
bf8440ca.json
api.marketing-cloud.additive-apps.tech/w/config/ 		15 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.marketing-cloud.additive-apps.tech/w/config/bf8440ca.json
Requested by
Host: tr.additive-apps.cloud
URL: https://tr.additive-apps.cloud/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.154.218.208 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
69b74503365b54990581bab8b47f3c2dab97b19bb50e2f8e7a8e01bb3708c76c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
last-modified
Tue, 15 Mar 2022 22:56:04 GMT
server
nginx/1.10.3
etag
"62311984-f"
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
content-length
15
pixel.gif
cdn.tr.additive-apps.tech/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tr.additive-apps.tech/pixel.gif?r=2zhx75f13gdpfku3xrxeoa&entity=bf8440ca&payload=eyJtZXRhX2RhdGEiOnsidXVpZCI6ImE2YjM3NGVhLTUzMWYtZTZiOC1jMTIzLTViMzhlOTdjYTI4YiIsInBhZ2UiOiJodHRwczovL3d3dy5kZWZsaWtpbmRnb21zLmNvbS8iLCJtYV91dWlkIjpudWxsLCJzZXNzaW9uX3V1aWQiOiJhOTMyYmI4MS1jZDIzLWJlN2MtZTNmYy1iNzRjMDg2MTQ5MmUiLCJyZWZlcnJlciI6IiIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzYifX0=
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.117.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.117.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:15:15 GMT
age
2460
x-guploader-uploadid
ADPycdsvs9WONbYEzEefyVOsvpiHD32a4OccFnzcYssCt29kcG2tpLkSIDueWMEYAMR63VBcCZytoImODZN2rIboECc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
43
last-modified
Tue, 24 Sep 2019 12:56:20 GMT
server
UploadServer
etag
"df3e567d6f16d040326c7a0ea29a4f41"
x-goog-hash
crc32c=6jWeOQ==, md5=3z5WfW8W0EAybHoOoppPQQ==
x-goog-generation
1569329780170153
cache-control
public, max-age=3600
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
expires
Tue, 15 Mar 2022 23:15:15 GMT
pixel
europe-west1-additive-visor-230210.cloudfunctions.net/ 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://europe-west1-additive-visor-230210.cloudfunctions.net/pixel?r=cx2e72k438dovjvbtwa9s&entity=bf8440ca&payload=eyJtZXRhX2RhdGEiOnsidXVpZCI6ImE2YjM3NGVhLTUzMWYtZTZiOC1jMTIzLTViMzhlOTdjYTI4YiIsInBhZ2UiOiJodHRwczovL3d3dy5kZWZsaWtpbmRnb21zLmNvbS8iLCJtYV91dWlkIjpudWxsLCJzZXNzaW9uX3V1aWQiOiJhOTMyYmI4MS1jZDIzLWJlN2MtZTNmYy1iNzRjMDg2MTQ5MmUiLCJyZWZlcnJlciI6IiIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzYifX0=
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
server
Google Frontend
x-powered-by
Express
content-type
image/gif
x-cloud-trace-context
b39c53dbdad3560b737780f4f4191753
function-execution-id
30hess1ur7jn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036408298/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036408298/?random=1647384975238&cv=9&fst=1647384975238&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.deflikindgoms.com%2F&tiba=Wellness%20Hotel%20Hohenwart%20%7C%20Schenna%2C%20Meran%20%7C%20South%20Tyrol&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c7ba19a6587734e636706c94bb2780d2113ab748b1fa1823e107f081404cf469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:14 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B28F210072BE4579832884CAFD4EC4BB Ref B: FRAEDGE1308 Ref C: 2022-03-15T22:56:15Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
sdk.js
cdn.pushpanda.io/sdk/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushpanda.io/sdk/sdk.js
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fba37cab3990e5e17f6688f48d6a4f15dfa75243356d4d4698269808b27cca6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 10:35:37 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified
Thu, 25 Feb 2021 23:32:02 GMT
server
AmazonS3
age
44439
etag
"4329bb7c1b249aefcd9ad028b5606d93"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
85775
x-amz-cf-id
q199863EUrVIW-Kd_Y-2zVc7tF_nXgwNuAx8wrSFEzfsTacVLmxEBg==
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1224626914242084&ev=PageView&dl=https%3A%2F%2Fwww.deflikindgoms.com%2F&rl=&if=false&ts=1647384975270&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647384975269.793876321&it=1647384975225&coo=false&rqm=GET
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 15 Mar 2022 22:56:15 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=216201631731655&ev=fb_page_view&dl=https%3A%2F%2Fwww.deflikindgoms.com%2F&rl=&if=false&ts=1647384975279&sw=1600&sh=1200&at=
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 15 Mar 2022 22:56:15 GMT
/
www.google.com/pagead/1p-user-list/1036408298/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1036408298/?random=1647384975238&cv=9&fst=1647381600000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.deflikindgoms.com%2F&tiba=Wellness%20Hotel%20Hohenwart%20%7C%20Schenna%2C%20Meran%20%7C%20South%20Tyrol&fmt=3&is_vtc=1&random=2557068495&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1036408298/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1036408298/?random=1647384975238&cv=9&fst=1647381600000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.deflikindgoms.com%2F&tiba=Wellness%20Hotel%20Hohenwart%20%7C%20Schenna%2C%20Meran%20%7C%20South%20Tyrol&fmt=3&is_vtc=1&random=2557068495&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5948448.js
bat.bing.com/p/action/ 		776 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5948448.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc4c98b77185aef4a244773f2b0b7e55be4c2cc0356c77e02013b655a3058b40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 38B82BF3CD6F4B7AA88399DAC51773A9 Ref B: FRAEDGE1308 Ref C: 2022-03-15T22:56:15Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
642
0
bat.bing.com/action/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5948448&Ver=2&mid=f347cece-c1da-4a10-bef0-6cbf1fb9147b&sid=1e1da620a4b311ecbe287536d19c3566&vid=1e1dc790a4b311ec8e69b9ac4e28b834&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Wellness%20Hotel%20Hohenwart%20%7C%20Schenna,%20Meran%20%7C%20South%20Tyrol&p=https%3A%2F%2Fwww.deflikindgoms.com%2F&r=&evt=pageLoad&msclkid=N&sv=1&rn=957491
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E008DBDE6BAB43E184C2E032D0460900 Ref B: FRAEDGE1308 Ref C: 2022-03-15T22:56:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/v2.12/plugins/ Frame D1B6 		0
24 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=216201631731655&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24579258ec28c%26domain%3Dwww.deflikindgoms.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.deflikindgoms.com%252Ff30d86145e72498%26relation%3Dparent.parent&container_width=1584&href=https%3A%2F%2Fwww.facebook.com%2Fhotelhohenwart%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9121e24c103f234417b9db876815b798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
eiJ1OdRfXR0q4iNLWFgH/SSL9HA43uTjD1uXYJLUUChwWMxaRAL88ldbZwUB8nAqvvMdmZuguuIve1y6jllQyA==
content-length
0
date
Tue, 15 Mar 2022 22:56:15 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
www.deflikindgoms.com
app.pushpanda.io/api/push/project/990524f0-4313-11e9-82bb-359bdc37c594/ 		164 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.pushpanda.io/api/push/project/990524f0-4313-11e9-82bb-359bdc37c594/www.deflikindgoms.com
Requested by
Host: cdn.pushpanda.io
URL: https://cdn.pushpanda.io/sdk/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
3.127.244.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-244-142.eu-central-1.compute.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
399209352be45ffd8f409337a8be59bf89798ae6a211bc3bf41581d002f161cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 15 Mar 2022 22:56:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.17.3
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
X-RateLimit-Remaining
179
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-RateLimit-Limit
180
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
clarity.js
e.clarity.ms/s/0.6.32/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5948448.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
br
etag
"1d8380e6acd1d90"
last-modified
Tue, 15 Mar 2022 01:45:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
22927
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
WidgetEmbed-certificateOfExcellence
www.tripadvisor.co.uk/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.co.uk/WidgetEmbed-certificateOfExcellence?year=2019&locationId=539558&display_version=2&uniq=757&lang=en_UK
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=757&locationId=539558&lang=en_UK&year=2019&display_version=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.142.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-175.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
045bd1658b242ca730f20d8eabe41eda6a380ffadbce2edd8c8fc13fdb65c973

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
server
envoy
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
vary
User-Agent,Accept-Encoding
content-language
en-GB
content-type
text/javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
3214
expires
0
t4b_widget_coe-v2381509749a.css
static.tacdn.com/css2/build/concat/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
Requested by
Host: www.tripadvisor.co.uk
URL: https://www.tripadvisor.co.uk/WidgetEmbed-certificateOfExcellence?year=2019&locationId=539558&display_version=2&uniq=757&lang=en_UK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
age
76249
x-cache
HIT
x-cache-hits
1008
content-length
2172
x-served-by
cache-hhn4072-HHN
access-control-allow-origin
*
last-modified
Fri, 04 Mar 2022 12:32:50 GMT
server
envoy
x-timer
S1647384976.688564,VS0,VE0
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 19:47:45 GMT
cdswidgets_min-c-v2395114504a.js
static.tacdn.com/js3/build/concat/widget/ 		2 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
Requested by
Host: www.tripadvisor.co.uk
URL: https://www.tripadvisor.co.uk/WidgetEmbed-certificateOfExcellence?year=2019&locationId=539558&display_version=2&uniq=757&lang=en_UK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:15 GMT
content-encoding
gzip
age
76249
x-cache
HIT
x-cache-hits
1375
content-length
647
x-served-by
cache-hhn4072-HHN
access-control-allow-origin
*
last-modified
Fri, 04 Mar 2022 12:32:49 GMT
server
envoy
x-timer
S1647384976.688648,VS0,VE0
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 19:45:07 GMT
/
www.facebook.com/tr/ Frame F2B8 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.deflikindgoms.com
URL: https://www.deflikindgoms.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.deflikindgoms.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.deflikindgoms.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
date
Tue, 15 Mar 2022 22:56:15 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=28D3F1686B4844F4B2DAEB630970E506&RedC=c.clarity.ms&MXFR=0878824A1A4B676339D393221E4B6981
  • https://c.clarity.ms/c.gif?CtsSyncId=28D3F1686B4844F4B2DAEB630970E506&MUID=1B1DEFB4F1546F7D0805FEDCF0866EF9
42 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=28D3F1686B4844F4B2DAEB630970E506&MUID=1B1DEFB4F1546F7D0805FEDCF0866EF9
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 15 Mar 2022 22:56:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 543FDBDFBE5F4A35A03274B4A0C8AE0B Ref B: FRAEDGE1308 Ref C: 2022-03-15T22:56:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=28D3F1686B4844F4B2DAEB630970E506&MUID=1B1DEFB4F1546F7D0805FEDCF0866EF9
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
coe-14348-2.png
www.tripadvisor.co.uk/img/cdsi/img2/awards/v2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.co.uk/img/cdsi/img2/awards/v2/coe-14348-2.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.142.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-175.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.deflikindgoms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
https://www.tripadvisor.com
date
Tue, 15 Mar 2022 22:56:16 GMT
server
envoy
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
cache-control
private, max-age=43200
content-type
image/png
content-length
5516
expires
Wed, 16 Mar 2022 10:56:15 GMT
collect
e.clarity.ms/ 		0
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.deflikindgoms.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://www.deflikindgoms.com
date
Tue, 15 Mar 2022 22:56:16 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored string| AdditiveTRObject function| ddtv string| GoogleAnalyticsObject function| ga object| dataLayer function| fbq function| _fbq string| t17_LANG object| ADDITIVE_cookies object| google_conversion_id object| google_custom_params object| google_remarketing_only object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB object| additivemc function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| google_trackConversion object| uetq object| _pushpanda function| UET function| UET_init function| UET_push object| ueto_1a6dc697b9 object| PushPanda function| clarity object| newSS object| newJs function| checkHomePageLink function| injectcertificateOfExcellence6777 object| taOnLoad object| taValList number| taValIndex function| taValidate function| taAddValidator object| ta number| ii function| fname object| hasNoFollow

16 Cookies

Domain/Path Name / Value
www.deflikindgoms.com/ Name: flow
Value: 7056
www.deflikindgoms.com/ Name: PHPSESSID
Value: dbg8p8ii1c1vvatvc7qmeo9avl
www.deflikindgoms.com/ Name: channel_id
Value: 489
www.deflikindgoms.com/ Name: additivemc_session_information
Value: eyJmaXJzdFBhZ2UiOiJodHRwczovL3d3dy5kZWZsaWtpbmRnb21zLmNvbS8iLCJyZWZlcnJlciI6IiIsImFjaWQiOm51bGx9
www.deflikindgoms.com/ Name: additivemc_session_uuid
Value: a932bb81-cd23-be7c-e3fc-b74c0861492e
.deflikindgoms.com/ Name: _fbp
Value: fb.1.1647384975269.793876321
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bing.com/ Name: MUID
Value: 1B1DEFB4F1546F7D0805FEDCF0866EF9
.deflikindgoms.com/ Name: _uetsid
Value: 1e1da620a4b311ecbe287536d19c3566
.deflikindgoms.com/ Name: _uetvid
Value: 1e1dc790a4b311ec8e69b9ac4e28b834
.deflikindgoms.com/ Name: _clck
Value: 1dwe4vk|1|ezs|0
.c.bing.com/ Name: SRM_B
Value: 1B1DEFB4F1546F7D0805FEDCF0866EF9
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1B1DEFB4F1546F7D0805FEDCF0866EF9
.c.clarity.ms/ Name: ANONCHK
Value: 0
.deflikindgoms.com/ Name: _clsk
Value: 6hvvhm|1647384976293|1|1|e.clarity.ms/collect

7 Console Messages

Source Level URL
Text
network error URL: https://www.deflikindgoms.com/themes/custom/images/bell.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deflikindgoms.com/modules/cssJsCombinator/6610a0d6eb897663051bfbbfc49a31c2.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.googletagmanager.com/gtm.js?id=GTM-N456M88
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deflikindgoms.com/themes/custom/plugins/imageShare/facebook.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deflikindgoms.com/modules/cssJsCombinator/39a495cd3b7d5ddab3b8be845344190c.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/wellness-heaven.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.deflikindgoms.com/en/information/information-service/hotel-reviews/holiday-check.html
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.marketing-cloud.additive-apps.tech
app.pushpanda.io
bat.bing.com
c.bing.com
c.clarity.ms
cdn.pushpanda.io
cdn.tr.additive-apps.tech
connect.facebook.net
e.clarity.ms
europe-west1-additive-visor-230210.cloudfunctions.net
googleads.g.doubleclick.net
static.tacdn.com
tr.additive-apps.cloud
www.deflikindgoms.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.jscache.com
www.tripadvisor.co.uk
www.tripadvisor.com
104.21.12.51
13.107.21.200
13.224.195.4
142.250.181.232
142.250.184.227
142.250.185.100
142.250.185.98
151.101.66.83
157.240.20.35
172.217.16.142
172.217.23.98
185.60.216.19
2.21.142.175
20.62.48.180
207.154.218.208
216.239.36.54
3.127.244.142
35.190.117.114
52.142.114.2
52.222.236.71
045bd1658b242ca730f20d8eabe41eda6a380ffadbce2edd8c8fc13fdb65c973
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1fba37cab3990e5e17f6688f48d6a4f15dfa75243356d4d4698269808b27cca6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37adfa46b47d25263e6aa9d11888a0a3be8c21fab0eac748c2ec828099409339
399209352be45ffd8f409337a8be59bf89798ae6a211bc3bf41581d002f161cf
3aebf6db9aaaf52fe69a8f63d9585c4616db237a4d2993b00da224459f2cad1a
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
4e9c2ff2e4a7634d3bcfe453a858a78423b1e9dca13d7b4caa0b6370a0923d3f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
63cddeb808a52e0aa99d3fa1503739c927c4fce451f41d312610b1104626bd5c
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625
69b74503365b54990581bab8b47f3c2dab97b19bb50e2f8e7a8e01bb3708c76c
7833510476f619e066633f188d806b6f2bca32e75ef4a2bce4607ea51f37bbe8
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b43aaea55adc0142ebfbf3f437c6d6ff1b415c2e4d369a6de63b20657ffd9c93
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
bc4c98b77185aef4a244773f2b0b7e55be4c2cc0356c77e02013b655a3058b40
c5290c1d03e311d84c1a0e3b10eb57cf688ef82ffe8e9d50166a953555bf2e92
c7ba19a6587734e636706c94bb2780d2113ab748b1fa1823e107f081404cf469
c845b326cd5519cdc1521e46ccc846a9ea476e3e5b53c49b44dcb90ab27a3d01
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd
d31a2abeb037e4ea4067a5abbdc34e92b041228f2c3f23bb87738065a928d571
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629