urlscan.io logo urlscan.io
SecurityTrails logo

www.lego.com Open in urlscan Pro
2.17.100.160  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.lego.com/de-de
Submission: On April 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 7 domains to perform 159 HTTP transactions. The main IP is 2.17.100.160, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.lego.com. The Cisco Umbrella rank of the primary domain is 49044.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 5th 2023. Valid for: a year.
This is the only time www.lego.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
131 2.17.100.160 20940 (AKAMAI-ASN1)
6 143.204.98.13 16509 (AMAZON-02)
1 2 2600:9000:276... 16509 (AMAZON-02)
1 2602:816:5001... 54113 (FASTLY)
4 104.17.184.88 13335 (CLOUDFLAR...)
3 162.247.243.29 54113 (FASTLY)
1 85.222.147.21 14340 (SALESFORCE)
1 2600:9000:20e... 16509 (AMAZON-02)
6 85.222.153.242 14340 (SALESFORCE)
2 160.8.250.126 14340 (SALESFORCE)
2 160.8.13.0 14340 (SALESFORCE)
159 12
131    2.17.100.160 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-160.deploy.static.akamaitechnologies.com
www.lego.com
6    143.204.98.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net
assets.lego.com
2    2600:9000:2761:c200:19:9f8c:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
identity.lego.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
4    104.17.184.88 (None, )

ASN13335 (CLOUDFLARENET, US)
lego.report-uri.com
3    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    85.222.147.21 (Paris, France)

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg0-cdg3.eu26-cdg.force.com
service.force.com
1    2600:9000:20eb:da00:1e:c28d:f140:93a1 (United States)

ASN16509 (AMAZON-02, US)
allowed-countries.scout.services.lego.com
6    85.222.153.242 (Frankfurt am Main, Germany)

ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg0-fra3.eu34-fra.my.salesforce.com
legocrm.my.salesforce.com
2    160.8.250.126 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl11-ncg0-fra3.la3-c2-fra.salesforceliveagent.com
d.la3-c2-fra.salesforceliveagent.com
2    160.8.13.0 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-fra3.la3-c1-fra.salesforceliveagent.com
d.la3-c1-fra.salesforceliveagent.com
Apex Domain
Subdomains		 Transfer
140 lego.com
www.lego.com — Cisco Umbrella Rank: 49044
assets.lego.com — Cisco Umbrella Rank: 73949
identity.lego.com — Cisco Umbrella Rank: 74188
allowed-countries.scout.services.lego.com — Cisco Umbrella Rank: 80458
2 MB
6 salesforce.com
legocrm.my.salesforce.com — Cisco Umbrella Rank: 87967
23 KB
4 salesforceliveagent.com
d.la3-c2-fra.salesforceliveagent.com — Cisco Umbrella Rank: 37499
d.la3-c1-fra.salesforceliveagent.com — Cisco Umbrella Rank: 30425
6 KB
4 report-uri.com
lego.report-uri.com — Cisco Umbrella Rank: 67256
2 KB
3 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 250
1 KB
1 force.com
service.force.com — Cisco Umbrella Rank: 3957
9 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 655 Failed
28 KB
159 7
Domain Requested by
131 www.lego.com www.lego.com
6 legocrm.my.salesforce.com www.lego.com
6 assets.lego.com www.lego.com
4 lego.report-uri.com www.lego.com
3 bam.nr-data.net www.lego.com
2 d.la3-c1-fra.salesforceliveagent.com www.lego.com
2 d.la3-c2-fra.salesforceliveagent.com www.lego.com
2 identity.lego.com 1 redirects www.lego.com
1 allowed-countries.scout.services.lego.com www.lego.com
1 service.force.com www.lego.com
1 js-agent.newrelic.com www.lego.com
159 11
Subject Issuer Validity Valid
www.lego.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-05 -
2024-07-10		 a year crt.sh
assets.lego.com
Amazon RSA 2048 M02		 2023-12-06 -
2025-01-04		 a year crt.sh
identity.lego.com
Amazon RSA 2048 M02		 2023-06-19 -
2024-07-17		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
report-uri.com
E1		 2024-03-25 -
2024-06-23		 3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.eu26.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-03 -
2024-12-31		 a year crt.sh
allowed-countries.scout.services.lego.com
Amazon RSA 2048 M03		 2023-08-22 -
2024-09-19		 a year crt.sh
eu34.salesforce.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-04		 a year crt.sh
la3-c2-fra.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-01 -
2024-10-29		 a year crt.sh
la3-c1-fra.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-01 -
2024-10-29		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.lego.com/de-de
Frame ID: EE31CC73B2F83641A4C889016DAB177A
Requests: 144 HTTP requests in this frame

Frame: https://identity.lego.com/connect/checksession
Frame ID: 297DD2251D4C62B3C2587E4D45447688
Requests: 1 HTTP requests in this frame

Frame: https://www.lego.com/identity/callback
Frame ID: 73A1BAF9BBC175B959523E71033246ED
Requests: 13 HTTP requests in this frame

Frame: https://legocrm.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.lego.com/de-de?age-gate=grown_up
Frame ID: 9FC7DA8DCF3233D3CFB14D61A5F775EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Offizieller LEGO® Shop DE

Detected technologies

Overall confidence: 100%
Detected patterns
  • service\.force\.com

Page Statistics

159
Requests

99 %
HTTPS

27 %
IPv6

7
Domains

11
Subdomains

12
IPs

5
Countries

2445 kB
Transfer

7309 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://identity.lego.com/connect/authorize?appContext=false&adultexperience=true&hideheader=true&scope=openid+email+profile+dob&response_type=id_token+token&client_id=316ad352-6573-4df0-b707-e7230ab7e0c7&redirect_uri=https%3A%2F%2Fwww.lego.com%2Fidentity%2Fcallback&ui_locales=en-US&state=902LnyBRONWy3RHR&nonce=MMpC5JI9GHECvvd3&prompt=none HTTP 302
  • https://www.lego.com/identity/callback

159 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request de-de
www.lego.com/ 		1 MB
171 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0b1df65ba50ac90d3876a4b789c954486b8672ecec9a9be44a0d95f2e1e3d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=16
content-encoding
gzip
content-length
172547
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-xHECcMFulIYYRp7sN1nll781ntL2EXqtqU5iUG2HoIY=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
text/html; charset=utf-8
date
Thu, 04 Apr 2024 13:48:23 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
CeraPro-Regular.woff2
assets.lego.com/fonts/v3/cera-pro/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.lego.com/fonts/v3/cera-pro/CeraPro-Regular.woff2
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b366c1d4e063ef5b4ffad8c273b375643ec801ea3463a9fc1b31cbc3c5e1e7f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
Origin
https://www.lego.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:14:09 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
236055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46852
last-modified
Mon, 25 Mar 2024 20:09:38 GMT
server
AmazonS3
etag
"bd818dce28b0e42919636be4fd356e51"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
nuuk_WJj451_PNRE4gWYUbgIdUtwhbZxIH3j47731J0GDUC1IBNezg==
newrelic.js
www.lego.com/ 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/newrelic.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b72f78c410b7a135448aa0772466867c39cdab2b688f5173ebc91dbe87de7c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 18 Jan 2024 13:04:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"1bda1-18d1cabddd0"
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-Q8cN36E3jRbAc+6RoPVOYXkB4C8W95Hr6am0piNooJg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=538691
accept-ranges
bytes
content-length
24257
x-xss-protection
1; mode=block
aed1ef14a374654d.css
www.lego.com/_next/static/css/ 		68 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/aed1ef14a374654d.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
168999d6f3807faa988d858fe8a2426c1902825b15cc8147718795411371ca65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-4WwR+LsNg+J6db+fBWpVrZfA/buyYtdCHTfPRyGIc74=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
13518
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"10f59-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401655
accept-ranges
bytes
d6687b947aac679f.css
www.lego.com/_next/static/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/d6687b947aac679f.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4171899a3e8dc9b30b022be5856cdc76f7a7f9371c1b2bf8a66e8ce38fc5398f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-0W88TIICnaHm29TRTf9yM+wT+aUlX+j/J5+oQWJ5Osg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
2927
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"5067-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401573
accept-ranges
bytes
f082eb9296b29657.css
www.lego.com/_next/static/css/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/f082eb9296b29657.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
26e01fc1809bb2cfe7ee54858f83fc76404f4b56657cba9b163394cdf3836410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-ACVFp5XsNBPXwlczYcBEcGU7AeuSQWoi5FZ9tsHqlhQ=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5333
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"9a32-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401563
accept-ranges
bytes
834bcf50333f9402.css
www.lego.com/_next/static/css/ 		96 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/834bcf50333f9402.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe548b4b036781c07b73eb43b12d2bc20ef4436de350e245c9ad0d5458688563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-060MEfmu7v+CrbsXbhhe4LLz9E8+2c3iP/HxOcmkpjA=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
13070
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"181f0-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401549
accept-ranges
bytes
ef8731c60c2283f2.css
www.lego.com/_next/static/css/ 		38 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/ef8731c60c2283f2.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
728902d515579fc4f8d51f9d249bdeb04a5b5dec0c9db58604bffaa0505ac150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-dMNUp+zZp2rOz/jtVngWwsvCaDKQORTJep/RzlISKT4=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5770
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"98d0-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401627
accept-ranges
bytes
1a732501c32b2f78.css
www.lego.com/_next/static/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/1a732501c32b2f78.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43aeafd646b2cf3914e09be687a72af8393bc76a4eb24431a4626bc2672b265d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-gEm4ZASjP+6HG7QOjprkVghcrWHG/T5DhGRbZWtiwwM=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
660
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"ce3-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401419
accept-ranges
bytes
4879-f955636be836256d.js
www.lego.com/_next/static/chunks/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/4879-f955636be836256d.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b1b0d0f12af643744716b3443ddd613b751abafbe623abef0ce9923860047d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-hWC0wz0WoztbM4oPmXnd6Lf2DJLjd8/t0VXpwQSPGJ0=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
4918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"41f1-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848216
accept-ranges
bytes
webpack-7a106797cad6ad28.js
www.lego.com/_next/static/chunks/ 		9 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/webpack-7a106797cad6ad28.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e4dbaa4e9662f1ffb8c70372893cd5306eb56c39bc0a0d40cb65d1af62bbd10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-oOgJAXnem+3dTH4wxaO4MJZIQvV7Pd1Oo9JSUSsr4qo=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
4437
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"2498-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848252
accept-ranges
bytes
framework-895245ddb8ded7aa.js
www.lego.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/framework-895245ddb8ded7aa.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb0e63b87ec0f72593b405383f8f4e423e87e3916b6afc78b927006aa921fd92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 14:19:05 GMT
etag
W/"228ab-183c769d3a8"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454958
accept-ranges
bytes
content-length
45510
x-xss-protection
1; mode=block
main-9aece1aa182f842b.js
www.lego.com/_next/static/chunks/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/main-9aece1aa182f842b.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cbe1f12a684d8f2eecd6cd871264adf7c5a09a7b68c37b719e3e82a1271a4320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 14:19:05 GMT
etag
W/"e7cb-183c769d3a8"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454958
accept-ranges
bytes
content-length
19230
x-xss-protection
1; mode=block
_app-fc52fe74f83666cc.js
www.lego.com/_next/static/chunks/pages/ 		1 MB
305 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/pages/_app-fc52fe74f83666cc.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f29fe3c195fb85189b5d25b878dea5632bc142bcaceb7875ad0ebaf2f9f906f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-Y1wb3dLeFkN44nx4B6Hj/sC90nOW7fk66ZcoUfc/MIg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
309842
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"1133a6-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848281
accept-ranges
bytes
3009-f370300f46fc3db5.js
www.lego.com/_next/static/chunks/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/3009-f370300f46fc3db5.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f240a4be2d6ef0cfd69674797f96c85e9c950ffde17ab74dde1040cd10e3d018
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-XYUVsgZjtwpScIfF3WNhW+5J88Wr9oyxqu4Erfc8VsE=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5976
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"5169-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30401476
accept-ranges
bytes
382-e9224d97f894d5e9.js
www.lego.com/_next/static/chunks/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/382-e9224d97f894d5e9.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc726dc6054d9b9aaf9318089f4a2c32c676342db6e47e7b0d3845c8f0456498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-w/mzZeK9ZZei/zACQaDraNVVBjb9MyxMepsoY7pqSYs=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
8023
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Feb 2024 17:31:26 GMT
etag
W/"75a5-18d65b9b5b0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30461452
accept-ranges
bytes
9132-e5416a5a07f41a70.js
www.lego.com/_next/static/chunks/ 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/9132-e5416a5a07f41a70.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ca0c03a6ab16dbb6c58d160c614a7ac6bfb70371fd6010277250e3663165094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob:;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net track.webgains.com api.webgains.io lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob:;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com track.webgains.com *.webgains.io analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com collection.decibelinsight.net portal.decibel.com 'nonce-szwVSEQMuRHKtpaBkdaNlt0MvERcFGFkXcf/NzsC7MA=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
10310
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 05 Apr 2023 09:48:00 GMT
etag
W/"6709-18750d0e480"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30872183
accept-ranges
bytes
242-c177ece41ae42ff1.js
www.lego.com/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/242-c177ece41ae42ff1.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d01b3e0487d06e6ee3c093266c5efebedbee9a459f4e0a0049bbfb1d8a9c6a55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-sO30I+ENyJKraKXZlooCeVWGsGhuZUEfvp40WPxsvFs=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
3230
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Jan 2024 15:09:42 GMT
etag
W/"2402-18ceec5aef0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454958
accept-ranges
bytes
8572-4c02901ca1c2e48a.js
www.lego.com/_next/static/chunks/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/8572-4c02901ca1c2e48a.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e7bb654c203122667a77d58832bd76027278cbf8e931e6366d033bc09c776bd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-HEWJi/fCsBOgLR1pdnHArtoQBUKel0/lfSv0QqK8B98=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
7447
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"49da-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848136
accept-ranges
bytes
9744-5aa94b8094bd2930.js
www.lego.com/_next/static/chunks/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/9744-5aa94b8094bd2930.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88431eab69163087c4fe3921a7daa95bc12975f7006ff31e9eb43800867acb8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-/a8PPNcCT6Vig9Ri1l1rZPfPnalpnjqVLHa4qjmQaZw=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
8021
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"6452-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30401468
accept-ranges
bytes
7160-129de4588d59e536.js
www.lego.com/_next/static/chunks/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/7160-129de4588d59e536.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1287ea23ec8fea7e876523e906de805e958fce89efa29dfebb00b476beaf9403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-j7eYA0dPyxaLpoTZ91fSE4nhVb2ld3JiZoqkshIxo3A=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5839
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 20 Mar 2024 11:50:58 GMT
etag
W/"6527-18e5bb340d0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30244296
accept-ranges
bytes
6530-ec6085ee1a474e03.js
www.lego.com/_next/static/chunks/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/6530-ec6085ee1a474e03.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc7209e7ea5e86da79a2ec2607e8e4a418cf28b5b7ded2b99525f37f6f5ef950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-mSvdjCNTUokjMDD8spGI94eko7d98Vl9b1exgQ6QLCY=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
7116
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"4cea-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30401529
accept-ranges
bytes
7515-32672141a371c3fa.js
www.lego.com/_next/static/chunks/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/7515-32672141a371c3fa.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80896f88a09ad58261e504297250943783df670aedaffdc7434918385c26baed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob:;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net track.webgains.com api.webgains.io lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com track.webgains.com *.webgains.io analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com collection.decibelinsight.net portal.decibel.com 'nonce-+FXBdpF1suH4ATYiz3UNRz+7YWycwVaaobg1juM7Vxo=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
3434
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 08 Sep 2023 09:34:21 GMT
etag
W/"1fd2-18a74247548"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454958
accept-ranges
bytes
7431-bb356825a5f32fdc.js
www.lego.com/_next/static/chunks/ 		14 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/7431-bb356825a5f32fdc.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5bfedeef9cc61b2da79cd6b9e80d30fc61468e51de448ce64c8fb82f6d7dddde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob:;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net track.webgains.com api.webgains.io lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob:;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com track.webgains.com *.webgains.io analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com collection.decibelinsight.net portal.decibel.com 'nonce-Yu/nEepL3CLwD/4esJ/f0u2FuYQN43i1Go99dUeFLlU=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5968
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Mar 2023 17:03:01 GMT
etag
W/"395b-187292c4988"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454958
accept-ranges
bytes
4372-bc95d7047e5b912e.js
www.lego.com/_next/static/chunks/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/4372-bc95d7047e5b912e.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fbfb5ef4b954d5138c19382988c6c87cfce9b6ea39f5d8d0a0cbc23fdfa6bdd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net track.webgains.com api.webgains.io lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com track.webgains.com *.webgains.io analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-MkYhpKYzD3kANKBDq8FLE5lMgzE5mCyu3L+D81ZfMKA=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
4079
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Nov 2023 15:49:52 GMT
etag
W/"2bd4-18bafa02d00"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454958
accept-ranges
bytes
7381-28ea0947f8df24ad.js
www.lego.com/_next/static/chunks/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/7381-28ea0947f8df24ad.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4d50cbb4c5fb2875fac84590436e15cdd648f5616b80324208997930df235bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-LhEzKfuO9WkKeoETESD8e3RS/5ZdSudQ5TryrEXGEEo=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
7789
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"8f75-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848152
accept-ranges
bytes
9242-e57d5496dc3118c9.js
www.lego.com/_next/static/chunks/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/9242-e57d5496dc3118c9.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9cd332bd334e150dae874f18ebe4e09225662da8727e5b47fb276e10377bc4d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-YnGMZSbfo1xiBOnOBHvkQeEdWZzHV0kNQiYJ5M6T3Lw=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
9660
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"7fb9-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848241
accept-ranges
bytes
6323-feb89a6d8e54fc93.js
www.lego.com/_next/static/chunks/ 		104 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/6323-feb89a6d8e54fc93.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9fa0d1672c66e864d12fa4e89939aafe8c03e6d1fa22312bc3c92b9ae675f32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-WKqWCAvr/Jxp0Cg2aCzoa8tvjyrL/KtXUYNSVedkuNE=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
27715
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"1a083-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848257
accept-ranges
bytes
1716-3ce307696c923513.js
www.lego.com/_next/static/chunks/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/1716-3ce307696c923513.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f13cabb7696d2bf88bcbfa352f349751499bfaca9663171402a5df881b245dfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-RP4ozwo2bzx0qcGZtVblS7OI7R5jDJ9wrUaa7/NNuBs=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5221
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"40d2-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848257
accept-ranges
bytes
3755-da235d65c1e8d7d8.js
www.lego.com/_next/static/chunks/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/3755-da235d65c1e8d7d8.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5de0aca90c828b38fc9b027e4904546e04b601010cad29b81c20c43e7b2cf750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-TvJqvMlvHHCm38HpeavvHUHS5b+0bRD+vnh99eJcePI=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
14950
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"ed57-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848156
accept-ranges
bytes
85-97e55dd153b47434.js
www.lego.com/_next/static/chunks/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/85-97e55dd153b47434.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5422fa6670ec0a8ea7e3fb0d918eb8817e645046c6891520ca555a4364663582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-GgqYbnDtMKe8C0amF7YMKV3auWzzZj8wrFcEqlLaOrg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
3752
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"2326-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848262
accept-ranges
bytes
4901-7e489f6fe3777233.js
www.lego.com/_next/static/chunks/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/4901-7e489f6fe3777233.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
83154a313dc8765aa95dd071fdb43d861823656fad5382ca08152a52275d81c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-fNl2MjR/sCTo8ZSdmIZk0xcmtbRrGB7mQZnxXd2Zixw=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
8471
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"7224-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848154
accept-ranges
bytes
5393-92b0b074063a8500.js
www.lego.com/_next/static/chunks/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/5393-92b0b074063a8500.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
443f5a57929dccb9127ca908e1217d54fdc653953fa44c8a77b3120b8d25f317
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-5SC5X0rY1EAK7RpvX4zm4Ou2qStqds8XXU+IfT5Epz0=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
33563
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"20396-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848173
accept-ranges
bytes
4452-9d6389424ce20d0d.js
www.lego.com/_next/static/chunks/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/4452-9d6389424ce20d0d.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
acbf036a89176ec9f1f17cf2be343ec9dc631ab48f2d984fba147382cd59e671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-khAXXG7PelRzYpVYNud1gzX0p9XtgXNLcJgkmkQ6ViA=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
3567
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"2dd6-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848238
accept-ranges
bytes
462-6d82642eaa222009.js
www.lego.com/_next/static/chunks/ 		614 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/462-6d82642eaa222009.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b3019aee6e1dca73a7d9385cec1e74aa552f05ecd9b4ff2a8fa2d13f6e0321d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-QhjaaMObPvh8WT+sli42Yy+sDhx5lGF5nHQjCB11Fz4=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
110794
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"99857-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848305
accept-ranges
bytes
7745-081863f0f45eca12.js
www.lego.com/_next/static/chunks/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/7745-081863f0f45eca12.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91e27d4a5cbef57ed85a49f0eaf958ad8d8750b37f659c8c0426e8f3113c2658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-YsUkUrk6l4UqJ9MM0qP4lBg7VWWoGnowav7H85q8DJ4=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
6354
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"544f-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848185
accept-ranges
bytes
%5B%5B...index%5D%5D-c6fa9473f6dd0485.js
www.lego.com/_next/static/chunks/pages/%5Blocale%5D/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/pages/%5Blocale%5D/%5B%5B...index%5D%5D-c6fa9473f6dd0485.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a62766abfd4dc1831435195c7e7da7f3967f52062dae04be797f1b0e0da60aae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-ZCxDpZZkrWtjzNLitff8CQkJ5ow7tVY3zfi0GD5xa6Q=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5810
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"3e4a-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848267
accept-ranges
bytes
_buildManifest.js
www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/_buildManifest.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f17145ceb307b3f8918102ec7495bdadbeb5c4205e5124e2c47b3f711ab25a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-7cKIaa6h37tPtw8F/SKBhqY2UdGGyszFsm3uinmRypg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
4212
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"4b5f-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848290
accept-ranges
bytes
_ssgManifest.js
www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/ 		77 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/_ssgManifest.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-JufXw0kJKGUbwFQEEvk3yVaBbuuzbCLynXjFNdNZhaQ=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
61
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"4d-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848204
accept-ranges
bytes
_middlewareManifest.js
www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/ 		108 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/_middlewareManifest.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81a190e5f3d97c468124a58cdada8235d90df6a3f599a146d94360d6c37ebce7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-IGtMGHmQc4rkYEp4EgOYtokW0CVpUgTACG8oA7Gfgfk=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
78
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:28:16 GMT
etag
W/"6c-18e7bce3780"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848201
accept-ranges
bytes
account-0060a67786d24d55d3007f070b4ca626.png
www.lego.com/_next/static/images/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/account-0060a67786d24d55d3007f070b4ca626.png
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
492f93fed69c656dd6f28a02543015a32253b16ecbb43eda76f95fd4e1d704e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"439-18e7bcceb78"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-A4cKoSLKpFk3HP+xCltgsbSUjdNP9IyOQ/4KfuzM3rE=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/png
cache-control
public, max-age=51
accept-ranges
bytes
content-length
1081
x-xss-protection
1; mode=block
insidersOut-1007c87df3063963a6a3f7de243ac98e.svg
www.lego.com/_next/static/images/ 		261 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/insidersOut-1007c87df3063963a6a3f7de243ac98e.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
695bd8a3ed844209ded42ea80af9ed0a804661f471b4a9fe39843b7ce454f9bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-Qz2hj/c5OWK9F/sgtr8jMsUGVKgzRX3vEuLvi+NizOg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
209
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"105-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=30
accept-ranges
bytes
brand-lego.svg
assets.lego.com/logos/v4.5.0/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.lego.com/logos/v4.5.0/brand-lego.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e692c130a90f4e348fc484cce8e13d43e5275fef4cec1a3878b8e3d96071a6e0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:14:09 GMT
content-encoding
gzip
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 20:13:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
236055
x-amz-server-side-encryption
AES256
etag
W/"57bacd0c848bc3271c6d1e1052b82530"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000, public
x-amz-cf-id
0qZZ75YvbAi37jDUWZPTMZNXLEm29URwnfgizdNsamkZLpDStx9JIw==
starActive-8f24279ea4ef0bb5bb5e8af9fbab2aab.svg
www.lego.com/_next/static/images/ 		342 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/starActive-8f24279ea4ef0bb5bb5e8af9fbab2aab.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a2be7f0f8bcd35acf40ee39659f30044383acca2d9083788fffc6082566f23e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-YCgZCCSIL1Es0mZPZ8ieuLXM29su9e3kXMfN5+wWrg8=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
239
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"156-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=22
accept-ranges
bytes
halfStar-9b6a3da7ddc2090ed53e3a4c39cfa182.svg
www.lego.com/_next/static/images/ 		551 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/halfStar-9b6a3da7ddc2090ed53e3a4c39cfa182.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b07d9dda59ac87b579efbea00c7ea777fe63066bf14a22aebdbc430bf02ca02f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-8laTaENM6b82bYvkU49nl7r8RC3n5fKZfxsNzGJRjRk=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
341
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"227-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=29
accept-ranges
bytes
star-137de11c52562366e254d16196f7b51c.svg
www.lego.com/_next/static/images/ 		342 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/star-137de11c52562366e254d16196f7b51c.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46d1bab5d53f00714797bc74959afbaef9c685b390a55b737ce08ef41fef7a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-+hB8VBtV0x6d3EP02Jt1v1ye8crlsOzSy8b8r04OLg0=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
236
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"156-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=46
accept-ranges
bytes
facebook-895fba5a20c4facacb9655dade1d256c.svg
www.lego.com/_next/static/images/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/facebook-895fba5a20c4facacb9655dade1d256c.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ee7ad9e16a2ba29e59ef1904ba7cc7eae49551ded00014aa3860f40ce546d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-OWdcJEzwP/HS1ASm6ugpOMrEEmsQsiJIyPgdN57/bv8=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
550
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"5a7-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=29
accept-ranges
bytes
twitter-4bee8e762dd6042960b804964fd64103.svg
www.lego.com/_next/static/images/ 		532 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/twitter-4bee8e762dd6042960b804964fd64103.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d3d566990585fe960360cfd0c6cfa0de938fa84b4e061c90bdaf0f72e4a333a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-nY0vqZjEXGIrKmjPcC2hyDPOU2Ak38bIicfsMKIUY9Q=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
367
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"214-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=13
accept-ranges
bytes
instagram-e47f0d4b15ff76083b415be91e96f43b.svg
www.lego.com/_next/static/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/instagram-e47f0d4b15ff76083b415be91e96f43b.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2ffdb7e6780631cc1476372ffdef6fd3fa5d5f0a51f66110fde0b8969f14c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-WFAgAbbsBNfwyLKEBRKYzY4gsB35tqU1ezcrGkxlfGY=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
1019
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"bc2-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=11
accept-ranges
bytes
youtube-c51b2c62583921aae813fdc55df5f9d2.svg
www.lego.com/_next/static/images/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/youtube-c51b2c62583921aae813fdc55df5f9d2.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0fd26d5347883a1efa127f23590d63d52d26f011280961c6241f5d61d4c92490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-o3Y3Hn4NKexa+6tAxfIZzA02tTIxbGlY5ziAGO/XSVI=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
479
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"412-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=38
accept-ranges
bytes
CeraPro-Medium.woff2
assets.lego.com/fonts/v3/cera-pro/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.lego.com/fonts/v3/cera-pro/CeraPro-Medium.woff2
Requested by
Host: www.lego.com
URL: https://www.lego.com/_next/static/css/aed1ef14a374654d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bed96a75857452e5f79b8e237eaf6498a7540e6d83955ba5903354905b7b2a5a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
Origin
https://www.lego.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:14:09 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
236055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46764
last-modified
Mon, 25 Mar 2024 20:09:38 GMT
server
AmazonS3
etag
"561288a6b423c7c1faac8255747dd732"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
zP_xr-e7Z9veR-PiDI4PQR6asUQxifjsTjv2uVhrt1kto8vFPONA8g==
CeraPro-Bold.woff2
assets.lego.com/fonts/v3/cera-pro/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.lego.com/fonts/v3/cera-pro/CeraPro-Bold.woff2
Requested by
Host: www.lego.com
URL: https://www.lego.com/_next/static/css/aed1ef14a374654d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7845a286d9b1a1d71bf603d1ba585f8a2ee8b6c5a294c2d88cd239982df9556f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
Origin
https://www.lego.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:14:09 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
236055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46304
last-modified
Mon, 25 Mar 2024 20:09:38 GMT
server
AmazonS3
etag
"f9bac5cd373511f7b8b02862984933c8"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
_T0fRc3-ZLxIlQvkhPIsL9_2XADqnmRQENl7GXgAQBKOYo7cPTNexw==
Jan-Feb-DrivePeriod-Home-202401-Quicklink-New.png
www.lego.com/cdn/cs/set/assets/blta6e69aaa6a8814f9/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blta6e69aaa6a8814f9/Jan-Feb-DrivePeriod-Home-202401-Quicklink-New.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
3a301ae0edd5a0648c5adc884e8afe30e8dc68e6c00e68aa4fb57fced3a2d20e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"h8ygV6UgIUhSNmWN505YHxzyONKLQnN+LONZNFcJzNo"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-New.webp
accept-ranges
bytes
content-length
1866
x-amz-cf-id
oajhDNNmjzx-KrSWjTv2YxzxpwKOkK-t1AaaVo4ukoV4CgINj5DFXQ==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-Exclusive.png
www.lego.com/cdn/cs/set/assets/bltea57974da2e170ca/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/bltea57974da2e170ca/Jan-Feb-DrivePeriod-Home-202401-Quicklink-Exclusive.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
9e7a3d4c1f0b860934fb9195d32c00eaea2fb5c5f037655678370eb3b80fa8fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"IF/THCw4sA2PSX4w7QxRtIEWLuTn7N7f0uI7kHZ9820"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-Exclusive.webp
accept-ranges
bytes
content-length
2022
x-amz-cf-id
2jTRyTmIwWmAi66xXtq0Cs_XA5QAoGAby--qGSe0RwKW_LCTEHagGQ==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-Offer.png
www.lego.com/cdn/cs/set/assets/blte02a20b2427c36ca/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blte02a20b2427c36ca/Jan-Feb-DrivePeriod-Home-202401-Quicklink-Offer.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
72fbab48b3b6d3cd572b30c8ec61df29531a74a995be19a4f67399e39a61d9b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"j9HxT7bRwneAC24qieAD0MNXsl/Dg3rmLHzk5RvBzLs"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-Offer.webp
accept-ranges
bytes
content-length
3054
x-amz-cf-id
-jIF3NfdRqg75NOMp82fCt6o7Lh70_tficarzbBSsR_zkypgyWl1Nw==
x-xss-protection
1; mode=block
QLs-Botanicals-Quicklink.png
www.lego.com/cdn/cs/set/assets/blt363c86b675a874a8/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt363c86b675a874a8/QLs-Botanicals-Quicklink.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
0d885d596329309eb3ef6f0346cff1f6c56f7eabbfeed278809b047508bf9fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"yjMwIKguoEla9O+8Ef6wLPejATlYIpWLMwaY9owh2Vs"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=QLs-Botanicals-Quicklink.webp
accept-ranges
bytes
content-length
3308
x-amz-cf-id
IjR-W5GrMUtcrQpH4Wo1Zmu4AhYggVaXUiMgDVhFZQ2hov01qQGGww==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-SW.png
www.lego.com/cdn/cs/set/assets/blte8d0492aac3dc384/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blte8d0492aac3dc384/Jan-Feb-DrivePeriod-Home-202401-Quicklink-SW.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
0f0213bb61193fe9bd1db34e37c416e165905b41bf5bab10004c093bbfd2f393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"/QZKtExbRpCmY1oKXc9JVRaufmHFZLH1fyHscIgX10g"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-SW.webp
accept-ranges
bytes
content-length
2352
x-amz-cf-id
OxYVZXVhyGvuPa5FaGY-qo8WuSjLyMbPOTAUZC-BaSbr34FQ2hK90Q==
x-xss-protection
1; mode=block
QLs-Eid-Quicklink.png
www.lego.com/cdn/cs/set/assets/blt65b97239fbde37ee/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt65b97239fbde37ee/QLs-Eid-Quicklink.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
e3d61a771a3bef22a81f994b314744da2f1337253c04c4336fc79b55baa2ba0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"x/lnhlF0t2CnovF6QuMkAIUBqG655vlwr3nQvFXiEnE"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=QLs-Eid-Quicklink.webp
accept-ranges
bytes
content-length
1918
x-amz-cf-id
DGLvW1jAJVOrK6r8-HuDfbKlIx3J5Oi6Er4q3GKKnAt1dviQ9FXAgg==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-Nin1.png
www.lego.com/cdn/cs/set/assets/blt2a5dc2f3c5f3f3a1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt2a5dc2f3c5f3f3a1/Jan-Feb-DrivePeriod-Home-202401-Quicklink-Nin1.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
a2bceea1b482fe9700cf170b68a55d4b0fda4aa8d2c54f0bb23373208fca5e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"gXLXlirLVD1iEjAuHGOb4lwUd6etm4mhntlDucMb5O8"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-Nin1.webp
accept-ranges
bytes
content-length
2836
x-amz-cf-id
mmwjy_zPoqqupwTqbdSAhS5-_4P7oayDkufv2bfNtIbyQV5Qd_2LXw==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-Insiders.png
www.lego.com/cdn/cs/set/assets/blt0b3aedf4c1a73232/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt0b3aedf4c1a73232/Jan-Feb-DrivePeriod-Home-202401-Quicklink-Insiders.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
58f9ec6aa5ec9fc171df70d808ae13a87b7c1d11095608af1e79962ba4bbadb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"3M7eKKab2JfFZSmp8F8K/4T7i9vKTQAEHbAKz9+hNho"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-Insiders.webp
accept-ranges
bytes
content-length
1296
x-amz-cf-id
17hBqLhilkTIdHc4pn-nyxqA-0ZfNCvXGeG_DjOkLOzvGLN17GQtsA==
x-xss-protection
1; mode=block
checksession
identity.lego.com/connect/ Frame 297D 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identity.lego.com/connect/checksession
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:c200:19:9f8c:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
53057dc9152f37cb198b8575778397d7786d804d851c5ac0b4d353dc232200ca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'sha256-fa5rxHhZ799izGRP38+h4ud5QXNT0SFaFlh4eqDumBI='; frame-ancestors https:; form-action 'self'; report-to csp-endpoint
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lego.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
1781
cache-control
public, max-age=3600
content-security-policy
default-src 'none'; script-src 'sha256-fa5rxHhZ799izGRP38+h4ud5QXNT0SFaFlh4eqDumBI='; frame-ancestors https:; form-action 'self'; report-to csp-endpoint
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 04 Apr 2024 13:18:42 GMT
expect-ct
enforce, max-age=86400
feature-policy
autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; vr 'none';
permissions-policy
autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), microphone=(), midi=(), payment=(), vr=()
referrer-policy
no-referrer
report-to
{"group":"csp-endpoint","max_age":3600,"endpoints":[{"url":"/api/v1/report"}]}
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-amz-cf-id
g54xtRllBLmHaSoQ9LCZiuFvurer6jdXOZo0Osr7NCkStPBqdc_ytw==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-correlation-id
Root=1-660ea8b2-6324078911d8f8767502006f
x-robots-tag
noindex, noarchive
callback
www.lego.com/identity/ Frame 73A1
Redirect Chain
  • https://identity.lego.com/connect/authorize?appContext=false&adultexperience=true&hideheader=true&scope=openid+email+profile+dob&response_type=id_token+token&client_id=316ad352-6573-4df0-b707-e7230...
  • https://www.lego.com/identity/callback
479 KB
121 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/identity/callback
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a889946cd0173a59e08bef010d16bdf03e71e2f1b414cd9bfe0c6d0427e3b834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=25
content-encoding
gzip
content-length
122048
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-oB07oQ7LExAvT79HmGo+xiRQcEAzpHDv66rA2i5TfXg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
text/html; charset=utf-8
date
Thu, 04 Apr 2024 13:48:27 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, max-age=0
content-length
0
content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'none'; form-action 'self';
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 04 Apr 2024 13:48:27 GMT
expect-ct
enforce, max-age=63072000
feature-policy
autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; vr 'none';
location
https://www.lego.com/identity/callback#error=login_required&state=902LnyBRONWy3RHR&session_state=NH9hJh92rAtOcOEiAoF8I5tpiYe7I6lmOjkLOzCDTtU.BA119096DB1522F296BD7A0394DF4132
permissions-policy
autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), microphone=(), midi=(), payment=(), vr=()
pragma
no-cache
referrer-policy
no-referrer
report-to
{"group":"csp-endpoint","max_age":3600,"endpoints":[{"url":"/api/v1/report"}]}
server
LEGO-Identity
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-amz-cf-id
e-0-4J7NbnTdiYlKsV1exuIxYblWQtXXew_hkaoesgtb9Xiuk_Q3zg==
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-robots-tag
noindex, noarchive
6502.6f45250d2ea42c79.js
www.lego.com/_next/static/chunks/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/6502.6f45250d2ea42c79.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12ce77e934df463891f63dab5fe44a450dfe4594c9d166565781e896c40182cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob:;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net track.webgains.com api.webgains.io lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob:;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com track.webgains.com *.webgains.io analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com collection.decibelinsight.net portal.decibel.com 'nonce-swnteZvCaHUMZpp4D7aUPZVnYX9qBxz0EMmX4kvX9OI=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
19285
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Mar 2023 17:03:01 GMT
etag
W/"f0b6-187292c4988"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454955
accept-ranges
bytes
8835.ee7f540a3b4a617b.js
www.lego.com/_next/static/chunks/ 		189 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/8835.ee7f540a3b4a617b.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c9a936326b042aee240252c3c2176805b1979a39f6873645ccf6b7b2aeb81b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob:;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net track.webgains.com api.webgains.io lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob:;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com track.webgains.com *.webgains.io analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com collection.decibelinsight.net portal.decibel.com 'nonce-5Y9b+5aMNNVDhmfC9yeWy2aw+lhB5L0HJxD688GDqXk=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
179
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Mar 2023 17:03:01 GMT
etag
W/"bd-187292c4988"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454955
accept-ranges
bytes
arrow-99d46cc05583ff4670248c5d6bd3a14b.svg
www.lego.com/_next/static/images/ 		358 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/images/arrow-99d46cc05583ff4670248c5d6bd3a14b.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
864433fb3cbb2354f9558dc71473c7241f37e882dc22b11f265e9495842734a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-5525bd0f7b863700----1712238504174
traceparent
00-e298dfef4f93a4568e1854e13e5f8a74-5525bd0f7b863700-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiNTUyNWJkMGY3Yjg2MzcwMCIsInRyIjoiZTI5OGRmZWY0ZjkzYTQ1NjhlMTg1NGUxM2U1ZjhhNzQiLCJ0aSI6MTcxMjIzODUwNDE3NH19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-usCIU/Tqrluni9jUBFXUo8uURt1+1ErrAJ73XXOR0fQ=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
247
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"166-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=13
accept-ranges
bytes
chevron-494b9b8af02694bff1d97365cdb90f47.svg
www.lego.com/_next/static/images/ 		191 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/images/chevron-494b9b8af02694bff1d97365cdb90f47.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b7d2971c3439be53484e5d6a7a0025a256ec58be8887882bd229a9383fe92c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-40a43ce876054eb5----1712238504176
traceparent
00-87b0b5eef028ca757f06f4b5cdf45437-40a43ce876054eb5-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiNDBhNDNjZTg3NjA1NGViNSIsInRyIjoiODdiMGI1ZWVmMDI4Y2E3NTdmMDZmNGI1Y2RmNDU0MzciLCJ0aSI6MTcxMjIzODUwNDE3Nn19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-A2pedjALJfIGMD7RPvb013+Aoqh/uiFJTFqdc7UCHs0=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"bf-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=51
accept-ranges
bytes
pinpoint-8babc5caf8f97d05df486da918a90c84.svg
www.lego.com/_next/static/images/ 		580 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/images/pinpoint-8babc5caf8f97d05df486da918a90c84.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d740e2399385e4626532b9856b8be7849caee596e280e306a0297628cdc883fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-766e60e0f8e0b7db----1712238504176
traceparent
00-f779f614727fb19e76b864b73b076362-766e60e0f8e0b7db-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiNzY2ZTYwZTBmOGUwYjdkYiIsInRyIjoiZjc3OWY2MTQ3MjdmYjE5ZTc2Yjg2NGI3M2IwNzYzNjIiLCJ0aSI6MTcxMjIzODUwNDE3Nn19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-R+4pdBdKynBu0FY3gB2Tw7CXYF0+cVRrx9X5/9xb95Q=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
313
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"244-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=27
accept-ranges
bytes
cross-d270714807a15ba4e54f03bd39d89ab8.svg
www.lego.com/_next/static/images/ 		304 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/images/cross-d270714807a15ba4e54f03bd39d89ab8.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a49f3a4c7fe78003fffc607ac6f2612cc7f91b058ea7cb02e679aec896bb9e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-fc501858ea5d44fc----1712238504176
traceparent
00-fa8da92cdca9057b37295006b555e576-fc501858ea5d44fc-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiZmM1MDE4NThlYTVkNDRmYyIsInRyIjoiZmE4ZGE5MmNkY2E5MDU3YjM3Mjk1MDA2YjU1NWU1NzYiLCJ0aSI6MTcxMjIzODUwNDE3Nn19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-tMq46/kXRJtetLtW2AW8u4CERFJMSbb8kymz4PuSnP4=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
210
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"130-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2
accept-ranges
bytes
search-dd01108764ce7ddd9a32f4982206bed6.svg
www.lego.com/_next/static/images/ 		918 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/images/search-dd01108764ce7ddd9a32f4982206bed6.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6eaaf848f310fe8fa193f76881773c6238dc3d8944fd8f5e9015d9a494dea8b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-5c6bece5e0b82217----1712238504177
traceparent
00-5ce3afae37b378080f5a8ec171e2384c-5c6bece5e0b82217-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiNWM2YmVjZTVlMGI4MjIxNyIsInRyIjoiNWNlM2FmYWUzN2IzNzgwODBmNWE4ZWMxNzFlMjM4NGMiLCJ0aSI6MTcxMjIzODUwNDE3N319
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-pFEZx3lm9NwFHRYbuUPNLkQV6sDeIkf4ZTXYL2sJh+s=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
484
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"396-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=41
accept-ranges
bytes
account-090c5d3f358caeb1b23cf4bb7fcbadc2.svg
www.lego.com/_next/static/images/ 		1015 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/images/account-090c5d3f358caeb1b23cf4bb7fcbadc2.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5ce2545ab7cac8c5d8fff37ccda9a4ca9d21f6fde6da509f638f6be251a97bc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-fefe44beb7c4b047----1712238504177
traceparent
00-4b235fdd9c2f29d17774feea88776316-fefe44beb7c4b047-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiZmVmZTQ0YmViN2M0YjA0NyIsInRyIjoiNGIyMzVmZGQ5YzJmMjlkMTc3NzRmZWVhODg3NzYzMTYiLCJ0aSI6MTcxMjIzODUwNDE3N319
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-NGb3auN7SbePaTLVn1/yC1UZ4fYEhNTYWsASZ0rHHS4=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
491
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"3f7-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=8
accept-ranges
bytes
wishlist-c558e82002523c6ca49f83762c3a53af.svg
www.lego.com/_next/static/images/ 		569 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/images/wishlist-c558e82002523c6ca49f83762c3a53af.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b9af9b5b88f5d0b41c78a72e73f5bc2a4861343ccef1ecfdb827515c0683349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-8e4602fcaab45650----1712238504178
traceparent
00-8f6674cb75b6bc632e93dcf6e2891971-8e4602fcaab45650-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiOGU0NjAyZmNhYWI0NTY1MCIsInRyIjoiOGY2Njc0Y2I3NWI2YmM2MzJlOTNkY2Y2ZTI4OTE5NzEiLCJ0aSI6MTcxMjIzODUwNDE3OH19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-YO3wnUBPJbHjWm9EX4dyQbRuSxYipUCo9RXgNd0CLoU=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
357
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"239-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=3
accept-ranges
bytes
bag-300d8ef320c96b29e4f3828b90fbdfb8.svg
www.lego.com/_next/static/images/ 		761 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/images/bag-300d8ef320c96b29e4f3828b90fbdfb8.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3994cb66e263fe0d699d807f5e017f6eb8b30de8023ca5b16366063b43ddc179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-1fdfafb158d032e7----1712238504178
traceparent
00-b1f26b507e0162e69bc10822604be550-1fdfafb158d032e7-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiMWZkZmFmYjE1OGQwMzJlNyIsInRyIjoiYjFmMjZiNTA3ZTAxNjJlNjliYzEwODIyNjA0YmU1NTAiLCJ0aSI6MTcxMjIzODUwNDE3OH19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-Ce2pn8o4mkKCQS8kWiwk8CoPS4AECLKnNC/2jhhbEA4=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
462
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"2f9-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=39
accept-ranges
bytes
21348-Exclusive-202404-Homepage-LS-Hero-Standard-Large.jpg
www.lego.com/cdn/cs/set/assets/blta69d7d96700d8229/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blta69d7d96700d8229/21348-Exclusive-202404-Homepage-LS-Hero-Standard-Large.jpg?fit=crop&format=webply&quality=80&width=1600&height=500&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
ef1280b0fcd3b992ef7fbecc084a640bcd61d5305094388813a6fb95f6b0c2ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"TWa6T7ljHuADGytvoU1hln8/W3ziOK9SQ4B7phrI5zo"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=21348-Exclusive-202404-Homepage-LS-Hero-Standard-Large.webp
accept-ranges
bytes
content-length
59498
x-amz-cf-id
42Js7y9oClSlMzcBlt8gc2w42LlpxPYHgN6vncCzJJ2eSAWRqXw3ug==
x-xss-protection
1; mode=block
dungeons-and-dragons-logo-600w.png
www.lego.com/cdn/cs/set/assets/blt6163c3f27f7b3d6d/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt6163c3f27f7b3d6d/dungeons-and-dragons-logo-600w.png?format=png&height=60&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
87719ff4a6d391e5a7048b32b7a571e695468e328bf42ce2023c5bd25627ce09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"ASHEF3h1fxhoBThcIAQXGu2EUz+auRRvJ1O15EcM9Zs"
x-frame-options
deny
content-type
image/png
cache-control
public, max-age=172800
content-disposition
inline; filename=dungeons-and-dragons-logo-600w.png
accept-ranges
bytes
content-length
13392
x-amz-cf-id
-v1yg-vz4JFA82QcxZNjoj2Mb7V3TYHnFxQScezldkUaFcpgz5YTSA==
x-xss-protection
1; mode=block
76271-Exclusive-202404-Block-Standard-3.jpg
www.lego.com/cdn/cs/set/assets/blt27ac7acf67523393/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt27ac7acf67523393/76271-Exclusive-202404-Block-Standard-3.jpg?fit=crop&format=webply&quality=80&width=635&height=440&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
1b9c2c9586d4657810274c972ea543e0730ed50d911290e523e59d63564126e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"77iPXgcAB2M9RW4TXJH/XlOL5xT/p8NxcMs0OAo014E"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=76271-Exclusive-202404-Block-Standard-3.webp
accept-ranges
bytes
content-length
43430
x-amz-cf-id
uC00psJTFhFgzt8Ygxf_qKvLmGyNEMYlqtmFp7PYPgm2Yft9RQl0yQ==
x-xss-protection
1; mode=block
RacingCampaign-KV-Page-202404-Block-Standard.jpg
www.lego.com/cdn/cs/set/assets/blt4612421c38d75027/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt4612421c38d75027/RacingCampaign-KV-Page-202404-Block-Standard.jpg?fit=crop&format=webply&quality=80&width=635&height=440&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
631ed4bde5ae30de92114c51045e4c72cda402bed18563d7d3c3fc7379813141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"9wav0EJO+aUl6zhiZRP+PtWx2WKIWt6bdQCvKr0HKnY"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=RacingCampaign-KV-Page-202404-Block-Standard.webp
accept-ranges
bytes
content-length
57532
x-amz-cf-id
oHRGoI-hbUpeNP-Ad8-wGK5bkzrxF8xEbHb5a-M3QdunD2_KmYOCXA==
x-xss-protection
1; mode=block
10332-Homepage-202403-Block-Standard.jpg
www.lego.com/cdn/cs/set/assets/blt7ab5668500f26d43/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt7ab5668500f26d43/10332-Homepage-202403-Block-Standard.jpg?fit=crop&format=webply&quality=80&width=635&height=440&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
a9893afa098f26137d5731d7a5d5b6013510c8473d4022b808c0ca84cb63f3ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"Dy4FVk1tIMG0EpUzpZnmKt3wiMhFG28BqQdxPyOWJe8"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=10332-Homepage-202403-Block-Standard.webp
accept-ranges
bytes
content-length
22700
x-amz-cf-id
RDB6H_OWk7_dQXuSTvtAaQucR4-0t-HNIF0q4q9zCpjR8n-7Jed8fg==
x-xss-protection
1; mode=block
icons-logo-neg-600w.png
www.lego.com/cdn/cs/set/assets/bltdb8d448dcc06cf2b/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/bltdb8d448dcc06cf2b/icons-logo-neg-600w.png?format=png&height=60&dpr=1
Requested by
Host: www.lego.com
URL: https://www.lego.com/de-de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
fa15278dddf5b4ac047ade4e1763a14284ee88c7b7b718b7808216024a6c1000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"NLL4c5VR0CLXAlzGOUOizOiNvAdjz37+SkQxLiA2wFE"
x-frame-options
deny
content-type
image/png
cache-control
public, max-age=172800
content-disposition
inline; filename=icons-logo-neg-600w.png
accept-ranges
bytes
content-length
10012
x-amz-cf-id
xHRgafP0nbu8u-WHq2CxrGlNzpA5Qd5pi3ObDDHAbAP7qgWNl9cVxg==
x-xss-protection
1; mode=block
newrelic.js
www.lego.com/ Frame 73A1 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/newrelic.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b72f78c410b7a135448aa0772466867c39cdab2b688f5173ebc91dbe87de7c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 18 Jan 2024 13:04:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"1bda1-18d1cabddd0"
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-Q8cN36E3jRbAc+6RoPVOYXkB4C8W95Hr6am0piNooJg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=538687
accept-ranges
bytes
content-length
24257
x-xss-protection
1; mode=block
aed1ef14a374654d.css
www.lego.com/_next/static/css/ Frame 73A1 		68 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/aed1ef14a374654d.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
168999d6f3807faa988d858fe8a2426c1902825b15cc8147718795411371ca65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-4WwR+LsNg+J6db+fBWpVrZfA/buyYtdCHTfPRyGIc74=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
13518
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"10f59-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401651
accept-ranges
bytes
ff238423a7732adc.css
www.lego.com/_next/static/css/ Frame 73A1 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/ff238423a7732adc.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c40011763d95175c270640dfa3cc53da4eefe88b514ebd357d5735589e91aae9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-hSWCmpXIjOHy0z4GL0p/p0V70L399CPuPkyrljmYbnE=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
530
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"6da-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401599
accept-ranges
bytes
webpack-7a106797cad6ad28.js
www.lego.com/_next/static/chunks/ Frame 73A1 		9 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/webpack-7a106797cad6ad28.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e4dbaa4e9662f1ffb8c70372893cd5306eb56c39bc0a0d40cb65d1af62bbd10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-oOgJAXnem+3dTH4wxaO4MJZIQvV7Pd1Oo9JSUSsr4qo=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
4437
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"2498-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848248
accept-ranges
bytes
framework-895245ddb8ded7aa.js
www.lego.com/_next/static/chunks/ Frame 73A1 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/framework-895245ddb8ded7aa.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb0e63b87ec0f72593b405383f8f4e423e87e3916b6afc78b927006aa921fd92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 14:19:05 GMT
etag
W/"228ab-183c769d3a8"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454954
accept-ranges
bytes
content-length
45510
x-xss-protection
1; mode=block
main-9aece1aa182f842b.js
www.lego.com/_next/static/chunks/ Frame 73A1 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/main-9aece1aa182f842b.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cbe1f12a684d8f2eecd6cd871264adf7c5a09a7b68c37b719e3e82a1271a4320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Oct 2022 14:19:05 GMT
etag
W/"e7cb-183c769d3a8"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454954
accept-ranges
bytes
content-length
19230
x-xss-protection
1; mode=block
_app-fc52fe74f83666cc.js
www.lego.com/_next/static/chunks/pages/ Frame 73A1 		1 MB
305 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/pages/_app-fc52fe74f83666cc.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f29fe3c195fb85189b5d25b878dea5632bc142bcaceb7875ad0ebaf2f9f906f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-Y1wb3dLeFkN44nx4B6Hj/sC90nOW7fk66ZcoUfc/MIg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
309842
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"1133a6-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848277
accept-ranges
bytes
callback-0d6f88482b62633c.js
www.lego.com/_next/static/chunks/pages/identity/ Frame 73A1 		55 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/chunks/pages/identity/callback-0d6f88482b62633c.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
89ace3bbf70bf2a8a84f70052d009e8d0ace3893785a72984ce34635da2d402e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-5t64yGP5dralPM2877UDiE7X/JTDMTFqWEyqvd2Yv5U=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
23863
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 28 Feb 2024 15:52:58 GMT
etag
W/"da2f-18df06b4390"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31454955
accept-ranges
bytes
_buildManifest.js
www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/ Frame 73A1 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/_buildManifest.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f17145ceb307b3f8918102ec7495bdadbeb5c4205e5124e2c47b3f711ab25a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-7cKIaa6h37tPtw8F/SKBhqY2UdGGyszFsm3uinmRypg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
4212
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"4b5f-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848286
accept-ranges
bytes
_ssgManifest.js
www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/ Frame 73A1 		77 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/_ssgManifest.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-JufXw0kJKGUbwFQEEvk3yVaBbuuzbCLynXjFNdNZhaQ=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
61
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"4d-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848200
accept-ranges
bytes
_middlewareManifest.js
www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/ Frame 73A1 		108 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/iutA3BdV8DUPZHgLQoAzo/_middlewareManifest.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/identity/callback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81a190e5f3d97c468124a58cdada8235d90df6a3f599a146d94360d6c37ebce7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/identity/callback
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-IGtMGHmQc4rkYEp4EgOYtokW0CVpUgTACG8oA7Gfgfk=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
78
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:28:16 GMT
etag
W/"6c-18e7bce3780"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=30848197
accept-ranges
bytes
nr-spa-1.250.0.min.js
js-agent.newrelic.com/ Frame 73A1 		0
0
nr-spa-1.250.0.min.js
js-agent.newrelic.com/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.250.0.min.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8aaf0af04baf8eaa35b1ac46ed02d131a8d3c44896b92a45fa1555c70ebc94c9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
Origin
https://www.lego.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9CPSHfU_b43id9HPDI1ELov4Sz01U0Ym
content-encoding
br
via
1.1 varnish
date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=300
x-amz-request-id
PS9MSXBPC2K2B7VZ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
28786
x-amz-id-2
xkohxHNMf7IaNFapesK+Ahq3YNM/MeVHLHJJJbmv8Hwa4rGcE2j13Tofz/FC/rYVeIxrc2JmpIw=
x-served-by
cache-fra-eddf8230130-FRA
last-modified
Tue, 09 Jan 2024 19:15:56 GMT
server
AmazonS3
etag
"6e3b65f7f44fa4b3bf86d1f0187490ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
988
Login
www.lego.com/api/graphql/ 		987 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/api/graphql/Login
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b19ced7b0e1404fc15f9026a17311255380fe6595f34d1c68e4f70b1d50bc93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-locale
de-DE
tracestate
1746871@nr=0-1-1746871-103247468-1f9fccb5c711fec0----1712238507306
accept-language
de-DE,de;q=0.9
authorization
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiMWY5ZmNjYjVjNzExZmVjMCIsInRyIjoiYWI1Y2VlNDA3ZjhjYmZhNWRiZjA5MmVkMjhjNTkxNDgiLCJ0aSI6MTcxMjIzODUwNzMwNn19
session-cookie-id
yOXmNOgqrDkkgadXssXMC
x-lego-request-id
4e8e81c4-a6dd-43e3-83cb-29a5123db884-app-shop-c-0861ba1a
sec-ch-ua-platform
"Win32"
fff-id
8adcfeff-8612-48ad-bb60-fb9091de0dc9
traceparent
00-ab5cee407f8cbfa5dbf092ed28c59148-1f9fccb5c711fec0-01
sec-ch-ua-mobile
?0
lid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
visitor-guid
09b7ab08-eb20-4982-a51d-566373d69c7a
content-type
application/json
accept
*/*
Referer
https://www.lego.com/de-de

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
779
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"3db-/4Q6EfG1iPKphYhm53Etz7VdqxU"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lego.com
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
expires
Thu, 04 Apr 2024 13:48:27 GMT
favicon-32x32.png
www.lego.com/ 		2 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4441197109e31f53a0ce2103fac8a315e3ffd5bec98f5c3c5769d0244eab8e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 25 Jan 2024 15:37:37 GMT
etag
W/"749-18d4144fde8"
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-gNN5HrNggfkGP+oAJEDO1A/qbq7wVFSUHRE48m2MSHI=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/png
cache-control
public, max-age=1241053
accept-ranges
bytes
content-length
1865
x-xss-protection
1; mode=block
wizard
lego.report-uri.com/r/t/csp/ 		0
618 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lego.report-uri.com/r/t/csp/wizard
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.184.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
86f1c18f0f139750-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
df07c5d304
bam.nr-data.net/1/ 		150 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=4199&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0&af=err,xhr,stn,ins,spa&be=54&fe=4092&dc=574&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1712238503137,%22n%22:0,%22f%22:0,%22dn%22:25,%22dne%22:25,%22c%22:25,%22s%22:31,%22ce%22:40,%22rq%22:40,%22rp%22:54,%22rpe%22:88,%22di%22:419,%22ds%22:628,%22de%22:628,%22dc%22:4142,%22l%22:4145,%22le%22:4146%7D,%22navigation%22:%7B%7D%7D&fp=323&fcp=323
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ad4d297f52c25fc618a5d58d9829812f28982a5f04a7efe8d514558fa60767e5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.lego.com
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
timing-allow-origin
https://www.lego.com
Content-Length
150
x-served-by
cache-fra-etou8220033-FRA
Flags
www.lego.com/api/graphql/ 		1 KB
936 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/api/graphql/Flags
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
faea0204fef6d933838c47ca3551c66714b74e27687d9503570c20f2b1def065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-locale
de-DE
tracestate
1746871@nr=0-1-1746871-103247468-dbc9cd8c1543b8cb----1712238507483
accept-language
de-DE,de;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InB1YiI6e30sInB2dCI6Ik1ZM2dIZERlaXkvM2VmdlhXUmx1YjZKZmk1aWt1QkdjT1cwNHludFFySGNGakFEd0JZd3VjVlNBOHVqMm5FYzQ1SEdlaWJGb3N5TFliQ0h2SmszdE1laXpJU3JjTlM0UGxzWTR0U3RqVHFGQ084d3RoQzl2SHZuTjlma2xHZHJNLzRmcXdsOG5zZ3AxVjBpM1E3OU8zWmN6VkNadVozT2h1QWltQnRYaU5xbmpGRERVM3B1ekpWWkdLb000MGN6VVcyT1Z0bTduRzByVnVMZEdUK0cvWlBYdWRncnJDK3U0bXRCRDBtekJwdStVY0lNVnJFR3NhYWFTTS9EZkpsZWNNYk04TVFFNlpaQmpyVXdJRTNWS3d1aGYxMHdxY3Q4QmIwOHBYUGJPU0JWMUxtQVl6cG1CNlU3MWNRRlozSThzcmRibWU4Y0tTSzNsWWZKNUFpclA4YzJuV0lIT0xsZkRWNWhLelpSN1RoVHNsR0V2WjlhWmt0YjVFc3BUY3o0ZWtJOHZJWGJualdmeXljb0ppU0crK05WcVRNdnUwVGhXbE9rSzFMdE9lWG14dDFtMWs0OEdmbXpLemQ0NWFrQ1VudElUcUlrMWdwTWFjSUFzZGt2cCtWUWpZQml0ZlNVTklXUko3czhwOU1Mc2pEcjZjdWtkY2g2ZjV6TldZSW0yalpBeFJSVXhlTnR3WUp3WDVMN1NHbXR4QTQxTE1NdkZZN3pnb3JncFlWVTVYZ2dwVEo5YXU0SEdnK3dJZS9reS5zcHhPdXRIbjVNOVZnc0UvVEdjWVNBPT0ifSwiaWF0IjoxNzEyMjM4NTA3LCJleHAiOjE3MTIyNDkzMDd9.-m9UseSct6Jq_hsnL7Rcw4DxfRhvsoMUYbukp7ANrnw
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiZGJjOWNkOGMxNTQzYjhjYiIsInRyIjoiMzdkNDg1Nzg0NDk4ZDQ3NmE3ZTU1YjE3M2QxYjJkMGEiLCJ0aSI6MTcxMjIzODUwNzQ4M319
session-cookie-id
yOXmNOgqrDkkgadXssXMC
x-lego-request-id
4e8e81c4-a6dd-43e3-83cb-29a5123db884-app-shop-c-0861ba1a
sec-ch-ua-platform
"Win32"
fff-id
8adcfeff-8612-48ad-bb60-fb9091de0dc9
traceparent
00-37d485784498d476a7e55b173d1b2d0a-dbc9cd8c1543b8cb-01
sec-ch-ua-mobile
?0
lid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
visitor-guid
09b7ab08-eb20-4982-a51d-566373d69c7a
content-type
application/json
accept
*/*
Referer
https://www.lego.com/de-de

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
521
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"406-Tv+NGjx5FKo63JkHFCFIW3QL+4g"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lego.com
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
expires
Thu, 04 Apr 2024 13:48:27 GMT
UserQuery
www.lego.com/api/graphql/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/api/graphql/UserQuery
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef7dbf559d0f684b59d077a8092095d97be270a3866005fed9738005f4142efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-locale
de-DE
tracestate
1746871@nr=0-1-1746871-103247468-d6cd9168d8154d13----1712238507487
accept-language
de-DE,de;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InB1YiI6e30sInB2dCI6Ik1ZM2dIZERlaXkvM2VmdlhXUmx1YjZKZmk1aWt1QkdjT1cwNHludFFySGNGakFEd0JZd3VjVlNBOHVqMm5FYzQ1SEdlaWJGb3N5TFliQ0h2SmszdE1laXpJU3JjTlM0UGxzWTR0U3RqVHFGQ084d3RoQzl2SHZuTjlma2xHZHJNLzRmcXdsOG5zZ3AxVjBpM1E3OU8zWmN6VkNadVozT2h1QWltQnRYaU5xbmpGRERVM3B1ekpWWkdLb000MGN6VVcyT1Z0bTduRzByVnVMZEdUK0cvWlBYdWRncnJDK3U0bXRCRDBtekJwdStVY0lNVnJFR3NhYWFTTS9EZkpsZWNNYk04TVFFNlpaQmpyVXdJRTNWS3d1aGYxMHdxY3Q4QmIwOHBYUGJPU0JWMUxtQVl6cG1CNlU3MWNRRlozSThzcmRibWU4Y0tTSzNsWWZKNUFpclA4YzJuV0lIT0xsZkRWNWhLelpSN1RoVHNsR0V2WjlhWmt0YjVFc3BUY3o0ZWtJOHZJWGJualdmeXljb0ppU0crK05WcVRNdnUwVGhXbE9rSzFMdE9lWG14dDFtMWs0OEdmbXpLemQ0NWFrQ1VudElUcUlrMWdwTWFjSUFzZGt2cCtWUWpZQml0ZlNVTklXUko3czhwOU1Mc2pEcjZjdWtkY2g2ZjV6TldZSW0yalpBeFJSVXhlTnR3WUp3WDVMN1NHbXR4QTQxTE1NdkZZN3pnb3JncFlWVTVYZ2dwVEo5YXU0SEdnK3dJZS9reS5zcHhPdXRIbjVNOVZnc0UvVEdjWVNBPT0ifSwiaWF0IjoxNzEyMjM4NTA3LCJleHAiOjE3MTIyNDkzMDd9.-m9UseSct6Jq_hsnL7Rcw4DxfRhvsoMUYbukp7ANrnw
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiZDZjZDkxNjhkODE1NGQxMyIsInRyIjoiNjhkMDJiYmEzZWQ1MjdkY2RiOTcyNGY2MGI5N2U0NTMiLCJ0aSI6MTcxMjIzODUwNzQ4N319
session-cookie-id
yOXmNOgqrDkkgadXssXMC
x-lego-request-id
ba71da53-9fbf-4d14-b098-36429bde4f5f-app-shop-c-0861ba1a
sec-ch-ua-platform
"Win32"
fff-id
8adcfeff-8612-48ad-bb60-fb9091de0dc9
traceparent
00-68d02bba3ed527dcdb9724f60b97e453-d6cd9168d8154d13-01
sec-ch-ua-mobile
?0
lid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
visitor-guid
09b7ab08-eb20-4982-a51d-566373d69c7a
content-type
application/json
accept
*/*
Referer
https://www.lego.com/de-de

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
653
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"51f-6S8qke6JJKNDqigKwS9eVyKCmRI"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lego.com
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
expires
Thu, 04 Apr 2024 13:48:27 GMT
UserConsentPreferences
www.lego.com/api/graphql/ 		531 B
927 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/api/graphql/UserConsentPreferences
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abb86a21e48e346fee8291f937987ccdc7faffe9c3fe85e0810b32cc85522ffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-locale
de-DE
tracestate
1746871@nr=0-1-1746871-103247468-3a09c76a7dd5d163----1712238507489
accept-language
de-DE,de;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InB1YiI6e30sInB2dCI6Ik1ZM2dIZERlaXkvM2VmdlhXUmx1YjZKZmk1aWt1QkdjT1cwNHludFFySGNGakFEd0JZd3VjVlNBOHVqMm5FYzQ1SEdlaWJGb3N5TFliQ0h2SmszdE1laXpJU3JjTlM0UGxzWTR0U3RqVHFGQ084d3RoQzl2SHZuTjlma2xHZHJNLzRmcXdsOG5zZ3AxVjBpM1E3OU8zWmN6VkNadVozT2h1QWltQnRYaU5xbmpGRERVM3B1ekpWWkdLb000MGN6VVcyT1Z0bTduRzByVnVMZEdUK0cvWlBYdWRncnJDK3U0bXRCRDBtekJwdStVY0lNVnJFR3NhYWFTTS9EZkpsZWNNYk04TVFFNlpaQmpyVXdJRTNWS3d1aGYxMHdxY3Q4QmIwOHBYUGJPU0JWMUxtQVl6cG1CNlU3MWNRRlozSThzcmRibWU4Y0tTSzNsWWZKNUFpclA4YzJuV0lIT0xsZkRWNWhLelpSN1RoVHNsR0V2WjlhWmt0YjVFc3BUY3o0ZWtJOHZJWGJualdmeXljb0ppU0crK05WcVRNdnUwVGhXbE9rSzFMdE9lWG14dDFtMWs0OEdmbXpLemQ0NWFrQ1VudElUcUlrMWdwTWFjSUFzZGt2cCtWUWpZQml0ZlNVTklXUko3czhwOU1Mc2pEcjZjdWtkY2g2ZjV6TldZSW0yalpBeFJSVXhlTnR3WUp3WDVMN1NHbXR4QTQxTE1NdkZZN3pnb3JncFlWVTVYZ2dwVEo5YXU0SEdnK3dJZS9reS5zcHhPdXRIbjVNOVZnc0UvVEdjWVNBPT0ifSwiaWF0IjoxNzEyMjM4NTA3LCJleHAiOjE3MTIyNDkzMDd9.-m9UseSct6Jq_hsnL7Rcw4DxfRhvsoMUYbukp7ANrnw
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiM2EwOWM3NmE3ZGQ1ZDE2MyIsInRyIjoiOTRjY2ExNjU1YWRiYjliZTEyODcxODJkYzU0ZjI0ZDAiLCJ0aSI6MTcxMjIzODUwNzQ4OX19
session-cookie-id
yOXmNOgqrDkkgadXssXMC
x-lego-request-id
d058b9fa-fb9d-4c80-a51e-49ee19699bfb-app-shop-c-0861ba1a
sec-ch-ua-platform
"Win32"
fff-id
8adcfeff-8612-48ad-bb60-fb9091de0dc9
traceparent
00-94cca1655adbb9be1287182dc54f24d0-3a09c76a7dd5d163-01
sec-ch-ua-mobile
?0
lid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
visitor-guid
09b7ab08-eb20-4982-a51d-566373d69c7a
content-type
application/json
accept
*/*
Referer
https://www.lego.com/de-de

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
etag
W/"213-VQCykkXjX8PNXS5HHZoYfW4e+o4"
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lego.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-length
531
x-xss-protection
1; mode=block
expires
Thu, 04 Apr 2024 13:48:27 GMT
ConsentModalSettings
www.lego.com/api/graphql/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/api/graphql/ConsentModalSettings
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce7c804a93ddefe16c65fb99337cc56111ecbd95b4eb6953b4c47cf59ad88c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-locale
de-DE
tracestate
1746871@nr=0-1-1746871-103247468-5f9c5e8688be7466----1712238507493
accept-language
de-DE,de;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InB1YiI6e30sInB2dCI6Ik1ZM2dIZERlaXkvM2VmdlhXUmx1YjZKZmk1aWt1QkdjT1cwNHludFFySGNGakFEd0JZd3VjVlNBOHVqMm5FYzQ1SEdlaWJGb3N5TFliQ0h2SmszdE1laXpJU3JjTlM0UGxzWTR0U3RqVHFGQ084d3RoQzl2SHZuTjlma2xHZHJNLzRmcXdsOG5zZ3AxVjBpM1E3OU8zWmN6VkNadVozT2h1QWltQnRYaU5xbmpGRERVM3B1ekpWWkdLb000MGN6VVcyT1Z0bTduRzByVnVMZEdUK0cvWlBYdWRncnJDK3U0bXRCRDBtekJwdStVY0lNVnJFR3NhYWFTTS9EZkpsZWNNYk04TVFFNlpaQmpyVXdJRTNWS3d1aGYxMHdxY3Q4QmIwOHBYUGJPU0JWMUxtQVl6cG1CNlU3MWNRRlozSThzcmRibWU4Y0tTSzNsWWZKNUFpclA4YzJuV0lIT0xsZkRWNWhLelpSN1RoVHNsR0V2WjlhWmt0YjVFc3BUY3o0ZWtJOHZJWGJualdmeXljb0ppU0crK05WcVRNdnUwVGhXbE9rSzFMdE9lWG14dDFtMWs0OEdmbXpLemQ0NWFrQ1VudElUcUlrMWdwTWFjSUFzZGt2cCtWUWpZQml0ZlNVTklXUko3czhwOU1Mc2pEcjZjdWtkY2g2ZjV6TldZSW0yalpBeFJSVXhlTnR3WUp3WDVMN1NHbXR4QTQxTE1NdkZZN3pnb3JncFlWVTVYZ2dwVEo5YXU0SEdnK3dJZS9reS5zcHhPdXRIbjVNOVZnc0UvVEdjWVNBPT0ifSwiaWF0IjoxNzEyMjM4NTA3LCJleHAiOjE3MTIyNDkzMDd9.-m9UseSct6Jq_hsnL7Rcw4DxfRhvsoMUYbukp7ANrnw
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiNWY5YzVlODY4OGJlNzQ2NiIsInRyIjoiOWI5ZWY5ZGNmMzdmNjgyNGFjMTgwMmU0YWFhZjg0MGIiLCJ0aSI6MTcxMjIzODUwNzQ5M319
session-cookie-id
yOXmNOgqrDkkgadXssXMC
x-lego-request-id
16e855c5-d3b4-4bbb-96e4-b7f051e00687-app-shop-c-0861ba1a
sec-ch-ua-platform
"Win32"
fff-id
8adcfeff-8612-48ad-bb60-fb9091de0dc9
traceparent
00-9b9ef9dcf37f6824ac1802e4aaaf840b-5f9c5e8688be7466-01
sec-ch-ua-mobile
?0
lid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
visitor-guid
09b7ab08-eb20-4982-a51d-566373d69c7a
content-type
application/json
accept
*/*
Referer
https://www.lego.com/de-de

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
2472
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"1e01-934WVsDhzxt5Z/4Mce+ySUBRVS8"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lego.com
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
expires
Thu, 04 Apr 2024 13:48:27 GMT
wizard
lego.report-uri.com/r/t/csp/ 		0
582 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lego.report-uri.com/r/t/csp/wizard
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.184.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Apr 2024 13:48:27 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
86f1c19058629750-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
df07c5d304
bam.nr-data.net/ins/1/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/ins/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=4431&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.lego.com
date
Thu, 04 Apr 2024 13:48:27 GMT
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
x-served-by
cache-fra-etou8220033-FRA
esw.min.js
service.force.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.147.21 Paris, France, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl7-ncg0-cdg3.eu26-cdg.force.com
Software
/
Resource Hash
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 21:20:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 04 Jul 2023 00:26:54 GMT
Content-Encoding
gzip
Age
59279
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8455
Expires
Thu, 04 Apr 2024 21:20:29 GMT
salesforceChat.css
www.lego.com/static/stylesheets/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/static/stylesheets/salesforceChat.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af6e6a92e55e313cd5ce8ff132a2843b0292b267fb1cbb0fcd4d4b8d560663bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 15 Jan 2024 11:11:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"56a5-18d0cd15570"
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-H5emUtTHT9a6tGsNi/YXhqQsxRjE8d6xHHc1hfCu2CA=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=500716
accept-ranges
bytes
content-length
2814
x-xss-protection
1; mode=block
/
allowed-countries.scout.services.lego.com/ 		35 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://allowed-countries.scout.services.lego.com/
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:da00:1e:c28d:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
edcb1c415935b1cf49e2e56980d7eba638bda72a23a8997157e1590b1eef14d0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
https://www.lego.com
content-length
35
x-amz-cf-id
UFQj9th3EasKaPcBt4ipOQ3qhzA6K92w20Lox6l2FqAHinzcY6DlCg==
account-0060a67786d24d55d3007f070b4ca626.png
www.lego.com/_next/static/images/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/account-0060a67786d24d55d3007f070b4ca626.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
492f93fed69c656dd6f28a02543015a32253b16ecbb43eda76f95fd4e1d704e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"439-18e7bcceb78"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-A4cKoSLKpFk3HP+xCltgsbSUjdNP9IyOQ/4KfuzM3rE=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/png
cache-control
public, max-age=46
accept-ranges
bytes
content-length
1081
x-xss-protection
1; mode=block
insidersOut-1007c87df3063963a6a3f7de243ac98e.svg
www.lego.com/_next/static/images/ 		261 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/insidersOut-1007c87df3063963a6a3f7de243ac98e.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
695bd8a3ed844209ded42ea80af9ed0a804661f471b4a9fe39843b7ce454f9bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-Qz2hj/c5OWK9F/sgtr8jMsUGVKgzRX3vEuLvi+NizOg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
209
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"105-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=25
accept-ranges
bytes
brand-lego.svg
assets.lego.com/logos/v4.5.0/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.lego.com/logos/v4.5.0/brand-lego.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e692c130a90f4e348fc484cce8e13d43e5275fef4cec1a3878b8e3d96071a6e0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:14:09 GMT
content-encoding
gzip
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 20:13:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
236060
x-amz-server-side-encryption
AES256
etag
W/"57bacd0c848bc3271c6d1e1052b82530"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000, public
x-amz-cf-id
8n9C7_mONL_6M1nluYYViv0T5GAgAtFvB6y7kFC2jRgxuQf6YBI4kg==
21348-Exclusive-202404-Homepage-LS-Hero-Standard-Large.jpg
www.lego.com/cdn/cs/set/assets/blta69d7d96700d8229/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blta69d7d96700d8229/21348-Exclusive-202404-Homepage-LS-Hero-Standard-Large.jpg?fit=crop&format=webply&quality=80&width=1600&height=500&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
ef1280b0fcd3b992ef7fbecc084a640bcd61d5305094388813a6fb95f6b0c2ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"TWa6T7ljHuADGytvoU1hln8/W3ziOK9SQ4B7phrI5zo"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=21348-Exclusive-202404-Homepage-LS-Hero-Standard-Large.webp
accept-ranges
bytes
content-length
59498
x-amz-cf-id
42Js7y9oClSlMzcBlt8gc2w42LlpxPYHgN6vncCzJJ2eSAWRqXw3ug==
x-xss-protection
1; mode=block
76271-Exclusive-202404-Block-Standard-3.jpg
www.lego.com/cdn/cs/set/assets/blt27ac7acf67523393/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt27ac7acf67523393/76271-Exclusive-202404-Block-Standard-3.jpg?fit=crop&format=webply&quality=80&width=635&height=440&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
1b9c2c9586d4657810274c972ea543e0730ed50d911290e523e59d63564126e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"77iPXgcAB2M9RW4TXJH/XlOL5xT/p8NxcMs0OAo014E"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=76271-Exclusive-202404-Block-Standard-3.webp
accept-ranges
bytes
content-length
43430
x-amz-cf-id
uC00psJTFhFgzt8Ygxf_qKvLmGyNEMYlqtmFp7PYPgm2Yft9RQl0yQ==
x-xss-protection
1; mode=block
RacingCampaign-KV-Page-202404-Block-Standard.jpg
www.lego.com/cdn/cs/set/assets/blt4612421c38d75027/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt4612421c38d75027/RacingCampaign-KV-Page-202404-Block-Standard.jpg?fit=crop&format=webply&quality=80&width=635&height=440&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
631ed4bde5ae30de92114c51045e4c72cda402bed18563d7d3c3fc7379813141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"9wav0EJO+aUl6zhiZRP+PtWx2WKIWt6bdQCvKr0HKnY"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=RacingCampaign-KV-Page-202404-Block-Standard.webp
accept-ranges
bytes
content-length
57532
x-amz-cf-id
oHRGoI-hbUpeNP-Ad8-wGK5bkzrxF8xEbHb5a-M3QdunD2_KmYOCXA==
x-xss-protection
1; mode=block
10332-Homepage-202403-Block-Standard.jpg
www.lego.com/cdn/cs/set/assets/blt7ab5668500f26d43/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt7ab5668500f26d43/10332-Homepage-202403-Block-Standard.jpg?fit=crop&format=webply&quality=80&width=635&height=440&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
a9893afa098f26137d5731d7a5d5b6013510c8473d4022b808c0ca84cb63f3ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"Dy4FVk1tIMG0EpUzpZnmKt3wiMhFG28BqQdxPyOWJe8"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=10332-Homepage-202403-Block-Standard.webp
accept-ranges
bytes
content-length
22700
x-amz-cf-id
RDB6H_OWk7_dQXuSTvtAaQucR4-0t-HNIF0q4q9zCpjR8n-7Jed8fg==
x-xss-protection
1; mode=block
starActive-8f24279ea4ef0bb5bb5e8af9fbab2aab.svg
www.lego.com/_next/static/images/ 		342 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/starActive-8f24279ea4ef0bb5bb5e8af9fbab2aab.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a2be7f0f8bcd35acf40ee39659f30044383acca2d9083788fffc6082566f23e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-YCgZCCSIL1Es0mZPZ8ieuLXM29su9e3kXMfN5+wWrg8=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
239
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"156-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=17
accept-ranges
bytes
halfStar-9b6a3da7ddc2090ed53e3a4c39cfa182.svg
www.lego.com/_next/static/images/ 		551 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/halfStar-9b6a3da7ddc2090ed53e3a4c39cfa182.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b07d9dda59ac87b579efbea00c7ea777fe63066bf14a22aebdbc430bf02ca02f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-8laTaENM6b82bYvkU49nl7r8RC3n5fKZfxsNzGJRjRk=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
341
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"227-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=24
accept-ranges
bytes
star-137de11c52562366e254d16196f7b51c.svg
www.lego.com/_next/static/images/ 		342 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/star-137de11c52562366e254d16196f7b51c.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46d1bab5d53f00714797bc74959afbaef9c685b390a55b737ce08ef41fef7a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-+hB8VBtV0x6d3EP02Jt1v1ye8crlsOzSy8b8r04OLg0=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
236
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"156-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=41
accept-ranges
bytes
facebook-895fba5a20c4facacb9655dade1d256c.svg
www.lego.com/_next/static/images/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/facebook-895fba5a20c4facacb9655dade1d256c.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ee7ad9e16a2ba29e59ef1904ba7cc7eae49551ded00014aa3860f40ce546d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-OWdcJEzwP/HS1ASm6ugpOMrEEmsQsiJIyPgdN57/bv8=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
550
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"5a7-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=24
accept-ranges
bytes
twitter-4bee8e762dd6042960b804964fd64103.svg
www.lego.com/_next/static/images/ 		532 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/twitter-4bee8e762dd6042960b804964fd64103.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d3d566990585fe960360cfd0c6cfa0de938fa84b4e061c90bdaf0f72e4a333a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-nY0vqZjEXGIrKmjPcC2hyDPOU2Ak38bIicfsMKIUY9Q=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
367
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"214-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=8
accept-ranges
bytes
instagram-e47f0d4b15ff76083b415be91e96f43b.svg
www.lego.com/_next/static/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/instagram-e47f0d4b15ff76083b415be91e96f43b.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2ffdb7e6780631cc1476372ffdef6fd3fa5d5f0a51f66110fde0b8969f14c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-WFAgAbbsBNfwyLKEBRKYzY4gsB35tqU1ezcrGkxlfGY=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
1019
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"bc2-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=6
accept-ranges
bytes
youtube-c51b2c62583921aae813fdc55df5f9d2.svg
www.lego.com/_next/static/images/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/youtube-c51b2c62583921aae813fdc55df5f9d2.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0fd26d5347883a1efa127f23590d63d52d26f011280961c6241f5d61d4c92490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-o3Y3Hn4NKexa+6tAxfIZzA02tTIxbGlY5ziAGO/XSVI=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
479
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"412-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=33
accept-ranges
bytes
de-de
www.lego.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/de-de?age-gate=grown_up
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-middleware-preflight
1
tracestate
1746871@nr=0-1-1746871-103247468-ad83c83ae8252a1b----1712238508123
traceparent
00-ead73b52f226f95053a1563b550251da-ad83c83ae8252a1b-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiYWQ4M2M4M2FlODI1MmExYiIsInRyIjoiZWFkNzNiNTJmMjI2Zjk1MDUzYTE1NjNiNTUwMjUxZGEiLCJ0aSI6MTcxMjIzODUwODEyM319
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
surrogate-control
no-store
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-yo+e7cwRWZYHgicrOvFaW8vekrZuuEnz2jOKjbBkH+w=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
cache-control
public, max-age=19
content-length
0
x-xss-protection
1; mode=block
de-de
www.lego.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/de-de?consent-modal=show
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-middleware-preflight
1
tracestate
1746871@nr=0-1-1746871-103247468-0717c1885a51ff7e----1712238508124
traceparent
00-69f3c1569cccaf28c1ceb096f2fe0d75-0717c1885a51ff7e-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiMDcxN2MxODg1YTUxZmY3ZSIsInRyIjoiNjlmM2MxNTY5Y2NjYWYyOGMxY2ViMDk2ZjJmZTBkNzUiLCJ0aSI6MTcxMjIzODUwODEyNH19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
surrogate-control
no-store
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-teeX8++uz/Evi4KIYzpOB3msHH0/1CAiQD0b86svcz8=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
cache-control
public, max-age=56
content-length
0
x-xss-protection
1; mode=block
ProductRecommendedQuery
www.lego.com/api/graphql/ 		17 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/api/graphql/ProductRecommendedQuery
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1029ab263b11d7881db257c5b684df88f160fc28d398247b63612b1cba8dee6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-locale
de-DE
tracestate
1746871@nr=0-1-1746871-103247468-2bc9b3634748a5e0----1712238508127
accept-language
de-DE,de;q=0.9
authorization
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InB1YiI6e30sInB2dCI6Ik1ZM2dIZERlaXkvM2VmdlhXUmx1YjZKZmk1aWt1QkdjT1cwNHludFFySGNGakFEd0JZd3VjVlNBOHVqMm5FYzQ1SEdlaWJGb3N5TFliQ0h2SmszdE1laXpJU3JjTlM0UGxzWTR0U3RqVHFGQ084d3RoQzl2SHZuTjlma2xHZHJNLzRmcXdsOG5zZ3AxVjBpM1E3OU8zWmN6VkNadVozT2h1QWltQnRYaU5xbmpGRERVM3B1ekpWWkdLb000MGN6VVcyT1Z0bTduRzByVnVMZEdUK0cvWlBYdWRncnJDK3U0bXRCRDBtekJwdStVY0lNVnJFR3NhYWFTTS9EZkpsZWNNYk04TVFFNlpaQmpyVXdJRTNWS3d1aGYxMHdxY3Q4QmIwOHBYUGJPU0JWMUxtQVl6cG1CNlU3MWNRRlozSThzcmRibWU4Y0tTSzNsWWZKNUFpclA4YzJuV0lIT0xsZkRWNWhLelpSN1RoVHNsR0V2WjlhWmt0YjVFc3BUY3o0ZWtJOHZJWGJualdmeXljb0ppU0crK05WcVRNdnUwVGhXbE9rSzFMdE9lWG14dDFtMWs0OEdmbXpLemQ0NWFrQ1VudElUcUlrMWdwTWFjSUFzZGt2cCtWUWpZQml0ZlNVTklXUko3czhwOU1Mc2pEcjZjdWtkY2g2ZjV6TldZSW0yalpBeFJSVXhlTnR3WUp3WDVMN1NHbXR4QTQxTE1NdkZZN3pnb3JncFlWVTVYZ2dwVEo5YXU0SEdnK3dJZS9reS5zcHhPdXRIbjVNOVZnc0UvVEdjWVNBPT0ifSwiaWF0IjoxNzEyMjM4NTA3LCJleHAiOjE3MTIyNDkzMDd9.-m9UseSct6Jq_hsnL7Rcw4DxfRhvsoMUYbukp7ANrnw
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiMmJjOWIzNjM0NzQ4YTVlMCIsInRyIjoiOGY2MGU1MjY2NTM3NDg0ZjVhYWJlZTM0NGI1MzBiM2MiLCJ0aSI6MTcxMjIzODUwODEyN319
session-cookie-id
yOXmNOgqrDkkgadXssXMC
x-lego-request-id
98417d2c-9421-433f-99c9-877e34c996c1-app-shop-c-0861ba1a
sec-ch-ua-platform
"Win32"
fff-id
8adcfeff-8612-48ad-bb60-fb9091de0dc9
traceparent
00-8f60e5266537484f5aabee344b530b3c-2bc9b3634748a5e0-01
sec-ch-ua-mobile
?0
lid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
visitor-guid
09b7ab08-eb20-4982-a51d-566373d69c7a
content-type
application/json
accept
*/*
Referer
https://www.lego.com/de-de

Response headers

date
Thu, 04 Apr 2024 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
2362
x-xss-protection
1; mode=block
pragma
no-cache
etag
W/"433e-HTAoWeANAUMCWNp7t1mmx6y3N3w"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lego.com
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
expires
Thu, 04 Apr 2024 13:48:29 GMT
Jan-Feb-DrivePeriod-Home-202401-Quicklink-New.png
www.lego.com/cdn/cs/set/assets/blta6e69aaa6a8814f9/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blta6e69aaa6a8814f9/Jan-Feb-DrivePeriod-Home-202401-Quicklink-New.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
3a301ae0edd5a0648c5adc884e8afe30e8dc68e6c00e68aa4fb57fced3a2d20e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"h8ygV6UgIUhSNmWN505YHxzyONKLQnN+LONZNFcJzNo"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-New.webp
accept-ranges
bytes
content-length
1866
x-amz-cf-id
oajhDNNmjzx-KrSWjTv2YxzxpwKOkK-t1AaaVo4ukoV4CgINj5DFXQ==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-Exclusive.png
www.lego.com/cdn/cs/set/assets/bltea57974da2e170ca/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/bltea57974da2e170ca/Jan-Feb-DrivePeriod-Home-202401-Quicklink-Exclusive.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
9e7a3d4c1f0b860934fb9195d32c00eaea2fb5c5f037655678370eb3b80fa8fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"IF/THCw4sA2PSX4w7QxRtIEWLuTn7N7f0uI7kHZ9820"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-Exclusive.webp
accept-ranges
bytes
content-length
2022
x-amz-cf-id
2jTRyTmIwWmAi66xXtq0Cs_XA5QAoGAby--qGSe0RwKW_LCTEHagGQ==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-Offer.png
www.lego.com/cdn/cs/set/assets/blte02a20b2427c36ca/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blte02a20b2427c36ca/Jan-Feb-DrivePeriod-Home-202401-Quicklink-Offer.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
72fbab48b3b6d3cd572b30c8ec61df29531a74a995be19a4f67399e39a61d9b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"j9HxT7bRwneAC24qieAD0MNXsl/Dg3rmLHzk5RvBzLs"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-Offer.webp
accept-ranges
bytes
content-length
3054
x-amz-cf-id
-jIF3NfdRqg75NOMp82fCt6o7Lh70_tficarzbBSsR_zkypgyWl1Nw==
x-xss-protection
1; mode=block
QLs-Botanicals-Quicklink.png
www.lego.com/cdn/cs/set/assets/blt363c86b675a874a8/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt363c86b675a874a8/QLs-Botanicals-Quicklink.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
0d885d596329309eb3ef6f0346cff1f6c56f7eabbfeed278809b047508bf9fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"yjMwIKguoEla9O+8Ef6wLPejATlYIpWLMwaY9owh2Vs"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=QLs-Botanicals-Quicklink.webp
accept-ranges
bytes
content-length
3308
x-amz-cf-id
IjR-W5GrMUtcrQpH4Wo1Zmu4AhYggVaXUiMgDVhFZQ2hov01qQGGww==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-SW.png
www.lego.com/cdn/cs/set/assets/blte8d0492aac3dc384/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blte8d0492aac3dc384/Jan-Feb-DrivePeriod-Home-202401-Quicklink-SW.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
0f0213bb61193fe9bd1db34e37c416e165905b41bf5bab10004c093bbfd2f393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"/QZKtExbRpCmY1oKXc9JVRaufmHFZLH1fyHscIgX10g"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-SW.webp
accept-ranges
bytes
content-length
2352
x-amz-cf-id
OxYVZXVhyGvuPa5FaGY-qo8WuSjLyMbPOTAUZC-BaSbr34FQ2hK90Q==
x-xss-protection
1; mode=block
QLs-Eid-Quicklink.png
www.lego.com/cdn/cs/set/assets/blt65b97239fbde37ee/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt65b97239fbde37ee/QLs-Eid-Quicklink.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
e3d61a771a3bef22a81f994b314744da2f1337253c04c4336fc79b55baa2ba0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"x/lnhlF0t2CnovF6QuMkAIUBqG655vlwr3nQvFXiEnE"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=QLs-Eid-Quicklink.webp
accept-ranges
bytes
content-length
1918
x-amz-cf-id
DGLvW1jAJVOrK6r8-HuDfbKlIx3J5Oi6Er4q3GKKnAt1dviQ9FXAgg==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-Nin1.png
www.lego.com/cdn/cs/set/assets/blt2a5dc2f3c5f3f3a1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt2a5dc2f3c5f3f3a1/Jan-Feb-DrivePeriod-Home-202401-Quicklink-Nin1.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
a2bceea1b482fe9700cf170b68a55d4b0fda4aa8d2c54f0bb23373208fca5e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"gXLXlirLVD1iEjAuHGOb4lwUd6etm4mhntlDucMb5O8"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-Nin1.webp
accept-ranges
bytes
content-length
2836
x-amz-cf-id
mmwjy_zPoqqupwTqbdSAhS5-_4P7oayDkufv2bfNtIbyQV5Qd_2LXw==
x-xss-protection
1; mode=block
Jan-Feb-DrivePeriod-Home-202401-Quicklink-Insiders.png
www.lego.com/cdn/cs/set/assets/blt0b3aedf4c1a73232/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt0b3aedf4c1a73232/Jan-Feb-DrivePeriod-Home-202401-Quicklink-Insiders.png?format=webply&fit=crop&quality=75&width=120&height=97&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
58f9ec6aa5ec9fc171df70d808ae13a87b7c1d11095608af1e79962ba4bbadb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"3M7eKKab2JfFZSmp8F8K/4T7i9vKTQAEHbAKz9+hNho"
x-frame-options
deny
content-type
image/webp
cache-control
public, max-age=172800
content-disposition
inline; filename=Jan-Feb-DrivePeriod-Home-202401-Quicklink-Insiders.webp
accept-ranges
bytes
content-length
1296
x-amz-cf-id
17hBqLhilkTIdHc4pn-nyxqA-0ZfNCvXGeG_DjOkLOzvGLN17GQtsA==
x-xss-protection
1; mode=block
dungeons-and-dragons-logo-600w.png
www.lego.com/cdn/cs/set/assets/blt6163c3f27f7b3d6d/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/blt6163c3f27f7b3d6d/dungeons-and-dragons-logo-600w.png?format=png&height=60&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
87719ff4a6d391e5a7048b32b7a571e695468e328bf42ce2023c5bd25627ce09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA56-P12
etag
"ASHEF3h1fxhoBThcIAQXGu2EUz+auRRvJ1O15EcM9Zs"
x-frame-options
deny
content-type
image/png
cache-control
public, max-age=172800
content-disposition
inline; filename=dungeons-and-dragons-logo-600w.png
accept-ranges
bytes
content-length
13392
x-amz-cf-id
-v1yg-vz4JFA82QcxZNjoj2Mb7V3TYHnFxQScezldkUaFcpgz5YTSA==
x-xss-protection
1; mode=block
d6687b947aac679f.css
www.lego.com/_next/static/css/ 		20 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/d6687b947aac679f.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4171899a3e8dc9b30b022be5856cdc76f7a7f9371c1b2bf8a66e8ce38fc5398f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-0fb6f98a70a49d65----1712238508328
traceparent
00-6c31e3a3c8e58fb7a18df13b04e2a0e0-0fb6f98a70a49d65-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiMGZiNmY5OGE3MGE0OWQ2NSIsInRyIjoiNmMzMWUzYTNjOGU1OGZiN2ExOGRmMTNiMDRlMmEwZTAiLCJ0aSI6MTcxMjIzODUwODMyOH19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-0W88TIICnaHm29TRTf9yM+wT+aUlX+j/J5+oQWJ5Osg=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
2927
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"5067-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401568
accept-ranges
bytes
f082eb9296b29657.css
www.lego.com/_next/static/css/ 		39 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/f082eb9296b29657.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
26e01fc1809bb2cfe7ee54858f83fc76404f4b56657cba9b163394cdf3836410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-00303908c002d1d9----1712238508329
traceparent
00-f772760632f47624685c06a3510dc7cd-00303908c002d1d9-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiMDAzMDM5MDhjMDAyZDFkOSIsInRyIjoiZjc3Mjc2MDYzMmY0NzYyNDY4NWMwNmEzNTEwZGM3Y2QiLCJ0aSI6MTcxMjIzODUwODMyOX19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-ACVFp5XsNBPXwlczYcBEcGU7AeuSQWoi5FZ9tsHqlhQ=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5333
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"9a32-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401558
accept-ranges
bytes
834bcf50333f9402.css
www.lego.com/_next/static/css/ 		96 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/834bcf50333f9402.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe548b4b036781c07b73eb43b12d2bc20ef4436de350e245c9ad0d5458688563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-82c578953b5560fc----1712238508329
traceparent
00-25eedde2bad939b21a68a5fff4ed1e55-82c578953b5560fc-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiODJjNTc4OTUzYjU1NjBmYyIsInRyIjoiMjVlZWRkZTJiYWQ5MzliMjFhNjhhNWZmZjRlZDFlNTUiLCJ0aSI6MTcxMjIzODUwODMyOX19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-060MEfmu7v+CrbsXbhhe4LLz9E8+2c3iP/HxOcmkpjA=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
13070
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"181f0-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401544
accept-ranges
bytes
ef8731c60c2283f2.css
www.lego.com/_next/static/css/ 		38 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/ef8731c60c2283f2.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
728902d515579fc4f8d51f9d249bdeb04a5b5dec0c9db58604bffaa0505ac150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-33b6eeeeb6d09d22----1712238508330
traceparent
00-554c222dc6b8c0ebfa2c191719efe276-33b6eeeeb6d09d22-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiMzNiNmVlZWViNmQwOWQyMiIsInRyIjoiNTU0YzIyMmRjNmI4YzBlYmZhMmMxOTE3MTllZmUyNzYiLCJ0aSI6MTcxMjIzODUwODMzMH19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-dMNUp+zZp2rOz/jtVngWwsvCaDKQORTJep/RzlISKT4=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
5770
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"98d0-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401622
accept-ranges
bytes
1a732501c32b2f78.css
www.lego.com/_next/static/css/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/_next/static/css/1a732501c32b2f78.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43aeafd646b2cf3914e09be687a72af8393bc76a4eb24431a4626bc2672b265d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate
1746871@nr=0-1-1746871-103247468-5b985eef78c20687----1712238508330
traceparent
00-0b4c0f264704b127aa9c397586b70bb6-5b985eef78c20687-01
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE3NDY4NzEiLCJhcCI6IjEwMzI0NzQ2OCIsImlkIjoiNWI5ODVlZWY3OGMyMDY4NyIsInRyIjoiMGI0YzBmMjY0NzA0YjEyN2FhOWMzOTc1ODZiNzBiYjYiLCJ0aSI6MTcxMjIzODUwODMzMH19
Referer
https://www.lego.com/de-de
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-gEm4ZASjP+6HG7QOjprkVghcrWHG/T5DhGRbZWtiwwM=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
660
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Mar 2024 15:09:25 GMT
etag
W/"ce3-18e618f4c88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=30401414
accept-ranges
bytes
icons-logo-neg-600w.png
www.lego.com/cdn/cs/set/assets/bltdb8d448dcc06cf2b/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/cdn/cs/set/assets/bltdb8d448dcc06cf2b/icons-logo-neg-600w.png?format=png&height=60&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
CloudFront /
Resource Hash
fa15278dddf5b4ac047ade4e1763a14284ee88c7b7b718b7808216024a6c1000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
CloudFront
x-amz-cf-pop
FRA50-C1
etag
"NLL4c5VR0CLXAlzGOUOizOiNvAdjz37+SkQxLiA2wFE"
x-frame-options
deny
content-type
image/png
cache-control
public, max-age=172800
content-disposition
inline; filename=icons-logo-neg-600w.png
accept-ranges
bytes
content-length
10012
x-amz-cf-id
xHRgafP0nbu8u-WHq2CxrGlNzpA5Qd5pi3ObDDHAbAP7qgWNl9cVxg==
x-xss-protection
1; mode=block
common.min.js
legocrm.my.salesforce.com/embeddedservice/5.0/utils/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legocrm.my.salesforce.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.153.242 Frankfurt am Main, Germany, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-fra3.eu34-fra.my.salesforce.com
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Apr 2024 13:48:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Fri, 05 Apr 2024 13:48:28 GMT
favicon-32x32.png
www.lego.com/ 		2 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4441197109e31f53a0ce2103fac8a315e3ffd5bec98f5c3c5769d0244eab8e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 25 Jan 2024 15:37:37 GMT
etag
W/"749-18d4144fde8"
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-gNN5HrNggfkGP+oAJEDO1A/qbq7wVFSUHRE48m2MSHI=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/png
cache-control
public, max-age=1241052
accept-ranges
bytes
content-length
1865
x-xss-protection
1; mode=block
brand-lego.svg
assets.lego.com/logos/v4.5.0/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.lego.com/logos/v4.5.0/brand-lego.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/_next/static/chunks/framework-895245ddb8ded7aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e692c130a90f4e348fc484cce8e13d43e5275fef4cec1a3878b8e3d96071a6e0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:14:09 GMT
content-encoding
gzip
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 20:13:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
236060
x-amz-server-side-encryption
AES256
etag
W/"57bacd0c848bc3271c6d1e1052b82530"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000, public
x-amz-cf-id
2qxPnwxeWuENqD44gx4ZzuD26PDtlpLCo9MC7fnyI59uMBnJnTn_Fw==
brick-75c5dd2553e06cbefcb607e8ab89f8ee.png
www.lego.com/_next/static/images/ 		420 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/brick-75c5dd2553e06cbefcb607e8ab89f8ee.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37f6ff4a7fe1c992e3cfc604e536a372d76b2ee2b7e256de0715e5a48164070f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"1a4-18e7bcceb78"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-/w+mhUjv/H3MjYh+DPlKF9vQZKpzMyluLiYSEEDgQ8k=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/png
cache-control
public, max-age=54
accept-ranges
bytes
content-length
420
x-xss-protection
1; mode=block
bag-64332d5344748c48b220ffe9cf4bbee5.png
www.lego.com/_next/static/images/ 		917 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/bag-64332d5344748c48b220ffe9cf4bbee5.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f38706f81647cb53a88d2da330919f1bdfd2ba14f9fd2a8d9c0874f6ee4c9b71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"395-18e7bcceb78"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-GYbWBe2pTA9i+Yc+V3/VoswM5pkpP1q4WsJ+HOsUlwM=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/png
cache-control
public, max-age=9
accept-ranges
bytes
content-length
917
x-xss-protection
1; mode=block
support-7b7f286fd0d7d367bc9c1240968fc787.png
www.lego.com/_next/static/images/ 		973 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/support-7b7f286fd0d7d367bc9c1240968fc787.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd3e081b37155580bd134c585b5025a290e3f205f12dfd8853789d2acf3ac7c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"3cd-18e7bcceb78"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-4STd/nHuoK4J17gjzNzgq2ENvSZ+myFQxXlVFDlKk0k=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/png
cache-control
public, max-age=12
accept-ranges
bytes
content-length
973
x-xss-protection
1; mode=block
play-zone-836c3b1ed616c867f2eb2191ed007403.webp
www.lego.com/_next/static/images/ 		22 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/play-zone-836c3b1ed616c867f2eb2191ed007403.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1fb461abc19ff29c15093a157e603a4ab20d4cfeb6305301ca3363f5d54eb5bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"5764-18e7bcceb78"
surrogate-control
no-store
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-p5M61LFnuq9tLEUj+DtfCFXRyiVdAdowIPOKuex8NHM=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/webp
cache-control
public, max-age=2
accept-ranges
bytes
content-length
22372
x-xss-protection
1; mode=block
favicon-32x32.png
www.lego.com/ 		2 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.lego.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4441197109e31f53a0ce2103fac8a315e3ffd5bec98f5c3c5769d0244eab8e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 25 Jan 2024 15:37:37 GMT
etag
W/"749-18d4144fde8"
x-frame-options
SAMEORIGIN
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-gNN5HrNggfkGP+oAJEDO1A/qbq7wVFSUHRE48m2MSHI=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-type
image/png
cache-control
public, max-age=1241052
accept-ranges
bytes
content-length
1865
x-xss-protection
1; mode=block
esw.min.css
legocrm.my.salesforce.com/embeddedservice/5.0/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legocrm.my.salesforce.com/embeddedservice/5.0/esw.min.css
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.153.242 Frankfurt am Main, Germany, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-fra3.eu34-fra.my.salesforce.com
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Apr 2024 13:48:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
public,max-age=86400
Origin-Trial
AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Fri, 05 Apr 2024 13:48:28 GMT
liveagent.esw.min.js
legocrm.my.salesforce.com/embeddedservice/5.0/client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legocrm.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.153.242 Frankfurt am Main, Germany, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-fra3.eu34-fra.my.salesforce.com
Software
/
Resource Hash
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Apr 2024 13:48:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Fri, 05 Apr 2024 13:48:28 GMT
wizard
lego.report-uri.com/r/t/csp/ 		0
582 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lego.report-uri.com/r/t/csp/wizard
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.184.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Apr 2024 13:48:28 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
86f1c197c90c9750-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
esw.html
legocrm.my.salesforce.com/embeddedservice/5.0/ Frame 9FC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://legocrm.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.lego.com/de-de?age-gate=grown_up
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.153.242 Frankfurt am Main, Germany, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-fra3.eu34-fra.my.salesforce.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lego.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
public,max-age=86400
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html;charset=UTF-8
Date
Thu, 04 Apr 2024 13:48:28 GMT
Expires
Fri, 05 Apr 2024 13:48:28 GMT
Last-Modified
Thu, 14 Sep 2023 00:07:46 GMT
Origin-Trial
AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
EmbeddedServiceConfig.jsonp
d.la3-c2-fra.salesforceliveagent.com/chat/rest/EmbeddedService/ 		163 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la3-c2-fra.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D09000007VlAB&EmbeddedServiceConfig.configName=CSE_GermanChatAgents&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=de
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.250.126 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl11-ncg0-fra3.la3-c2-fra.salesforceliveagent.com
Software
/
Resource Hash
66c2786c3f6bd4bc3bcbde5c5a8ec1b054c3ed61a875b1c2c8eb4454c22e620a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
legocrm.my.salesforce.com/embeddedservice/5.0/client/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legocrm.my.salesforce.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.153.242 Frankfurt am Main, Germany, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-fra3.eu34-fra.my.salesforce.com
Software
/
Resource Hash
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Apr 2024 13:48:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Fri, 05 Apr 2024 13:48:28 GMT
Settings.jsonp
d.la3-c2-fra.salesforceliveagent.com/chat/rest/Visitor/ 		166 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la3-c2-fra.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[57309000000cefA]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=57209000000cd40&org_id=00D09000007VlAB&version=48
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.250.126 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl11-ncg0-fra3.la3-c2-fra.salesforceliveagent.com
Software
/
Resource Hash
c62720545b21f659cd36d57413b2ae8dd1d3fa481127dbab1c0d07551daae6c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
legocrm.my.salesforce.com/embeddedservice/5.0/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legocrm.my.salesforce.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.153.242 Frankfurt am Main, Germany, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-fra3.eu34-fra.my.salesforce.com
Software
/
Resource Hash
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Apr 2024 13:48:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Fri, 05 Apr 2024 13:48:28 GMT
EmbeddedServiceConfig.jsonp
d.la3-c1-fra.salesforceliveagent.com/chat/rest/EmbeddedService/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la3-c1-fra.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D09000007VlAB&EmbeddedServiceConfig.configName=CSE_GermanChatAgents&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=de
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.13.0 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-fra3.la3-c1-fra.salesforceliveagent.com
Software
/
Resource Hash
8efeba6edec5ea6d0caf4ccaf67a64d5cc67888ea522d3163a8617e8159adb47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
Settings.jsonp
d.la3-c1-fra.salesforceliveagent.com/chat/rest/Visitor/ 		342 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la3-c1-fra.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[57309000000cefA]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=57209000000cd40&org_id=00D09000007VlAB&version=48
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.13.0 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-fra3.la3-c1-fra.salesforceliveagent.com
Software
/
Resource Hash
710912a436c31a4d093fa8511bd5af40c4b113c4fcb00378ecb8ae61d0ad555b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
starActive-8f24279ea4ef0bb5bb5e8af9fbab2aab.svg
www.lego.com/_next/static/images/ 		342 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/starActive-8f24279ea4ef0bb5bb5e8af9fbab2aab.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/_next/static/chunks/framework-895245ddb8ded7aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a2be7f0f8bcd35acf40ee39659f30044383acca2d9083788fffc6082566f23e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-YCgZCCSIL1Es0mZPZ8ieuLXM29su9e3kXMfN5+wWrg8=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
239
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"156-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=16
accept-ranges
bytes
halfStar-9b6a3da7ddc2090ed53e3a4c39cfa182.svg
www.lego.com/_next/static/images/ 		551 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/halfStar-9b6a3da7ddc2090ed53e3a4c39cfa182.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/_next/static/chunks/framework-895245ddb8ded7aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b07d9dda59ac87b579efbea00c7ea777fe63066bf14a22aebdbc430bf02ca02f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-8laTaENM6b82bYvkU49nl7r8RC3n5fKZfxsNzGJRjRk=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
341
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"227-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=23
accept-ranges
bytes
star-137de11c52562366e254d16196f7b51c.svg
www.lego.com/_next/static/images/ 		342 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lego.com/_next/static/images/star-137de11c52562366e254d16196f7b51c.svg
Requested by
Host: www.lego.com
URL: https://www.lego.com/_next/static/chunks/framework-895245ddb8ded7aa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46d1bab5d53f00714797bc74959afbaef9c685b390a55b737ce08ef41fef7a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lego.com/de-de?age-gate=grown_up
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 13:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
no-store
content-security-policy-report-only
default-src 'self' *.lego.com;font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com;img-src 'self' *.lego.com data: *.bazaarvoice.com *.akamaihd.net connect.facebook.net www.facebook.com *.doubleclick.net bat.bing.com www.googletagmanager.com bam-cell.nr-data.net *.adyen.com maps.googleapis.com maps.gstatic.com www.paypalobjects.com *.force.com *.salesforce.com *.visualforce.com blob: *.fwpixel.com *.fwcdn3.com *.fireworktv.com;style-src 'self' *.lego.com lego.ugc.bazaarvoice.com *.adyen.com fonts.googleapis.com *.force.com *.salesforce.com *.salesforce-sites.com *.my.site.com 'unsafe-inline';media-src 'self' *.lego.com mpsnare.iesnare.com *.fireworktv.com;connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*;script-src 'self' *.lego.com www.everestjs.net assets.adobedtm.com *.doubleclick.net www.googletagmanager.com www.googleadservices.com connect.facebook.net bat.bing.com analytics.analytics-egain.com js-agent.newrelic.com bam-cell.nr-data.net d3tdkvfstzj7gy.cloudfront.net maps-api-ssl.google.com maps.googleapis.com cnstrc.com *.iovation.com *.iesnare.com www.paypal.com *.adyen.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.my.site.com *.decibelinsight.net *.decibel.com blob: *.fwcdn3.com 'nonce-+hB8VBtV0x6d3EP02Jt1v1ye8crlsOzSy8b8r04OLg0=';frame-src 'self' *.lego.com *.adyen.com google.com www.sandbox.paypal.com *.doubleclick.net tpc.googlesyndication.com *.salesforce.com *.force.com *.salesforce-sites.com *.salesforce-scrt.com *.my.site.com connect.facebook.net facebook.com;form-action 'self' *.force.com *.salesforce.com www.paypal.com connect.facebook.net;object-src 'none';base-uri 'self';worker-src blob:;report-uri https://lego.report-uri.com/r/t/csp/wizard
content-length
236
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 26 Mar 2024 17:26:51 GMT
etag
W/"156-18e7bcceb78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=40
accept-ranges
bytes
wizard
lego.report-uri.com/r/t/csp/ 		0
583 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lego.report-uri.com/r/t/csp/wizard
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.184.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Apr 2024 13:48:29 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
86f1c19c1d799750-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
df07c5d304
bam.nr-data.net/events/1/ 		24 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=6308&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0
Requested by
Host: www.lego.com
URL: https://www.lego.com/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lego.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 04 Apr 2024 13:48:29 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.lego.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-etou8220033-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js-agent.newrelic.com
URL
https://js-agent.newrelic.com/nr-spa-1.250.0.min.js

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| __NONCE__ object| NREUM object| webpackChunk:NRBA-1.250.0.PROD object| newrelic object| webpackChunk_N_E object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| _ function| __NEXT_PRELOADREADY object| dataLayer object| __core-js_shared__ function| saveAs object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST undefined| __octan_silent_auth_thunk object| embedded_svc

13 Cookies

Domain/Path Name / Value
.lego.com/ Name: locale
Value: de-DE
.lego.com/ Name: country
Value: DE
.lego.com/ Name: fff_id
Value: 8adcfeff-8612-48ad-bb60-fb9091de0dc9
.lego.com/ Name: USER_GUID
Value: 09b7ab08-eb20-4982-a51d-566373d69c7a
.lego.com/ Name: session_cookie_id
Value: yOXmNOgqrDkkgadXssXMC
identity.lego.com/ Name: AWSALBTG
Value: apHlfnCw2yNKi1+8jexNScyl7cQN3IhUeK+VhfaOAkqp8RD/wRvp0ZxQNkdzr6/VMA62R5Op4mqId8PlIV9cegDxEuWH8fqrqLDCvRJBnF+X8iW0T8g6DhBtMV8nAijXtxyVbE71dFGUwqvKsPhMWOW1l4taZ0mdnUDdEpIk+1mL
identity.lego.com/ Name: AWSALBTGCORS
Value: apHlfnCw2yNKi1+8jexNScyl7cQN3IhUeK+VhfaOAkqp8RD/wRvp0ZxQNkdzr6/VMA62R5Op4mqId8PlIV9cegDxEuWH8fqrqLDCvRJBnF+X8iW0T8g6DhBtMV8nAijXtxyVbE71dFGUwqvKsPhMWOW1l4taZ0mdnUDdEpIk+1mL
www.lego.com/ Name: gqauth
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InB1YiI6e30sInB2dCI6Ik1ZM2dIZERlaXkvM2VmdlhXUmx1YjZKZmk1aWt1QkdjT1cwNHludFFySGNGakFEd0JZd3VjVlNBOHVqMm5FYzQ1SEdlaWJGb3N5TFliQ0h2SmszdE1laXpJU3JjTlM0UGxzWTR0U3RqVHFGQ084d3RoQzl2SHZuTjlma2xHZHJNLzRmcXdsOG5zZ3AxVjBpM1E3OU8zWmN6VkNadVozT2h1QWltQnRYaU5xbmpGRERVM3B1ekpWWkdLb000MGN6VVcyT1Z0bTduRzByVnVMZEdUK0cvWlBYdWRncnJDK3U0bXRCRDBtekJwdStVY0lNVnJFR3NhYWFTTS9EZkpsZWNNYk04TVFFNlpaQmpyVXdJRTNWS3d1aGYxMHdxY3Q4QmIwOHBYUGJPU0JWMUxtQVl6cG1CNlU3MWNRRlozSThzcmRibWU4Y0tTSzNsWWZKNUFpclA4YzJuV0lIT0xsZkRWNWhLelpSN1RoVHNsR0V2WjlhWmt0YjVFc3BUY3o0ZWtJOHZJWGJualdmeXljb0ppU0crK05WcVRNdnUwVGhXbE9rSzFMdE9lWG14dDFtMWs0OEdmbXpLemQ0NWFrQ1VudElUcUlrMWdwTWFjSUFzZGt2cCtWUWpZQml0ZlNVTklXUko3czhwOU1Mc2pEcjZjdWtkY2g2ZjV6TldZSW0yalpBeFJSVXhlTnR3WUp3WDVMN1NHbXR4QTQxTE1NdkZZN3pnb3JncFlWVTVYZ2dwVEo5YXU0SEdnK3dJZS9reS5zcHhPdXRIbjVNOVZnc0UvVEdjWVNBPT0ifSwiaWF0IjoxNzEyMjM4NTA3LCJleHAiOjE3MTIyNDkzMDd9.-m9UseSct6Jq_hsnL7Rcw4DxfRhvsoMUYbukp7ANrnw
www.lego.com/ Name: lct-opt-out-ac
Value: true
legocrm.my.salesforce.com/ Name: CookieConsentPolicy
Value: 0:1
legocrm.my.salesforce.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.salesforce.com/ Name: BrowserId_sec
Value: BDcP-_KKEe6zorG6tZwCPA
.lego.com/ Name: search_session
Value: {"timestamp":1712238509189,"data":{"id":1}}

50 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: autoplay, camera, encrypted-media, fullscreen, geolocation, microphone, midi, payment. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security error URL: https://www.lego.com/newrelic.js(Line 1084)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=4199&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0&af=err,xhr,stn,ins,spa&be=54&fe=4092&dc=574&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1712238503137,%22n%22:0,%22f%22:0,%22dn%22:25,%22dne%22:25,%22c%22:25,%22s%22:31,%22ce%22:40,%22rq%22:40,%22rp%22:54,%22rpe%22:88,%22di%22:419,%22ds%22:628,%22de%22:628,%22dc%22:4142,%22l%22:4145,%22le%22:4146%7D,%22navigation%22:%7B%7D%7D&fp=323&fcp=323' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://www.lego.com/newrelic.js(Line 1084)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/ins/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=4431&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.lego.com/newrelic.js(Line 1084)
Message:
[Report Only] Refused to load the font 'data:application/octet-stream;base64,AAEAAAALAIAAAwAwT1MvMg8SBhEAAAC8AAAAYGNtYXAXVtKTAAABHAAAAFRnYXNwAAAAEAAAAXAAAAAIZ2x5ZpeJH/UAAAF4AAAJOGhlYWQIkke3AAAKsAAAADZoaGVhB8AD0gAACugAAAAkaG10eDoBAxcAAAsMAAAARGxvY2EN6BEGAAALUAAAACRtYXhwABYAfQAAC3QAAAAgbmFtZZlKCfsAAAuUAAABhnBvc3QAAwAAAAANHAAAACAAAwPbAZAABQAAApkCzAAAAI8CmQLMAAAB6wAzAQkAAAAAAAAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAABAAADpDAPA/8AAQAPAAEAAAAABAAAAAAAAAAAAAAAgAAAAAAADAAAAAwAAABwAAQADAAAAHAADAAEAAAAcAAQAOAAAAAoACAACAAIAAQAg6Qz//f//AAAAAAAg6QD//f//AAH/4xcEAA...EAAAAAAAQABwB1AAEAAAAAAAUACwAVAAEAAAAAAAYABwBLAAEAAAAAAAoAGgCKAAMAAQQJAAEADgAHAAMAAQQJAAIADgBnAAMAAQQJAAMADgA9AAMAAQQJAAQADgB8AAMAAQQJAAUAFgAgAAMAAQQJAAYADgBSAAMAAQQJAAoANACkaWNvbW9vbgBpAGMAbwBtAG8AbwBuVmVyc2lvbiAxLjAAVgBlAHIAcwBpAG8AbgAgADEALgAwaWNvbW9vbgBpAGMAbwBtAG8AbwBuaWNvbW9vbgBpAGMAbwBtAG8AbwBuUmVndWxhcgBSAGUAZwB1AGwAYQByaWNvbW9vbgBpAGMAbwBtAG8AbwBuRm9udCBnZW5lcmF0ZWQgYnkgSWNvTW9vbi4ARgBvAG4AdAAgAGcAZQBuAGUAcgBhAHQAZQBkACAAYgB5ACAASQBjAG8ATQBvAG8AbgAuAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==' because it violates the following Content Security Policy directive: "font-src 'self' fonts.gstatic.com *.legocrm.my.salesforce.com *.lego.com".
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lego.com/de-de?age-gate=grown_up
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.lego.com/newrelic.js(Line 1084)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=6308&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/jserrors/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11218&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/jserrors/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11218&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11221&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11221&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11223&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11223&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/jserrors/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11225&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/jserrors/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11225&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/ins/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11226&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".
security error URL: https://js-agent.newrelic.com/nr-spa-1.250.0.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://bam.nr-data.net/ins/1/df07c5d304?a=103247242&sa=1&v=1.250.0&t=Unnamed%20Transaction&rst=11226&ck=0&s=02073d953d12d1d7&ref=https://www.lego.com/de-de&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self' *.lego.com bat.bing.com dpm.demdex.net lasteventf-tm.everesttech.net www.facebook.com adservice.google.com *.doubleclick.net bam-cell.nr-data.net services.postcodeanywhere.co.uk wss://mpsnare.iesnare.com mpsnare.iesnare.com www.sandbox.paypal.com www.paypal.com legopre-prod.egain.cloud ac.cnstrc.com *.force.com *.salesforce.com *.salesforceliveagent.com *.salesforce-sites.com *.salesforce-scrt.com *.bazaarvoice.com maps.googleapis.com *.decibelinsight.net *.decibel.com blob: *.s3.eu-central-1.amazonaws.com fireworkapi1.com *.fireworkapi1.com wss://fireworkapi1.com *.fwpixel.com fireworkanalytics.com fireworkadservices1.com *.agora.io *.sd-rtn.com *.fwcdn3.com *.live-video.net wss://104-166-161-30.edge.agora.io:* wss://104-166-161-30.edge.sd-rtn.com:* wss://104-166-161-32.edge.agora.io:* wss://104-166-161-32.edge.sd-rtn.com:* wss://104-166-161-53.edge.agora.io:* wss://104-166-161-53.edge.sd-rtn.com:*".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allowed-countries.scout.services.lego.com
assets.lego.com
bam.nr-data.net
d.la3-c1-fra.salesforceliveagent.com
d.la3-c2-fra.salesforceliveagent.com
identity.lego.com
js-agent.newrelic.com
lego.report-uri.com
legocrm.my.salesforce.com
service.force.com
www.lego.com
js-agent.newrelic.com
104.17.184.88
143.204.98.13
160.8.13.0
160.8.250.126
162.247.243.29
2.17.100.160
2600:9000:20eb:da00:1e:c28d:f140:93a1
2600:9000:2761:c200:19:9f8c:2a40:93a1
2602:816:5001::39
85.222.147.21
85.222.153.242
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d885d596329309eb3ef6f0346cff1f6c56f7eabbfeed278809b047508bf9fc6
0f0213bb61193fe9bd1db34e37c416e165905b41bf5bab10004c093bbfd2f393
0fd26d5347883a1efa127f23590d63d52d26f011280961c6241f5d61d4c92490
1029ab263b11d7881db257c5b684df88f160fc28d398247b63612b1cba8dee6f
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
1287ea23ec8fea7e876523e906de805e958fce89efa29dfebb00b476beaf9403
12ce77e934df463891f63dab5fe44a450dfe4594c9d166565781e896c40182cf
168999d6f3807faa988d858fe8a2426c1902825b15cc8147718795411371ca65
1b9c2c9586d4657810274c972ea543e0730ed50d911290e523e59d63564126e6
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
1e4dbaa4e9662f1ffb8c70372893cd5306eb56c39bc0a0d40cb65d1af62bbd10
1fb461abc19ff29c15093a157e603a4ab20d4cfeb6305301ca3363f5d54eb5bc
26e01fc1809bb2cfe7ee54858f83fc76404f4b56657cba9b163394cdf3836410
37f6ff4a7fe1c992e3cfc604e536a372d76b2ee2b7e256de0715e5a48164070f
3994cb66e263fe0d699d807f5e017f6eb8b30de8023ca5b16366063b43ddc179
3a301ae0edd5a0648c5adc884e8afe30e8dc68e6c00e68aa4fb57fced3a2d20e
4171899a3e8dc9b30b022be5856cdc76f7a7f9371c1b2bf8a66e8ce38fc5398f
43aeafd646b2cf3914e09be687a72af8393bc76a4eb24431a4626bc2672b265d
443f5a57929dccb9127ca908e1217d54fdc653953fa44c8a77b3120b8d25f317
4441197109e31f53a0ce2103fac8a315e3ffd5bec98f5c3c5769d0244eab8e85
46d1bab5d53f00714797bc74959afbaef9c685b390a55b737ce08ef41fef7a60
492f93fed69c656dd6f28a02543015a32253b16ecbb43eda76f95fd4e1d704e0
53057dc9152f37cb198b8575778397d7786d804d851c5ac0b4d353dc232200ca
5422fa6670ec0a8ea7e3fb0d918eb8817e645046c6891520ca555a4364663582
58f9ec6aa5ec9fc171df70d808ae13a87b7c1d11095608af1e79962ba4bbadb5
5b9af9b5b88f5d0b41c78a72e73f5bc2a4861343ccef1ecfdb827515c0683349
5bfedeef9cc61b2da79cd6b9e80d30fc61468e51de448ce64c8fb82f6d7dddde
5ce2545ab7cac8c5d8fff37ccda9a4ca9d21f6fde6da509f638f6be251a97bc7
5de0aca90c828b38fc9b027e4904546e04b601010cad29b81c20c43e7b2cf750
631ed4bde5ae30de92114c51045e4c72cda402bed18563d7d3c3fc7379813141
66c2786c3f6bd4bc3bcbde5c5a8ec1b054c3ed61a875b1c2c8eb4454c22e620a
695bd8a3ed844209ded42ea80af9ed0a804661f471b4a9fe39843b7ce454f9bb
6b1b0d0f12af643744716b3443ddd613b751abafbe623abef0ce9923860047d5
6eaaf848f310fe8fa193f76881773c6238dc3d8944fd8f5e9015d9a494dea8b5
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
710912a436c31a4d093fa8511bd5af40c4b113c4fcb00378ecb8ae61d0ad555b
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
728902d515579fc4f8d51f9d249bdeb04a5b5dec0c9db58604bffaa0505ac150
72fbab48b3b6d3cd572b30c8ec61df29531a74a995be19a4f67399e39a61d9b5
7845a286d9b1a1d71bf603d1ba585f8a2ee8b6c5a294c2d88cd239982df9556f
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7ca0c03a6ab16dbb6c58d160c614a7ac6bfb70371fd6010277250e3663165094
80896f88a09ad58261e504297250943783df670aedaffdc7434918385c26baed
81a190e5f3d97c468124a58cdada8235d90df6a3f599a146d94360d6c37ebce7
83154a313dc8765aa95dd071fdb43d861823656fad5382ca08152a52275d81c3
864433fb3cbb2354f9558dc71473c7241f37e882dc22b11f265e9495842734a6
87719ff4a6d391e5a7048b32b7a571e695468e328bf42ce2023c5bd25627ce09
88431eab69163087c4fe3921a7daa95bc12975f7006ff31e9eb43800867acb8a
89ace3bbf70bf2a8a84f70052d009e8d0ace3893785a72984ce34635da2d402e
8a2be7f0f8bcd35acf40ee39659f30044383acca2d9083788fffc6082566f23e
8aaf0af04baf8eaa35b1ac46ed02d131a8d3c44896b92a45fa1555c70ebc94c9
8b366c1d4e063ef5b4ffad8c273b375643ec801ea3463a9fc1b31cbc3c5e1e7f
8b72f78c410b7a135448aa0772466867c39cdab2b688f5173ebc91dbe87de7c4
8ee7ad9e16a2ba29e59ef1904ba7cc7eae49551ded00014aa3860f40ce546d33
8efeba6edec5ea6d0caf4ccaf67a64d5cc67888ea522d3163a8617e8159adb47
8f29fe3c195fb85189b5d25b878dea5632bc142bcaceb7875ad0ebaf2f9f906f
91e27d4a5cbef57ed85a49f0eaf958ad8d8750b37f659c8c0426e8f3113c2658
9cd332bd334e150dae874f18ebe4e09225662da8727e5b47fb276e10377bc4d5
9e7a3d4c1f0b860934fb9195d32c00eaea2fb5c5f037655678370eb3b80fa8fe
a2bceea1b482fe9700cf170b68a55d4b0fda4aa8d2c54f0bb23373208fca5e43
a49f3a4c7fe78003fffc607ac6f2612cc7f91b058ea7cb02e679aec896bb9e27
a62766abfd4dc1831435195c7e7da7f3967f52062dae04be797f1b0e0da60aae
a889946cd0173a59e08bef010d16bdf03e71e2f1b414cd9bfe0c6d0427e3b834
a9893afa098f26137d5731d7a5d5b6013510c8473d4022b808c0ca84cb63f3ec
abb86a21e48e346fee8291f937987ccdc7faffe9c3fe85e0810b32cc85522ffc
acbf036a89176ec9f1f17cf2be343ec9dc631ab48f2d984fba147382cd59e671
ad4d297f52c25fc618a5d58d9829812f28982a5f04a7efe8d514558fa60767e5
af6e6a92e55e313cd5ce8ff132a2843b0292b267fb1cbb0fcd4d4b8d560663bd
b07d9dda59ac87b579efbea00c7ea777fe63066bf14a22aebdbc430bf02ca02f
b19ced7b0e1404fc15f9026a17311255380fe6595f34d1c68e4f70b1d50bc93e
b2ffdb7e6780631cc1476372ffdef6fd3fa5d5f0a51f66110fde0b8969f14c8d
b3019aee6e1dca73a7d9385cec1e74aa552f05ecd9b4ff2a8fa2d13f6e0321d7
b7d2971c3439be53484e5d6a7a0025a256ec58be8887882bd229a9383fe92c52
bed96a75857452e5f79b8e237eaf6498a7540e6d83955ba5903354905b7b2a5a
c0b1df65ba50ac90d3876a4b789c954486b8672ecec9a9be44a0d95f2e1e3d25
c40011763d95175c270640dfa3cc53da4eefe88b514ebd357d5735589e91aae9
c62720545b21f659cd36d57413b2ae8dd1d3fa481127dbab1c0d07551daae6c9
c9a936326b042aee240252c3c2176805b1979a39f6873645ccf6b7b2aeb81b02
cbe1f12a684d8f2eecd6cd871264adf7c5a09a7b68c37b719e3e82a1271a4320
cd3e081b37155580bd134c585b5025a290e3f205f12dfd8853789d2acf3ac7c4
ce7c804a93ddefe16c65fb99337cc56111ecbd95b4eb6953b4c47cf59ad88c59
d01b3e0487d06e6ee3c093266c5efebedbee9a459f4e0a0049bbfb1d8a9c6a55
d3d566990585fe960360cfd0c6cfa0de938fa84b4e061c90bdaf0f72e4a333a6
d4d50cbb4c5fb2875fac84590436e15cdd648f5616b80324208997930df235bd
d740e2399385e4626532b9856b8be7849caee596e280e306a0297628cdc883fd
dc726dc6054d9b9aaf9318089f4a2c32c676342db6e47e7b0d3845c8f0456498
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d61a771a3bef22a81f994b314744da2f1337253c04c4336fc79b55baa2ba0c
e692c130a90f4e348fc484cce8e13d43e5275fef4cec1a3878b8e3d96071a6e0
e7bb654c203122667a77d58832bd76027278cbf8e931e6366d033bc09c776bd1
e9fa0d1672c66e864d12fa4e89939aafe8c03e6d1fa22312bc3c92b9ae675f32
eb0e63b87ec0f72593b405383f8f4e423e87e3916b6afc78b927006aa921fd92
edcb1c415935b1cf49e2e56980d7eba638bda72a23a8997157e1590b1eef14d0
ef1280b0fcd3b992ef7fbecc084a640bcd61d5305094388813a6fb95f6b0c2ae
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
ef7dbf559d0f684b59d077a8092095d97be270a3866005fed9738005f4142efe
f13cabb7696d2bf88bcbfa352f349751499bfaca9663171402a5df881b245dfd
f17145ceb307b3f8918102ec7495bdadbeb5c4205e5124e2c47b3f711ab25a91
f240a4be2d6ef0cfd69674797f96c85e9c950ffde17ab74dde1040cd10e3d018
f38706f81647cb53a88d2da330919f1bdfd2ba14f9fd2a8d9c0874f6ee4c9b71
fa15278dddf5b4ac047ade4e1763a14284ee88c7b7b718b7808216024a6c1000
faea0204fef6d933838c47ca3551c66714b74e27687d9503570c20f2b1def065
fbfb5ef4b954d5138c19382988c6c87cfce9b6ea39f5d8d0a0cbc23fdfa6bdd1
fc7209e7ea5e86da79a2ec2607e8e4a418cf28b5b7ded2b99525f37f6f5ef950
fe548b4b036781c07b73eb43b12d2bc20ef4436de350e245c9ad0d5458688563