www.lehner-versand.ch Open in urlscan Pro
2606:4700:20::681a:3cc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://m.lehner-versand.ch/r/80329309a381e76c026a67616?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDY1O...
Effective URL:
https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv...
Submission: On December 26 via api (December 26th 2022, 9:02:36 pm UTC) from IE — Scanned from DE

Summary HTTP 131 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 44 domains to perform 131 HTTP transactions. The main IP is 2606:4700:20::681a:3cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lehner-versand.ch.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.

This is the only time www.lehner-versand.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	83.246.80.29 83.246.80.29	24679 (SSERV-AS) (SSERV-AS)
26	2606:4700:20:... 2606:4700:20::681a:3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
9	104.110.240.66 104.110.240.66	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:400d:808::200e	15169 (GOOGLE) (GOOGLE)
2	195.201.169.234 195.201.169.234	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	104.110.240.19 104.110.240.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::d 2a02:2638:1::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	52.29.94.1 52.29.94.1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.16 108.138.7.16	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
7	13.32.27.55 13.32.27.55	16509 (AMAZON-02) (AMAZON-02)
4 5	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:829::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	158.69.52.117 158.69.52.117	16276 (OVH) (OVH)
1 2	3.126.197.232 3.126.197.232	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.73.139.57 54.73.139.57	16509 (AMAZON-02) (AMAZON-02)
1	104.85.0.23 104.85.0.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.64.18.221 3.64.18.221	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.57 185.86.139.57	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.0.251.50 23.0.251.50	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	18.158.8.202 18.158.8.202	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	34.251.47.116 34.251.47.116	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.57.58.128 52.57.58.128	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4200:8aa9:ea43:9402:2506	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.222.35.84 23.222.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.137.201 54.194.137.201	16509 (AMAZON-02) (AMAZON-02)
1	54.229.18.25 54.229.18.25	16509 (AMAZON-02) (AMAZON-02)
1	3.16.134.16 3.16.134.16	16509 (AMAZON-02) (AMAZON-02)
131	55

1 83.246.80.29 (Burgdorf, Hanover, Germany) 1 redirects

ASN24679 (SSERV-AS, DE)
PTR: vmm03.leuchtfeuer.com

m.lehner-versand.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:20::681a:3cc (United States)

ASN13335 (CLOUDFLARENET, US)

www.lehner-versand.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.110.240.66 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-110-240-66.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.169.234 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.234.169.201.195.clients.your-server.de

track.bx-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.110.240.19 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-110-240-19.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.94.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-94-1.eu-central-1.compute.amazonaws.com

www.getback.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
push.getback.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-16.fra56.r.cloudfront.net

gtm.adt313.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.27.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-55.fra56.r.cloudfront.net

static.getback.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.52.117 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-3.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.197.232 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-197-232.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.73.139.57 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-139-57.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.0.23 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-0-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.18.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-18-221.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.0.251.50 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-251-50.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.47.116 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-47-116.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.58.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-58-128.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:8aa9:ea43:9402:2506 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.35.84 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-35-84.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.137.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-137-201.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.18.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-18-25.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.16.134.16 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-134-16.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	lehner-versand.ch 1 redirects m.lehner-versand.ch www.lehner-versand.ch	265 KB
20	google.com apis.google.com — Cisco Umbrella Rank: 168 www.google.com — Cisco Umbrella Rank: 15 region1.analytics.google.com — Cisco Umbrella Rank: 4240 accounts.google.com — Cisco Umbrella Rank: 118 play.google.com — Cisco Umbrella Rank: 68	292 KB
14	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5778 api.livechatinc.com — Cisco Umbrella Rank: 5247 secure.livechatinc.com — Cisco Umbrella Rank: 6851 accounts.livechatinc.com — Cisco Umbrella Rank: 8568	371 KB
11	getback.ch www.getback.ch — Cisco Umbrella Rank: 204653 static.getback.ch — Cisco Umbrella Rank: 192068 push.getback.ch — Cisco Umbrella Rank: 445774	179 KB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3522 gum.criteo.com — Cisco Umbrella Rank: 433 mug.criteo.com — Cisco Umbrella Rank: 2069 sslwidget.criteo.com — Cisco Umbrella Rank: 1823 dis.criteo.com — Cisco Umbrella Rank: 890	27 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 156 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 4227	692 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 511	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 115	203 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 252	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 368	508 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 754	854 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1578	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 375	876 B
2	gstatic.com www.gstatic.com ssl.gstatic.com	23 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	202 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	111 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 87	20 KB
2	bx-cloud.com track.bx-cloud.com — Cisco Umbrella Rank: 991651	28 KB
2	trackjs.com cdn.trackjs.com — Cisco Umbrella Rank: 19515 usage.trackjs.com — Cisco Umbrella Rank: 9235	10 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2440	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 745	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2234	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4189	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 26598	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2586	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 852	581 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1408	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2795	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 510	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1021	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1940	163 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 961	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 461	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2053	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1285	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 637	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 617	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 424	239 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 898	145 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 681	784 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 324	6 KB
1	adt313.net gtm.adt313.net — Cisco Umbrella Rank: 240368	12 KB
131	44

	Domain	Requested by
26	www.lehner-versand.ch	www.lehner-versand.ch cdn.trackjs.com
9	www.google.com	apis.google.com www.lehner-versand.ch www.google.com
9	cdn.livechatinc.com	www.lehner-versand.ch secure.livechatinc.com
7	static.getback.ch	www.getback.ch static.getback.ch cdn.trackjs.com
7	apis.google.com	www.lehner-versand.ch apis.google.com www.google.com accounts.google.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
4	www.google.de	www.lehner-versand.ch
3	www.getback.ch	www.googletagmanager.com static.getback.ch cdn.trackjs.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.lehner-versand.ch
3	api.livechatinc.com	cdn.livechatinc.com
3	www.googletagmanager.com	www.lehner-versand.ch www.googletagmanager.com
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	accounts.google.com	apis.google.com www.lehner-versand.ch
2	www.facebook.com	www.lehner-versand.ch
2	connect.facebook.net	www.lehner-versand.ch connect.facebook.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	stats.g.doubleclick.net	cdn.trackjs.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com cdn.trackjs.com
2	track.bx-cloud.com	www.lehner-versand.ch track.bx-cloud.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	push.getback.ch	cdn.trackjs.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	e1.emxdgt.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	usage.trackjs.com
1	cdnjs.cloudflare.com	static.getback.ch
1	play.google.com	www.google.com
1	ssl.gstatic.com	accounts.google.com
1	sslwidget.criteo.com	dynamic.criteo.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	mug.criteo.com	www.lehner-versand.ch
1	www.gstatic.com	www.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	gtm.adt313.net	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	cdn.trackjs.com	www.lehner-versand.ch
1	m.lehner-versand.ch	1 redirects
131	62

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.zertifizierte-shops.ch
lc.chat
www.bettwaesche.ch
www.workgear.ch
www.getback.ch

Subject Issuer	Validity	Valid
lehner-versand.ch Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
cdn.trackjs.com R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-10` - `2023-10-13`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
track.bx-cloud.com R3	`2022-11-05` - `2023-02-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-05` - `2023-01-03`	3 months	crt.sh
*.getback.ch Amazon	`2022-04-08` - `2023-05-07`	a year	crt.sh
adt313.net Amazon	`2022-03-01` - `2023-03-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
static.getback.ch Amazon	`2022-07-28` - `2023-08-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.trackjs.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-28` - `2023-08-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
itm.ivitrack.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
Frame ID: 75102DAF3778DC4A40DB18598D9718F1
Requests: 77 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7576815&hl=de&origin=https%3A%2F%2Fwww.lehner-versand.ch&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: F24F91D6151AC672CAFABD9841E22ACB
Requests: 10 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=8194801&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: F92A820D52E2A86086BB5617E515A450
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.lehner-versand.ch&origin=onetag
Frame ID: 905EE3D924A03ED4E8C7A0FEF35DA4FA
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.lehner-versand.ch&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: AB935035E34DC7FA2AC03D340DBE771E
Requests: 5 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ctTFdJxcHxQ4bwhCIXTVmx78vHCg4QRlV9u48w&expires=30
Frame ID: 1C2B517AFF3DB61B5AC7C638DFB95208
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Abmeldung vom Newsletter von Lehner Versand

Page URL History Show full URLs

https://m.lehner-versand.ch/r/80329309a381e76c026a67616?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlb... HTTP 302
https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&a... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

131
Requests

92 %
HTTPS

34 %
IPv6

44
Domains

62
Subdomains

55
IPs

10
Countries

1569 kB
Transfer

4393 kB
Size

72
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/lehnerversand

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lehnerversand/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/LehnerVersand

Search URL Search Domain Scan URL

URL: https://www.zertifizierte-shops.ch/ZSOS-JPVPHFAGXMBXETI-zertifikat.html

Search URL Search Domain Scan URL

URL: https://lc.chat/qb/8194801/1
Title: 5.0/5.0 - 109 BewertungenVerified by LiveChatOct. 2022AUSGEZEICHNETER SERVICE

Search URL Search Domain Scan URL

URL: https://www.bettwaesche.ch/

Search URL Search Domain Scan URL

URL: https://www.workgear.ch/

Search URL Search Domain Scan URL

URL: https://www.getback.ch/goto/aHR0cHM6Ly93d3cuZ2V0YmFjay5hcHAvd2ViLXB1c2gtbm90aWZpY2F0aW9ucy8%3D?t=layer&sid=4149612860&lid=622&lang_id=1
Title: Powered by Getback

Search URL Search Domain Scan URL

URL: https://www.getback.ch/goto/aHR0cHM6Ly93d3cubGVobmVyLXZlcnNhbmQuY2gvaS1zaWNoZXJoZWl0LWRhdGVuc2NodXR6Lw%3D%3D?t=layer&sid=4149612860&lid=622&lang_id=1
Title: Datenschutz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://m.lehner-versand.ch/r/80329309a381e76c026a67616?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDY1O31zOjU6ImVtYWlsIjtpOjQ2NTtzOjQ6InN0YXQiO3M6MjI6IjYzYTQwMWMxNGE4ZTgwNjA5NTcwMjYiO3M6NDoibGVhZCI7czo3OiIxNjE4OTI5IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo0NjU7fX0%3D&utm_source=newsletter&utm_medium=email&utm_campaign=lv-nl-2022-157/ HTTP 302
https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://gum.criteo.com/sid/json?origin=onetag&domain=lehner-versand.ch&sn=ChromeSyncframe&so=0&topUrl=www.lehner-versand.ch&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zmTi6nxWdnpiVzV3bWFXWkNRSXFTekl6VjA1Q3E1Y0xSdThCTkNjWXJXMThhM200VmpQQ3lGNGNMK3RyaGYwbFpmbHczQlBiR01rMTRJcXp3SnVVUHhQcTFLRDZ4TDdSVTZ6Y0pRd3RqbTRueitDN1V6L3NXaGpIV1lJVUlXRUxYVXpKM2VZRk0wZXJsU0JYR0d4VzlxOWxoTE5ydldTOHlvdWdTSWxzaGsveXJFYWk4Q1IzZndzR2Q3dlp4TVgyVml3OXdjdTZhMklVV0ZEZ0lUWUVBNUVERDBGTjh5REN3eXAyL1FpM2RhSW1HSE9IaHVHU21IMk94UGZ2QUxIRlBrRWZqbHhPaTQ3MWRzQVJST3JWemMzbDliZz09fA&cppv=2

Request Chain 93

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ctTFdJxcHxQ4bwhCIXTVmx78vHCg4QRlV9u48w&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ctTFdJxcHxQ4bwhCIXTVmx78vHCg4QRlV9u48w&expires=30

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-SqHohJxcHxQ4bwhCIXTVmx78vHCLFfnKVkQFGQ&google_cm&google_hm=ay1TcUhvaEp4Y0h4UTRid2hDSVhUVm14Nzh2SENMRmZuS1ZrUUZHUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-SqHohJxcHxQ4bwhCIXTVmx78vHCLFfnKVkQFGQ&google_gid=CAESEHXatw9hOlYSdeyuh-gdhFY&google_cver=1&google_ula=913071,0

Request Chain 95

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8330093535669466586

Request Chain 96

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qnpn9JxcHxQ4bwhCIXTVmx78vHD25fF4Tcg7jw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qnpn9JxcHxQ4bwhCIXTVmx78vHD25fF4Tcg7jw&C=1

Request Chain 97

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1kLuWZxcHxQ4bwhCIXTVmx78vHAx6H4nEqYiZQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1kLuWZxcHxQ4bwhCIXTVmx78vHAx6H4nEqYiZQ

Request Chain 106

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_bpW25xcHxQ4bwhCIXTVmx78vHCj9gTJtxEu9A HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_bpW25xcHxQ4bwhCIXTVmx78vHCj9gTJtxEu9A&verify=true

Request Chain 110

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KZZ8UZqQ7tNNGK1ET2hQFgoJAKTOvyjq HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KZZ8UZqQ7tNNGK1ET2hQFgoJAKTOvyjq

Request Chain 127

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0KSQMUnNtoRhD-k9foKXpNUQ3cSsRfoA

Request Chain 128

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tJMbfH_i_zGHOeeMVKEKEG-Nw2F00h4l

131 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.lehner-versand.ch/i-newsletter-abmeldung/
Redirect Chain

https://m.lehner-versand.ch/r/80329309a381e76c026a67616?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDY1O31zOjU6ImVtYWlsIjtpOjQ2NTtzOjQ6InN0YXQiO3M6MjI6IjYzYTQwMWMxNGE4ZTgwNjA5NT...
https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

384 KB
44 KB

507ms
233ms

Document
text/html

2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865aaca9f8bc16868a60f4b53c3a80bcea1a359e8f2aad3aad3e0afbc2dd4fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 77fcc2010d789078-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Dec 2022 21:02:30 GMT
expires: Sun, 26 Dec 2021 21:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncLK0XriirAb2J2rF0UtAC0ZIsI48mYe6J0n%2BBWnyfuYQ0F8Ylz6oeOV%2FuULXGc6j3HggNXXn%2BuO%2FY4wgt4st14h9dT0CTkVEoQ%2FlxLo%2FWeQiCrgB2RhZxbM3Y9rQV04gZSPmsdS4IuQYC8S8cBEUJTC%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-built-with: Hyva Themes
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-whom: web2
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, must-revalidate, private
Connection: Keep-Alive
Content-Length: 842
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Dec 2022 21:02:30 GMT
Expires: Mon, 26 Dec 2022 21:02:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
Server: Apache
X-Content-Type-Options: nosniff

GET
H2 200 styles.css
www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/css/ 139 KB
23 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/css/styles.css

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c25e2142f2aa74947fbee57eba2fff6da99ff3f7a1f241e1db2745f5abb11db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126940
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 25 Dec 2022 09:46:10 GMT
server: cloudflare
etag: W/"63a81be2-22a76"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zg%2Fqi7dHYvAc3lV%2BhvRMbQrR%2Bp3xU%2FD2vm6A2jgE83jV6H7VIVA%2BXBiulHk5Fr6NZelLZXWtIVa1vzPG4KrYNs1x5j%2FGXF8oNS2oL9DXQFUyitSw5eupkZIxZioDr8mTZ1TTwkJoHmlIbg0ADqdB1xlm2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc20288129078-FRA
expires: Mon, 25 Dec 2023 09:46:50 GMT

GET
H2 200 t.js Show response
cdn.trackjs.com/agent/v3/latest/ 29 KB
10 KB 57ms
13ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Requested by: Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a

Request headers

Referer: https://www.lehner-versand.ch/
Origin: https://www.lehner-versand.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: gzip
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
x-amz-request-id: 4TVZV8YMHX6FZPP1
x-amz-meta-content-type: application/javascript
content-length: 9283
x-amz-id-2: SjQVKoGLsWKov8ZKEiOG0gdk+eqjnGFMwDc//3rJ02EDKPpzWrJr7wghxqx2JDieEsYedlgLvMo=
x-sp-metadata: HS256.CPazqJ0GEogBCiQ2MWFkZDU5MS03NmEyLTQ0MWQtOGY1OC0zMDlmZjFkNTliYTcQyLOy7JX3+wIaBgjml6idBiINODAuMjU1LjEwLjIwMijmpwMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGQxNmZhMTNiLTBiNjEtNGNlMy05ZTlmLTI2NDNjZDk5MjNjMRjDSCIYCAISFGNkczI2OS5mcjguaHdjZG4ubmV0.TepkQc6dzqyfpnGnwaaD3W9M8uK+3OD57XB8hlXRoks=
last-modified: Thu, 05 Aug 2021 14:40:38 GMT
server: AmazonS3
etag: "48ead32171e554edb2744890102504b0"
x-hw: 1672088550.cds005.fr8.hn,1672088550.cds269.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-max-age=3600, max-age=604800, public
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 43ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2409897-1

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

282fcd222a1c96d5bf34e72b8a30bf97e9ee3a0ddf4bd8ff49fcb369582783c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 26 Dec 2022 21:02:30 GMT

GET
H3 200 lehner-versand-christmas-logo.png
www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/images/ 8 KB
8 KB 31ms
31ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/images/lehner-versand-christmas-logo.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26466e3e04255953aa555833e4e546a612ad11109ae2b676142906e3ace01ed3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126773
cf-polished: origFmt=png, origSize=15837
content-disposition: inline; filename="lehner-versand-christmas-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7718
cf-bgj: imgq:85,h2pri
last-modified: Sun, 25 Dec 2022 09:46:10 GMT
server: cloudflare
etag: "63a81be2-3ddd"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc4HAG7e8qqlVTfs4P9DRegiJB8RO42eJPUnxEDg0OhCqH%2Bq8K8zqMuKZBI2i8LkMK1htreSxyOiOLJKLVny5aTR1Q3mSIUupsdvT3fKrZqtLV3uW%2FcD%2F4G1q04duV3hphZewr4gDjf%2BXepW%2FWXxW%2FsL5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc202f95b92b1-FRA
expires: Mon, 25 Dec 2023 09:46:50 GMT

GET
H3 200 banner_newsletterabmeldung.jpg
www.lehner-versand.ch/media/static/cms/global/ 46 KB
46 KB 25ms
25ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/cms/global/banner_newsletterabmeldung.jpg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe8886cbb8c25e660cf13f6a90f3f53c84d47b2c1d8fb99b05b6e35f6b388f5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230805
cf-polished: qual=85, origFmt=jpeg, origSize=56980
content-disposition: inline; filename="banner_newsletterabmeldung.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46778
cf-bgj: imgq:85,h2pri
last-modified: Mon, 17 Jun 2019 20:02:15 GMT
server: cloudflare
etag: "5d07f1c7-de94"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaqcW%2FyI2dAyhFd5ERF%2FE4HxH6FRqPsGbE6yvo1NnOB3RblQI%2FRCrhPmVpLSRsMbPxnbSwM0qNuu6%2BwCSrOsxN%2F%2BhPmfy%2BSl1vAtiCGPxafi3J08zkERYPnrO35b039Hgz71n%2FXJD1o4ygYStfcKOQLQ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc202f96592b1-FRA
expires: Sun, 24 Dec 2023 02:44:53 GMT

GET
H2 200 qb-8194801-light-200-1.js Show response
cdn.livechatinc.com/qb/ 2 KB
1 KB 52ms
15ms Script
application/javascript 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/qb/qb-8194801-light-200-1.js
Requested by: Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6808299f09d8cbb9c76e9f7b497c6911960b368778690236112e1eca61ca697c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3501
content-length: 963
expires: Mon, 26 Dec 2022 22:00:51 GMT

GET
H3 200 alpine.min.js Show response
www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/Hyva_Theme/js/ 26 KB
9 KB 54ms
53ms Script
application/javascript 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/Hyva_Theme/js/alpine.min.js

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c9b6841b0aa3860d4de410ac328d2abb430e820e3d86fc56ba6c4efb32b0fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
Origin: https://www.lehner-versand.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126915
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Dec 2022 09:46:09 GMT
server: cloudflare
etag: W/"63a81be1-6933"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPdZ8OtKjVjQkXiaLsvPr3DxaOXFEW1JiSJyFu7ZYKIOxi5OO0gsyinIiLsyOSl9D3Am%2FEniVIgf0In7DzOaUUW3oVB4iWDuHGxsr2nczugQlnRUJci6m%2BkqRpoVyBfIduPgVm10Z0YK4c6SAA%2BV%2B4mGCw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc202f96692b1-FRA
expires: Mon, 25 Dec 2023 09:46:51 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 189ms
118ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Dec 2022 21:02:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ec76424fc4148a81"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Dec 2022 21:02:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 282 KB
85 KB 322ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5R9HJ9V

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b96b1a7ad2bf96449d5869ffef74a15f0aaddd491ba1e77c57f083dfff178e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86942
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 26 Dec 2022 21:02:31 GMT

GET
H/1.1 200
OK bav2.min.js Show response
track.bx-cloud.com/static/ 27 KB
27 KB 71ms
13ms Script
application/javascript 195.201.169.234
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.bx-cloud.com/static/bav2.min.js
Requested by: Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.169.234 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.234.169.201.195.clients.your-server.de
Software: nginx /
Resource Hash: ff5fe555523a8cdc942d5f69d16593e448a1ac92f90fb57975d89389d4913137

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 21:02:30 GMT
Last-Modified: Tue, 08 Nov 2022 00:21:00 GMT
Server: nginx
ETag: "6369a0ec-6ca5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27813

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 85 KB
27 KB 39ms
14ms Script
application/javascript 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b9b25536890e2cfe49ea043da3541262e0720f94d464478a19f1d1fc35248771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5Yjqz9Bmhj6BVA2T4Mz1vi93OsAWGHkr
content-encoding: gzip
date: Mon, 26 Dec 2022 21:02:30 GMT
last-modified: Wed, 21 Dec 2022 09:50:36 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
etag: W/"23a81efcb30e2c563a43cb0327a64467"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: uOX94tHAg11cL4Rz3YmgR5nFtLGYUdTRw-CkiMZfPo6QqslG6mI16g==
content-length: 27091
expires: Tue, 27 Dec 2022 05:02:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2409897-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Dec 2022 19:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4306
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 26 Dec 2022 21:50:44 GMT

GET
H3 200 Lato-Regular.woff
www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/fonts/Lato/ 37 KB
37 KB 40ms
39ms Font
application/font-woff 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/fonts/Lato/Lato-Regular.woff

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

994fdad01e6fc1cd44f47fc538cffc8f925fadbe272e494e292c785e0f2166fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/css/styles.css
Origin: https://www.lehner-versand.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126915
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Dec 2022 09:46:10 GMT
server: cloudflare
etag: W/"63a81be2-9294"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IfEt%2FzcZgcFxb2dYV8aLwpPeBRZbgD4PFQNeEmrFcL%2Bdng6Fv7FilLw7Ov8HkezcM20R3LZrK5J5obprvtbsXm70aMhgy%2BOIcZUoqfjBltOMoBoVAx%2Fzj2pKFnCaZ4elpydSkzlM9E0SHwHYSjIORjGOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
vary: Accept-Encoding
cache-control: max-age=31536000, public
cf-ray: 77fcc20339b292b1-FRA
expires: Mon, 25 Dec 2023 09:46:51 GMT

GET
H3 200 Lato-Bold.woff
www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/fonts/Lato/ 36 KB
36 KB 30ms
29ms Font
application/font-woff 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/fonts/Lato/Lato-Bold.woff

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe92ff49ddb53e0bc1716cdfac74e2ad313d6df2a33b20102c6c1bac75d6b76b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.lehner-versand.ch/static/version1671961554/frontend/Lehner/hyva/de_CH/css/styles.css
Origin: https://www.lehner-versand.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126764
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Dec 2022 09:46:10 GMT
server: cloudflare
etag: W/"63a81be2-8f7c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xC89%2F%2FRVgVex4B7inOaNkRUmnijMoRhCpKqD0z3Ttt6oRfbJcuh%2B3qs9qNgNnrDO%2F4xOjLJvNwaDQI6BXdLkH12AblGhWGbZxjIEIbq90h1n4hZLwV9mlx01UtYj3Sp61kWhDdazcZ39gp1OwP8vat%2FFBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
vary: Accept-Encoding
cache-control: max-age=31536000, public
cf-ray: 77fcc20339b492b1-FRA
expires: Mon, 25 Dec 2023 09:46:51 GMT

GET
H3 200 logo-vsv.png
www.lehner-versand.ch/media/static/footer/ 5 KB
6 KB 29ms
28ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-vsv.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5229c4a3c1967b9b6819beafd832ebf8988815745ef985aa9bc80ce366f80c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
cf-polished: origFmt=png, origSize=6360
content-disposition: inline; filename="logo-vsv.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5196
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 May 2019 16:00:37 GMT
server: cloudflare
etag: "5cdd8925-18d8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BgpzYTgegsPQB1lD61StH%2B3aWfrYdZrbXaUKWh4%2FIYppltPkc3CLhu2eG1hfSrx8IVazV%2BpEDbmwfwBTj0ducQn3rXpi7cCdb4gtYSRR4BOWU1owtqVP9KikUA8wIYx%2BZwqC0lKqU%2FLoOR0qSKQrrhJnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20349d492b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 catalog-wr2_de.png
www.lehner-versand.ch/media/static/footer/ 5 KB
6 KB 34ms
24ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/catalog-wr2_de.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a71aee4b487f1bcd4cd2bae96b413b4dc6b3b87c04d9f46eeefd9a790155c6e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
cf-polished: origFmt=png, origSize=5644
content-disposition: inline; filename="catalog-wr2_de.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5254
cf-bgj: imgq:85,h2pri
last-modified: Fri, 30 Sep 2022 06:56:20 GMT
server: cloudflare
etag: "63369314-160c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O03ljQkOpA0zjDezpQRePPBn8ygUGzXCeVUdDlOaAZCgACLNYNwKsNfCkK8t7L1KcyRrCC6AzLXzCV0GlzbBrdEcBPlZr8pAce7wwo1g2%2FYAnZKiaeN6kncnB63qlwvWud%2Fi%2F4g4SMdfqCKglQyTnw0Rjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20359de92b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 coupon.png
www.lehner-versand.ch/media/static/footer/ 5 KB
6 KB 33ms
23ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/coupon.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd3d39ac97e1bba3259e2d2e073f5f6bb15dd7bf033b2b67f2d4f1be060f2846

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
cf-polished: origFmt=png, origSize=5417
content-disposition: inline; filename="coupon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5192
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Feb 2021 15:09:00 GMT
server: cloudflare
etag: "60351a8c-1529"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgfco4AUKnlT1RbsKbPAgqUc8qoDKY1yX3rcjutUSWHmjiw1J3AYNNbExUTXz9C%2But39s3QXprESLbL8sCYqKXeA0bAZdTxEOi3W1on8Q4AUwJx87BDhQP%2Bbc4MoigvTkV88GbdVJvL5XByzMhmDSdgCOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20359df92b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 logo-postfinance.svg
www.lehner-versand.ch/media/static/footer/ 3 KB
2 KB 39ms
30ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-postfinance.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2be0b36249c190613a2ef361c20fa86cb01bbb2ab1446cb892d8d12bab25037

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 12:51:02 GMT
server: cloudflare
etag: W/"62c433b6-cbf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcOqrSZS5fy1dm2P16bVJdsJLod%2Bz6wegPi5k0%2BMg4L7Av%2FxyshnrbujTACg4ajIOXEdv%2B5U4L5OSwABZ7SYUFfLnvJgz7HefHN1F1cM%2BGk6VeO2f6dGyMgeW%2B2nAP6EM%2Bq1g57SoJxpZTlSpusu%2FJsmEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc20359e292b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 logo-visa.svg
www.lehner-versand.ch/media/static/footer/ 2 KB
1 KB 33ms
24ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-visa.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e9a42feb64bbc9f11bd91f5a81094ece58a13c368576f14c86bcc9ae1dc576

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 12:51:02 GMT
server: cloudflare
etag: W/"62c433b6-67c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuNL6PejeyLn43PSDHAx6u1k%2BLfQxaXoUJQuuYdi4AVSglTspy4DSiWZ7QLTZsL1tgoNTPysk4Q34jznw1J28YPoBp9zoC5emXW0Kw0TJmcjop3YhUiCQlNZ600BQcg28njowOs%2BqiY9WiOSZBNx%2BXMedw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc20359e392b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 logo-mastercard.svg
www.lehner-versand.ch/media/static/footer/ 3 KB
2 KB 39ms
30ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-mastercard.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9992c5b2e1f1a91faad442284409fb2d5ede2d339664bf55f2e88757ff9261

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 16 May 2019 16:00:37 GMT
server: cloudflare
etag: W/"5cdd8925-cad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKjMbtfv%2Bqh9C%2BtTfjnxFYSIs15mvU%2Fz0q0%2B6clebQjMaa3LMUpfItRIIJv0vEbIXf%2FTTEEGgx1lMgduTo%2ByURLQJS1dIXIIqPzMmTLb7D%2FvMLuzoNwwFCFkMXVE0AHTkXzO0%2BEjMTGbxbcXV%2FWBaoROZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc20359e692b1-FRA
expires: Sun, 24 Dec 2023 02:10:36 GMT

GET
H3 200 logo-paypal.svg
www.lehner-versand.ch/media/static/footer/ 4 KB
2 KB 41ms
32ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-paypal.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fc415251136981839ee367373ccf98833beb49158ba57b9803cb1f1f313f737

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 12:51:02 GMT
server: cloudflare
etag: W/"62c433b6-113b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMw%2FJE5J7EmOWLfPnGmQ6m1upHAbw3V%2BgmG79HLBnS7Xb56crHHLis84tv2t0v2giRJPw2Zxz9ph116POR4WMV3TtQfKFXV0LBAhnJNz89wOpFnssIvdKBmuvIyENTjw1DHfW1%2Fws1ECmUebk1RV%2FtTJbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc20359e892b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 logo-twint.svg
www.lehner-versand.ch/media/static/footer/ 3 KB
2 KB 51ms
43ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-twint.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da7d70e5dd8c8974fefc1a6f3a3654f696d87162e3be6132ab6946ff8e6b6cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 12:51:02 GMT
server: cloudflare
etag: W/"62c433b6-d68"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BybZTHkWZC%2BOXvpDGt1PQSaslGvYjouhjNsKxN0OAY52xryB16gM155GuIHz%2Bxfs4NnWpCsD1lLOhg4VGziSQpgaUiPvPRdmctMIuPWYPZ2z2VJv1gkr6%2FLsDEUC5xzCFkNYIB%2Fkb2m4Yrq5%2BpPmmacN%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc20359eb92b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 logo-bitcoin.svg
www.lehner-versand.ch/media/static/footer/ 5 KB
3 KB 37ms
28ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-bitcoin.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cdae00125542e7d27b5b5ff1de2162170765c9f7b6592e22cc625d00f300196

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 16 May 2019 16:00:37 GMT
server: cloudflare
etag: W/"5cdd8925-1370"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXXo64ZxuzpOGSLNwwjUF4hYuF0Q1w9DprwcdQk58glZvW%2F2dLnMKXQApTsgTXMUxJ2aMvnBuhf6PwSAfy77YBs2OwHr8v8USwlvBFuumdJnRKanxcw%2FtLmimZKtnAQF6tchdaik0OxR59laq8nMC5zLcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc20359ec92b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 american_express.svg
www.lehner-versand.ch/media/static/footer/ 3 KB
2 KB 84ms
76ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/american_express.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9523a5a1531e063a25b418436ada3f36ca6778d56dca77315b2796bb479a3bb0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 14:34:25 GMT
server: cloudflare
etag: W/"619e4d71-b83"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weJSLIr%2F8JhhFBl2NIcr1baMYqnl33ManijK8fHU%2Bwd4vx6w%2B0Gfk6BGLmMkYuph%2BQ9x4gCaLturaniLlwmAVx6bV7NVwwOrpytgt%2BBU6wXqMh8hJL0GoJvoGoJMmwJuy%2BwsKul3nPTNkgF06Y6IKgx8uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc203aa9092b1-FRA
expires: Sun, 24 Dec 2023 02:10:36 GMT

GET
H3 200 diners_club.svg
www.lehner-versand.ch/media/static/footer/ 16 KB
7 KB 85ms
77ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/diners_club.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a9bc201b9ad57267d872d6f986527614baaa17f14d37cb04f1dc8b37d53021f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Feb 2022 09:56:48 GMT
server: cloudflare
etag: W/"61f903e0-4161"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LATSWWhEk0TKLF9yTFmiVzNxe05z7RTVDfrSBBG6KvapK7bFpyC9fAGsy797zOw5w%2FMTrK0X4W%2BdEZT%2Bwa0D%2Fne4K7%2FKyjCj7jkI6I4ceHZRVSY1tmwKTRGx8J5okZoDMjiaSshI0yXRGK9x80qsfDM2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc203aa9492b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 billing-de.svg
www.lehner-versand.ch/media/static/footer/ 1 KB
1 KB 33ms
26ms Image
image/svg+xml 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/billing-de.svg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaad8e0effaeb7ffe5e9b3d73034af06093a69bf2c45ecb8446788d3779b8b47

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Feb 2021 15:09:00 GMT
server: cloudflare
etag: W/"60351a8c-524"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDMCLkpgWh2XA6GIpg%2F47fOfGM%2B8cIJGPI14i2ONCgtklonky06QEvgz%2Bb4ib6VufZkOay2KjPGINcDhkrZ5tSB7Uh3nD7N%2BTXUmlx3Mhy%2BwKNnOJ6%2B%2Fi8KwygQ%2F1Ujhyee14YoknIlInNVjg7SGygfpTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
cf-ray: 77fcc20359ee92b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 zertificat.png
www.lehner-versand.ch/media/static/footer/ 3 KB
4 KB 34ms
27ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/zertificat.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30abdec0ff019f8193494188b2ff5127368b51c14abe6207b3ae1383e385fa6c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
cf-polished: origFmt=png, origSize=6335
content-disposition: inline; filename="zertificat.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3176
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Feb 2021 15:09:00 GMT
server: cloudflare
etag: "60351a8c-18bf"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trs7s9isTP7zIzaToIli%2FCNwyLJuRNUIjI8gqqAZ62YNzDSrUFfQmKz1Iu17FYjr%2B3k41UzyrMrYUxut0TG%2BTA5Jx%2FkNHre7f%2B%2FxP9aFao9vqth9qGrorI23ZstTn2MI5Zg7LNxqtX889XfjWpL9o58IUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20359f192b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 logo-emota.png
www.lehner-versand.ch/media/static/footer/ 2 KB
3 KB 31ms
26ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-emota.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d43d3e32316f379e63b5020b423618f90a2c8ca101a4c8808a904e4e423a289f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
cf-polished: origFmt=png, origSize=4501
content-disposition: inline; filename="logo-emota.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2528
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Feb 2021 15:09:00 GMT
server: cloudflare
etag: "60351a8c-1195"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovDl%2FoxvjG1cWA6LTgy3t4n%2B6hfIxB3XprgF3LJ8lqzE1s%2FpC6K%2B0l%2Fcy8BQCK2A%2Fdj5Io2A3%2BB5T7eY51E2JgJn%2BQ%2B0AwUPxYtFH0nerUPc%2BW24PUzH%2FxMZ63UN4x7233UceMm4UfEN4ygeAr2%2Bgu6zaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20359f392b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 logo_schweizerfamilienunternehmen_de.jpg
www.lehner-versand.ch/media/static/footer/ 3 KB
4 KB 53ms
48ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo_schweizerfamilienunternehmen_de.jpg

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d5d43f7c2d138b45530ffceb38494c7c0437ed131556d479f25cf65cb9a4c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 226269
cf-polished: qual=85, origFmt=jpeg, origSize=4747
content-disposition: inline; filename="logo_schweizerfamilienunternehmen_de.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2952
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Jul 2022 12:51:02 GMT
server: cloudflare
etag: "62c433b6-128b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAI5J16DagFec6Dhy9BOJS6HT7XBPX12yan3ChtlGxKXjzdJvb989Kk7dFWH4HmPZU7Ceklgd%2F2PHTFAvM%2BYu1dZieOcs9LWAXqxZaBX0dqxSejv2GZpB%2FJu4X6Y5%2FT2XsWjiNB%2FDdTcd7wxnyIJQTpPaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20359f492b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 logo-bettwaesche.png
www.lehner-versand.ch/media/static/footer/ 2 KB
2 KB 29ms
25ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-bettwaesche.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d54345132ec9ffe48caf618750c726a5db42a34e92ecd8e82e7f73818a9d24

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
cf-polished: origFmt=png, origSize=2223
content-disposition: inline; filename="logo-bettwaesche.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1916
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Feb 2021 15:09:00 GMT
server: cloudflare
etag: "60351a8c-8af"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHePsl%2B5SFHmKovLjsHdn4cxsMB%2Fsgz2wAI88Wrp3aYngIPDdIJ1nz60%2FAikx%2BOxpuyDAiCB%2FV%2FHBNiC94rrPpUjMycUlQ014y1PoWQOxuxn0mgd7oStQRr9cIBF5ORI33RZylhE2KlMEF%2B5elKvH%2B%2FrbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20359f592b1-FRA
expires: Sun, 24 Dec 2023 02:10:35 GMT

GET
H3 200 workgear-logo.png
www.lehner-versand.ch/media/static/footer/ 1 KB
2 KB 39ms
34ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/workgear-logo.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c770cffe5107394a13d89d101af7dc4c9abdbb3e2bb4c63f6fcdecc20f2e9ec2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
cf-polished: origFmt=png, origSize=1588
content-disposition: inline; filename="workgear-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1372
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Feb 2021 15:09:00 GMT
server: cloudflare
etag: "60351a8c-634"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UusxRehhqbMsmqDZs%2FaWWTiHm%2BUXpjbzgsiT%2BHlm6Fitxwu7nrjbgmK%2FXuWvphPZQbQ6Ts132Hjt3x5ah8X1EpeyqVoPCGBDItZvEgg8YGqF5USuhPIuQ928a18cwvo2vlQXgRKIAV9dtQFC%2BHefE1NaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20359f792b1-FRA
expires: Sun, 24 Dec 2023 02:10:36 GMT

GET
H3 200 logo-diga-moebel.png
www.lehner-versand.ch/media/static/footer/ 2 KB
3 KB 35ms
31ms Image
image/webp 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lehner-versand.ch/media/static/footer/logo-diga-moebel.png

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1273dbbeb9ef68b7505121b95c75d0300302642625fe965e5a12b92e4611f42c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240698
cf-polished: origFmt=png, origSize=2996
content-disposition: inline; filename="logo-diga-moebel.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2352
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 May 2019 16:00:37 GMT
server: cloudflare
etag: "5cdd8925-bb4"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFHH3Uv4ZerCu5kdIZn3dVtOXgt1uRTvTXECYjsegO%2F7asvPgiGrx0GzgfUu9ChdT67CkQUcGlzFGc0MECI0jIDbAvg6yorbJMjzq5lrlOKsrZPA%2BvuiAGSsCXcSnrDyFaFHraa3W80ok0lbLH1ZNMwMJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 77fcc20359f892b1-FRA
expires: Sun, 24 Dec 2023 02:10:36 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 246 B
464 B 191ms
154ms Script
application/javascript 104.110.240.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=8194801&url=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&channel_type=code&jsonp=__isyv5dtm4u

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.110.240.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-110-240-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

646310db7d32ce013422255bcceef392e75d05dbf0732c77c4df546fda60e131

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.lehner-versand.ch/;
X-Frame-Options	allow-from https://www.lehner-versand.ch/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.lehner-versand.ch/;
legacy: 2023-06-30
date: Mon, 26 Dec 2022 21:02:31 GMT
content-length: 246
vary: Accept-Encoding
x-frame-options: allow-from https://www.lehner-versand.ch/
content-type: application/javascript; charset=UTF-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1542873823&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&ul=en-us&de=UTF-8&dt=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=501293549&gjid=1847250767&cid=116610947.1672088551&tid=UA-2409897-1&_gid=852102643.1672088551&_r=1&gtm=2oubu0&cd1=&cd3=2022-12-26T09%3A02%3A30.70%2B00%3A00&cd2=2022-12-26T09%3A02%3A30.70%2B00%3A00&cd4=0&cd7=other&z=66016474

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lehner-versand.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lehner-versand.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 155 KB
53 KB 428ms
376ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

064f1858b62681717ad3be9621429cb72faee29546bc25c25dc3e490aa1076d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54065
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 19:03:40 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 90 KB
31 KB 433ms
383ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4cdf668d67ad6949785eb9064b3fccb680002f699d811481cf7b4aff5b1eede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 14:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31511
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 14:41:01 GMT

GET
H2 200 badge Show response
www.google.com/shopping/customerreviews/ Frame F24F 22 KB
10 KB 287ms
208ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7576815&hl=de&origin=https%3A%2F%2Fwww.lehner-versand.ch&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6759ed73aba0a5903e6d5f1adba906e83d1aac0a8e6e617eac568b913690e04

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport script-src 'report-sample' 'nonce-fY7od39WQTVcr3NoV6CISQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lehner-versand.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=900
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport script-src 'report-sample' 'nonce-fY7od39WQTVcr3NoV6CISQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="VerifiedReviewsBadgeUi"
cross-origin-resource-policy: same-site
date: Mon, 26 Dec 2022 21:02:31 GMT
expires: Mon, 26 Dec 2022 21:02:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"VerifiedReviewsBadgeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsBadgeUi/external"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 61ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2409897-1&cid=116610947.1672088551&jid=501293549&gjid=1847250767&_gid=852102643.1672088551&_u=YEBAAUAAAAAAACAAI~&z=1310036347

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lehner-versand.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Dec 2022 21:02:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lehner-versand.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 123ms
109ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2409897-1&cid=116610947.1672088551&jid=501293549&_u=YEBAAUAAAAAAACAAI~&z=1938209446

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 48ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2409897-1&cid=116610947.1672088551&jid=501293549&_u=YEBAAUAAAAAAACAAI~&z=1938209446

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 118ms
65ms Script
application/javascript 2a02:2638:1::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=22427

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R9HJ9V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

64900605086496e957c7cc237a8dc5be9e3383c1410d5394a6b2872757882d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 81ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R9HJ9V

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 26 Dec 2022 21:02:31 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1B1BD646C9240E19D103329970D2056 Ref B: FRA31EDGE0519 Ref C: 2022-12-26T21:02:31Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11472

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068691025/ 2 KB
2 KB 85ms
54ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068691025/?random=1672088551239&cv=11&fst=1672088551239&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=YXYFCKnnvgEQ0dzL_QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&tiba=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&auid=1850929020.1672088551&uaw=0&data=ecomm_pagetype%3Dother&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R9HJ9V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d7ada10668aec5046d7c7aec8341d66e9bc0f329d59b270b2ce8fef61f38411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 47ms
11ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Dec 2022 21:02:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: s+Ti7FD/DJGfkcd5PnIXm9ZnV3lotqFLXL6FvuAGg2eIF2sB+9YbgnzKc1Ja2b7xpqfn6WCF+4nLsplrrG8Ezg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KBnMW Show response
www.getback.ch/ 270 B
441 B 46ms
11ms Script
application/javascript 52.29.94.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getback.ch/KBnMW
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R9HJ9V
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.94.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-94-1.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fe56089a4d8a2239713840a9afbc442fb889847a6a922c1ef50c86367df32a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/javascript
pragma: public
date: Mon, 26 Dec 2022 21:02:31 GMT
cache-control: max-age=2592000, public
server: nginx
content-length: 270
expires: Wed, 25 Jan 2023 21:02:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
75 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NEGZ4C7KK5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R9HJ9V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

789004161310aeb7faf98d0bce714878366e5eb7521541970762955c285d35a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 26 Dec 2022 21:02:31 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068691025/ 2 KB
1 KB 83ms
56ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068691025/?random=1672088551246&cv=11&fst=1672088551246&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&tiba=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&auid=1850929020.1672088551&uaw=0&data=ecomm_pagetype%3Dother&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R9HJ9V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dda80b68d4e15407292a3cbcfb93f409a7ed0f71adc434f8384c444a7494882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsTag Show response
gtm.adt313.net/ 11 KB
12 KB 35ms
8ms Script
application/javascript 108.138.7.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm.adt313.net/jsTag?ap=1636561577
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R9HJ9V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-16.fra56.r.cloudfront.net
Software: /
Resource Hash: 364958c139fd1ebcfec4563b472cbf344ee5abe299daa70f45d2b69056730482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 20:42:03 GMT
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1228
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=10800, s-maxage=1800
x-traceid: 75b73fa9-9503-45d4-9ac9-c54f92edf77d
content-length: 11695
x-amz-cf-id: _-nFQzDfESwR-YLkQUwsNtGhs6xpakry0UERvMKHzcrDwyt-SsbxrA==

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 3 KB
1 KB 20ms
19ms Script
application/javascript 104.110.240.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=8194801&version=2540.6.6.1576.27.26.200.8.4.3.4.15.170&group_id=1&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ba01a0369f5a0b515e9501e05d4ad8f9c3bb149c4f1b11584ae3a73681ccd71c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=574
content-length: 997
expires: Mon, 26 Dec 2022 21:12:05 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame F92A 9 KB
3 KB 20ms
19ms Document
text/html 104.110.240.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8194801&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: da5d7379bbe5f28fd805e493f2a658e903328bb67c2a024a9eb9b39003708435

Request headers

Referer: https://www.lehner-versand.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 2558
content-type: text/html; charset=utf-8
date: Mon, 26 Dec 2022 21:02:31 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 12 KB
5 KB 16ms
16ms Script
application/javascript 104.110.240.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=8194801&version=7be5b8460a3598c2addae1124e893ac3_69d82dad090f49748aa5e6e62c69c46b&language=de&group_id=1&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a518bb2c952a4b57e742ce4bba930d93c1bf8d01e829259dbfb3bbf7844b207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=546
content-length: 4495
expires: Mon, 26 Dec 2022 21:11:37 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
343 B 43ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NEGZ4C7KK5&gtm=2oebu0&_p=1542873823&_gaz=1&cid=116610947.1672088551&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1672088551&sct=1&seg=0&dl=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&dt=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&en=page_view&_fv=1&_ss=1&ep.dimension1=&ep.dimension2=2022-12-26T09%3A02%3A30.70%2B00%3A00&ep.dimension3=2022-12-26T09%3A02%3A30.70%2B00%3A00&ep.dimension4=0&ep.dimension7=other
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NEGZ4C7KK5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lehner-versand.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 62ms
21ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NEGZ4C7KK5&cid=116610947.1672088551&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NEGZ4C7KK5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lehner-versand.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NEGZ4C7KK5&cid=116610947.1672088551&gtm=2oebu0&aip=1&z=639603301

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.0f55d8dd.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame F92A 46 KB
15 KB 14ms
13ms Script
application/javascript 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8194801&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8250a0a8a2b63bfae72b2604bc53e7764530aa08651e7c0cb253a90a6c762a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
content-encoding: br
date: Mon, 26 Dec 2022 21:02:31 GMT
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: ldWuxLIJV6PztQAx7Z2y_OUYtffhz1EEhQAZBMmGjJEuHvD_qMDPSQ==
content-length: 14906
expires: Tue, 26 Dec 2023 21:02:31 GMT

GET
H2 200 1.e70c3212.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame F92A 209 KB
65 KB 25ms
25ms Script
application/javascript 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/1.e70c3212.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8194801&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0632db5862332ab9532c662a841ffcf248e251a3598c47af1c161397f86b83c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 4he9aXnAzzD0s9QWqf7vYLwfUTS9PPNG
content-encoding: br
date: Mon, 26 Dec 2022 21:02:31 GMT
last-modified: Tue, 13 Dec 2022 11:41:36 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
etag: W/"baae8b5a0b52d6c3a7fb6e64c0990eb9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: QfGhyBQkJjjD-CkvVLpeyaVsj4pnPY5K1CMc1XAoDizo2C-IXO_6eQ==
content-length: 66530
expires: Tue, 26 Dec 2023 21:02:31 GMT

GET
H2 200 iframe.6eb8d1d0.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame F92A 746 KB
202 KB 17ms
17ms Script
application/javascript 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.6eb8d1d0.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8194801&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a8c1e01b8192fdd0b4a486a0b9dee0b3e721fb88b6cf37757603c2bd0b75a9a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: cG2sUKtNgTJp0NQQPdYhN5C9owT6edtj
content-encoding: br
date: Mon, 26 Dec 2022 21:02:31 GMT
last-modified: Wed, 21 Dec 2022 09:50:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
etag: W/"20b7d4b79c9b65f029f78fd5ce776c79"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: cg9x2LxrlvaRs5bBQwVhx5ccrt4rC6SwzvGy5ckcLOhfxRO2lt16Eg==
content-length: 205591
expires: Tue, 26 Dec 2023 21:02:31 GMT

GET
H3 200 1740304256237921 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 25ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1740304256237921?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a88ebdeefa52e65d28d6dd811ed1b77e40b2f54f0e3ffb5ed9719c999babfa7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Dec 2022 21:02:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85856
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6XW6oAGVp68ft8Fv4HQzlgbcUbLI/bqt6498m6G0BGuY+B2+6g1AGtzCI04b/BHv7zLX5BuPtmJn4sTpj7xUfQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1068691025/ 42 B
64 B 92ms
48ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1068691025/?random=1672088551239&cv=11&fst=1672088400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=YXYFCKnnvgEQ0dzL_QM&frm=0&url=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&tiba=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&data=ecomm_pagetype%3Dother&fmt=3&is_vtc=1&random=2175228164&rmt_tld=0&ipr=y

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1068691025/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068691025/?random=1672088551239&cv=11&fst=1672088400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=YXYFCKnnvgEQ0dzL_QM&frm=0&url=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&tiba=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&data=ecomm_pagetype%3Dother&fmt=3&is_vtc=1&random=2175228164&rmt_tld=1&ipr=y

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1068691025/ 42 B
64 B 91ms
47ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1068691025/?random=1672088551246&cv=11&fst=1672088400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&tiba=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&data=ecomm_pagetype%3Dother&fmt=3&is_vtc=1&random=904109832&rmt_tld=0&ipr=y

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1068691025/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1068691025/?random=1672088551246&cv=11&fst=1672088400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&tiba=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&data=ecomm_pagetype%3Dother&fmt=3&is_vtc=1&random=904109832&rmt_tld=1&ipr=y

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 12102381.js Show response
bat.bing.com/p/action/ 0
120 B 108ms
107ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/12102381.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 26 Dec 2022 21:02:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F9170B85BAF4EDE8A050C4C5D5E986F Ref B: FRA31EDGE0519 Ref C: 2022-12-26T21:02:31Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 36ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=12102381&tm=gtm002&Ver=2&mid=60c7df80-63a4-40fa-b5a6-5a128b948f9d&sid=9cdde940856011ed8f919fecc6e8adbb&vid=9cde0a60856011edbc29157275981990&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand&p=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&r=&lt=2068&evt=pageLoad&sv=1&rn=265527

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Dec 2022 21:02:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F43B81C9B0E4D52AF1587BDE7D78B19 Ref B: FRA31EDGE0519 Ref C: 2022-12-26T21:02:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame F92A 13 KB
13 KB 44ms
14ms Font
application/octet-stream 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8194801&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Mon, 26 Dec 2022 21:02:31 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: iA8DkEs1NlyYvXCYgFBCc6jMhcEfRtlrOjQ5B5uZacK2QSeiG-BRVw==
expires: Tue, 26 Dec 2023 21:02:31 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame F92A 12 KB
13 KB 43ms
13ms Font
application/octet-stream 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8194801&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Mon, 26 Dec 2022 21:02:31 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: AaZcRG10rc_pHhtj2dVLNi09ZKYBbP2PQRROZ8zbSFLSty3eGGCGZw==
expires: Tue, 26 Dec 2023 21:02:31 GMT

GET
H2 200 KBnMW.js Show response
static.getback.ch/clients/ 210 KB
53 KB 33ms
8ms Script
application/javascript 13.32.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getback.ch/clients/KBnMW.js
Requested by: Host: www.getback.ch
URL: https://www.getback.ch/KBnMW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98df02b9a7834d9fd11a3bbf4f180a395359924ad6b670b13928fd7b2bb93637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 08:34:04 GMT
content-encoding: gzip
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified: Mon, 28 Nov 2022 07:05:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 736108
etag: W/"855e02ee02645464555fd74dc06d1255"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
x-amz-cf-id: w_Z6jFX3ZMGkAXTwq2Hkj77mypb0tCJkRNu6RXn2Pjx0tOZolpE1eA==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 905E 15 KB
6 KB 44ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.lehner-versand.ch&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=22427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.lehner-versand.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Dec 2022 21:02:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 874388
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 35ms
12ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1740304256237921&ev=PageView&dl=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&rl=&if=false&ts=1672088551402&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672088551401.1934872310&it=1672088551340&coo=false&rqm=GET

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Dec 2022 21:02:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 cspreport
www.google.com/_/VerifiedReviewsBadgeUi/ Frame F24F 0
26 B 164ms
164ms Other
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/VerifiedReviewsBadgeUi/cspreport

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport, script-src 'report-sample' 'nonce-Xs5l2wVFBw2OS2jsJSCDkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7576815&hl=de&origin=https%3A%2F%2Fwww.lehner-versand.ch&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport, script-src 'report-sample' 'nonce-Xs5l2wVFBw2OS2jsJSCDkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="VerifiedReviewsBadgeUi"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"VerifiedReviewsBadgeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsBadgeUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkS... Frame F24F 154 KB
54 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSG3hEDxDJv_WU7NG1LPAJauICsaA/m=_b,_tp,_r

Requested by

Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7576815&hl=de&origin=https%3A%2F%2Fwww.lehner-versand.ch&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae107b9ce3bcdf1f4d9e2033d52bec36b69c8360ff311a858b76c8c9a00ed0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 00:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55394
x-xss-protection: 0
last-modified: Sat, 10 Dec 2022 06:07:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 00:58:21 GMT

GET
H2 200 no_rating.png
www.gstatic.com/verifiedreviews/de/ Frame F24F 18 KB
19 KB 89ms
21ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/verifiedreviews/de/no_rating.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00b6ba8eb08ebf4bf5addf93427352c33a5b1d090366851361f1584c166ffec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 17:47:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 443718
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18475
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Dec 2023 17:47:13 GMT

POST
H/1.1 200
OK v2
track.bx-cloud.com/track/ 0
279 B 17ms
16ms Ping
text/plain 195.201.169.234
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.bx-cloud.com/track/v2?_bxv=c436e14a-c26b-4797-a0bf-255d85edca69
Requested by: Host: track.bx-cloud.com
URL: https://track.bx-cloud.com/static/bav2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.169.234 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.234.169.201.195.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lehner-versand.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Dec 2022 21:02:31 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Key
Content-Length: 0
Access-Control-Allow-Methods: POST, GET, OPTIONS

GET
H2

200

sid Show response
mug.criteo.com/ Frame 905E
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=lehner-versand.ch&sn=ChromeSyncframe&so=0&topUrl=www.lehner-versand.ch&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zmTi6nxWdnpiVzV3bWFXWkNRSXFTekl6VjA1Q3E1Y0xSdThCTkNjWXJXMThhM200VmpQQ3lGNGNMK3RyaGYwbFpmbHczQlBiR01rMTRJcXp3SnVVUHhQcTFLRDZ4TDdSVTZ6Y0pRd3RqbTRueitDN1V6L3NXaGpIV1lJVU...

449 B
674 B

52ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zmTi6nxWdnpiVzV3bWFXWkNRSXFTekl6VjA1Q3E1Y0xSdThCTkNjWXJXMThhM200VmpQQ3lGNGNMK3RyaGYwbFpmbHczQlBiR01rMTRJcXp3SnVVUHhQcTFLRDZ4TDdSVTZ6Y0pRd3RqbTRueitDN1V6L3NXaGpIV1lJVUlXRUxYVXpKM2VZRk0wZXJsU0JYR0d4VzlxOWxoTE5ydldTOHlvdWdTSWxzaGsveXJFYWk4Q1IzZndzR2Q3dlp4TVgyVml3OXdjdTZhMklVV0ZEZ0lUWUVBNUVERDBGTjh5REN3eXAyL1FpM2RhSW1HSE9IaHVHU21IMk94UGZ2QUxIRlBrRWZqbHhPaTQ3MWRzQVJST3JWemMzbDliZz09fA&cppv=2

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c898c1a0003ffc7b7314aeae1333ed66e4d69a2ccc078a9069090423ced86982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2174936
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zmTi6nxWdnpiVzV3bWFXWkNRSXFTekl6VjA1Q3E1Y0xSdThCTkNjWXJXMThhM200VmpQQ3lGNGNMK3RyaGYwbFpmbHczQlBiR01rMTRJcXp3SnVVUHhQcTFLRDZ4TDdSVTZ6Y0pRd3RqbTRueitDN1V6L3NXaGpIV1lJVUlXRUxYVXpKM2VZRk0wZXJsU0JYR0d4VzlxOWxoTE5ydldTOHlvdWdTSWxzaGsveXJFYWk4Q1IzZndzR2Q3dlp4TVgyVml3OXdjdTZhMklVV0ZEZ0lUWUVBNUVERDBGTjh5REN3eXAyL1FpM2RhSW1HSE9IaHVHU21IMk94UGZ2QUxIRlBrRWZqbHhPaTQ3MWRzQVJST3JWemMzbDliZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 775851
content-length: 0
expires: 0

GET
H2 200 / Show response
www.getback.ch/KBnMW/getback/ 315 B
588 B 493ms
493ms Script
application/javascript 52.29.94.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getback.ch/KBnMW/getback/?s=471648995c1642469f700b1576a646bf&new=1&rec=0&ls=1&lb=false&ver=wt2&dev=0&c=759bb609d0ff4eb8a5eb7bb5b1b5760d&r=&lid=1&preview=0

Requested by

Host: static.getback.ch
URL: https://static.getback.ch/clients/KBnMW.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.94.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-94-1.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a2cd4e8acf10bb51bdeb0c9081d86c3f4eed4b8314a5212a91e1763acdb7257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Origin, Authorization
x-xss-protection: 1; mode=block

POST
H2 200 token Show response
accounts.livechatinc.com/customer/ Frame F92A 138 B
1 KB 145ms
144ms XHR
application/json 104.110.240.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/1.e70c3212.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 778fd5db12dadf66c62d9c347cd375e72d6c180d3efa6fbc4a603b520b8b1ba4

Request headers

Referer: https://secure.livechatinc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.egPyLZ... Frame F24F 94 KB
33 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.egPyLZQMINE.L.B1.O/am=zAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkSBHVqmlKBNKmUXFGvMLqcbMCtNMg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSG3hEDxDJv_WU7NG1LPAJauICsaA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e20d444e9bbde2dc36407e3c76df7c9139b798b5fb8b139e35de5114af760d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33497
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 02:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 02:11:40 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 84ms
43ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=22427&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=QnwCGl95ZlpaclJUTnV3bmk2OFBmTm1NY2c4elp0TGgwb1Jjb2owRnlEVmp6MFBiZjR1T0JlTExyNmJJRExMUWE3NTB2ZlQxNFZFcmNidnJ3eTRabnFiUHclMkZ6UWU1SEVHZyUyRlFQa1Z0JTJCc1FHWlhoMG5zSzJsSm9jUnQwUFRjMThlVWIlMkZ1M0hHRXlOV0h3bmRkdUhITnNpNldFWVlyWmFBVnRXbExzY1gyVENhSG84NCUzRA&tld=lehner-versand.ch&dy=1&fu=https%253A%252F%252Fwww.lehner-versand.ch%252Fi-newsletter-abmeldung%252F%253Famp%25253Butm_source%253Dnewsletter%2526amp%25253Butm_medium%253Demail%2526amp%25253Butm_campaign%253Dlv-nl-2022-157%25252F&dtycbr=88248

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=22427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7591b8564ab1b7a61343e65e646ff462979c98a940092c0a5c3db554a3a4ffa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 26251821
timing-allow-origin: *
expires: 0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame F24F 17 KB
7 KB 115ms
114ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.egPyLZQMINE.L.B1.O/am=zAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkSBHVqmlKBNKmUXFGvMLqcbMCtNMg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0be6e128dd58edd11961625cf917b5f322aad95e5c5fcc04907ff08bbc3ca59

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Dec 2022 21:02:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "1dad2ebfba88234b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Dec 2022 21:02:31 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame AB93 566 B
903 B 44ms
17ms Document
text/html 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.lehner-versand.ch&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6a9c321f948a06f592871be20431dbefb1269cf498649d668ab22ce79bbb971

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-pqAuDGAWNBHa-ZUim_9GRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lehner-versand.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-pqAuDGAWNBHa-ZUim_9GRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Mon, 26 Dec 2022 21:02:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 cspreport
accounts.google.com/o/ Frame AB93 0
20 B 38ms
17ms Other
text/html 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.lehner-versand.ch
URL: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-3EA2C2hie-aofjOjeU8HMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.lehner-versand.ch&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-3EA2C2hie-aofjOjeU8HMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame AB93 10 KB
5 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.lehner-versand.ch&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 09:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 19:08:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 09:04:53 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame AB93 17 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Dec 2022 21:02:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6901
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c75ce447b1f6d98e"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Dec 2022 21:02:31 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame F24F 126 KB
42 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 04:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42491
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 04:30:53 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame AB93 54 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19257
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 19:03:53 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.egPyLZ... Frame F24F 29 KB
12 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.egPyLZQMINE.L.B1.O/am=zAAg/d=1/exm=IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,_b,_r,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkSBHVqmlKBNKmUXFGvMLqcbMCtNMg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSG3hEDxDJv_WU7NG1LPAJauICsaA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7201e75675b887e94ce4278a30fd7f6bc29a7953f638afbba477052424d7fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12056
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 02:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 02:11:40 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.egPyLZ... Frame F24F 5 KB
2 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.egPyLZQMINE.L.B1.O/am=zAAg/d=1/exm=FCpbqb,IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,WhJNk,Wt6vjf,_b,_r,_tp,byfTOb,gychg,hc6Ubd,hhhU8,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_r,_tp,badgeview/ed=1/wt=2/rs=AC8lLkSBHVqmlKBNKmUXFGvMLqcbMCtNMg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSG3hEDxDJv_WU7NG1LPAJauICsaA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f2a2385cc0e7d4e6c021fe4d57d0a0e8f2c22c6411585109fbc16dbaf9addb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 02:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2206
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 02:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 02:11:40 GMT

POST
H2 200 log Show response
play.google.com/ Frame F24F 131 B
671 B 116ms
53ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.de.fhunxjuMxqk.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,badgeview/ed=1/dg=0/wt=2/rs=AC8lLkSG3hEDxDJv_WU7NG1LPAJauICsaA/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 26 Dec 2022 21:02:31 GMT

GET
H2 200 KBnMW.css
static.getback.ch/clients/ 32 KB
6 KB 8ms
7ms Stylesheet
text/css 13.32.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getback.ch/clients/KBnMW.css?ver=87
Requested by: Host: static.getback.ch
URL: https://static.getback.ch/clients/KBnMW.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5ea5d7a883a1277fee8665d47eb69dbb0559e3151d940cd9f9dbe2f852aa891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 08:34:05 GMT
content-encoding: gzip
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified: Mon, 28 Nov 2022 07:05:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 736108
etag: W/"c6abf5019cf760c26d53eb305e973788"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000
x-amz-cf-id: iZD3G0pHcMdIWfykHeAJJLYqxYWyOsXkuTEZbLfKmD53MkAFLLa0ew==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 28 KB
6 KB 43ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: static.getback.ch
URL: https://static.getback.ch/clients/KBnMW.css?ver=87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.getback.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3472176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5324
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7187"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUDIBnYEz%2B2MGn7Degc2iF1peUGj%2FdB3XZR95BxvJ9mS%2FCeOjUhvFk1QDryTQUO2GtWEXPv98E8VPF%2FfAKSR%2F6sMgDehxgHJwk%2FT27UAgPcOih%2BD%2FbRuVUKlJTTc5iFELr%2F%2F2NDoyvQP6pIB65yw1LxV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77fcc20a2d37bc01-FRA
expires: Sat, 16 Dec 2023 21:02:32 GMT

GET
H2 200 getback.css
static.getback.ch/templates/clients/lehner-versand.ch/dist/css/ 21 KB
3 KB 7ms
7ms Stylesheet
text/css 13.32.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getback.ch/templates/clients/lehner-versand.ch/dist/css/getback.css?ver=87
Requested by: Host: static.getback.ch
URL: https://static.getback.ch/clients/KBnMW.css?ver=87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a7afff1ea3cd33bacd2d9c9afd4b2e575092b87a010a537ef50615de81ddf81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.getback.ch/clients/KBnMW.css?ver=87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 10:21:34 GMT
content-encoding: gzip
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified: Mon, 05 Sep 2022 14:17:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 38459
etag: W/"72d2bba838ec8f291dbcc27af2810638"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: n-dZ67uo8pUs6IQPSFaxq20o8pKQQ88aWViPRV_bPAAjWATiv6GT5A==

GET
H3 200 / Show response
www.lehner-versand.ch/customer/section/load/ 3 KB
2 KB 158ms
158ms Fetch
application/json 2606:4700:20::681a:3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lehner-versand.ch/customer/section/load/?sections=

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:3cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f9222a099bc53b4a6186012e4cb8cc0cec61af8cd7fe6453371b22fdbd8b142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lehner-versand.ch/i-newsletter-abmeldung/?amp%3Butm_source=newsletter&amp%3Butm_medium=email&amp%3Butm_campaign=lv-nl-2022-157%2F
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-whom: web2
x-built-with: Hyva Themes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noMhbMS2%2FBRPfbbub7xjnhoOs%2BG%2FMFY6LZl774vjZ304CaLp7ktzr7kxC7NSDgzPWspbYNtwDcuWCDyhWf8cw7f0IENPwCeU0oFkUYjGCPbfc5BYYOXAmeRmSTlPQy0GErgx9W%2BHSPaGJzvJnNHQQ%2BG7tw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-ray: 77fcc20a6b0f92b1-FRA
expires: Sun, 26 Dec 2021 21:02:32 GMT

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 531ms
99ms Image
image/gif 158.69.52.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=c75ba9dc3b0a4ee0904ab6d07dc048bb&correlationId=97bb0b99-5a36-40ed-9b7e-dd5af7087534&application=lv-m2&x=d5c0c12a-d772-4896-a398-9d61245cd21a&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.52.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-3.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 21:02:32 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 1C2B
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ctTFdJxcHxQ4bwhCIXTVmx78vHCg4QRlV9u48w&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ctTFdJxcHxQ4bwhCIXTVmx78vHCg4QRlV9u48w&expires=30

43 B
344 B

9ms
9ms

Image
image/gif

3.126.197.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ctTFdJxcHxQ4bwhCIXTVmx78vHCg4QRlV9u48w&expires=30
Protocol: H2
Server: 3.126.197.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-197-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ctTFdJxcHxQ4bwhCIXTVmx78vHCg4QRlV9u48w&expires=30
date: Mon, 26 Dec 2022 21:02:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1C2B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-SqHohJxcHxQ4bwhCIXTVmx78vHCLFfnKVkQFGQ&google_cm&google_hm=ay1TcUhvaEp4Y0h4UTRid2hDSVhUVm14Nzh2SENMRmZuS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-SqHohJxcHxQ4bwhCIXTVmx78vHCLFfnKVkQFGQ&google_gid=CAESEHXatw9hOlYSdeyuh-gdhFY&google_cver=1&google_ula=913071,0

43 B
370 B

19ms
19ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-SqHohJxcHxQ4bwhCIXTVmx78vHCLFfnKVkQFGQ&google_gid=CAESEHXatw9hOlYSdeyuh-gdhFY&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1726030
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-SqHohJxcHxQ4bwhCIXTVmx78vHCLFfnKVkQFGQ&google_gid=CAESEHXatw9hOlYSdeyuh-gdhFY&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1C2B
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8330093535669466586

43 B
370 B

19ms
19ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8330093535669466586

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1785074
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 26 Dec 2022 21:02:32 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.202; 80.255.10.202; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c551950e-ac7e-4377-9fdd-7ac1eee5b742
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8330093535669466586
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame 1C2B
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qnpn9JxcHxQ4bwhCIXTVmx78vHD25fF4Tcg7jw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qnpn9JxcHxQ4bwhCIXTVmx78vHD25fF4Tcg7jw&C=1

43 B
872 B

49ms
37ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-qnpn9JxcHxQ4bwhCIXTVmx78vHD25fF4Tcg7jw&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23e7nQEBB4I8X%2FY8T5MO%2BP5H1NKBLyN7%2Fsc0sqwdL%2BkWyLW62YzbLt7tL%2FmutyltlVAuDdwKHgHyposZpu6Pvv%2F8LeWYkFV0w%2BS7rZrpWTeRaSe93U1aAxhX1gZ1z6RT%2BugM"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77fcc20b2c1d9064-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ion4hqPx2EoakZwo9r5KyKNWpMw49784F7sYtwy7bV16HQEpcH1%2FEivc2dVLTVVJ2QSnpHXjfYCfvrng4TyRKFkW713QKQsQ%2B0VQRkIuoMV5U%2FIGxivvKILJp0EkR6ghDNuZ"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-qnpn9JxcHxQ4bwhCIXTVmx78vHD25fF4Tcg7jw&C=1
cache-control: no-cache
cf-ray: 77fcc20adfae9ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 1C2B
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1kLuWZxcHxQ4bwhCIXTVmx78vHAx6H4nEqYiZQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1kLuWZxcHxQ4bwhCIXTVmx78vHAx6H4nEqYiZQ

43 B
447 B

32ms
32ms

Image
image/gif

54.73.139.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1kLuWZxcHxQ4bwhCIXTVmx78vHAx6H4nEqYiZQ
Protocol: H2
Server: 54.73.139.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-139-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Dec 2022 21:02:32 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1kLuWZxcHxQ4bwhCIXTVmx78vHAx6H4nEqYiZQ
date: Mon, 26 Dec 2022 21:02:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 1C2B 45 B
784 B 99ms
48ms Image
image/gif 104.85.0.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-EAoUmpxcHxQ4bwhCIXTVmx78vHAHUhx9Xq8yeg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.85.0.23 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-0-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Dec 2022 21:02:32 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 26 Dec 2022 21:02:32 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 1C2B 0
145 B 134ms
19ms Image
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-j-OkKpxcHxQ4bwhCIXTVmx78vHCXgnEHU_ngFQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 21:02:32 GMT
Cache-Control: no-cache
X-TraceId: 778d14dc9fced02e3ee33fd6b3312ae1
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1C2B 0
239 B 280ms
231ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-1sPRxpxcHxQ4bwhCIXTVmx78vHCGLhS74IY0iA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 1C2B 0
35 B 34ms
9ms Image
text/plain 3.64.18.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-2nWhW5xcHxQ4bwhCIXTVmx78vHCnsXYOsBDeZw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.18.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-18-221.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1C2B 43 B
163 B 73ms
23ms Image
image/gif 185.86.139.57
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-5H-zWZxcHxQ4bwhCIXTVmx78vHBgaHFkpzxj7A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1C2B 0
99 B 61ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-x1-NWZxcHxQ4bwhCIXTVmx78vHCzMR-9FiKZ3Q
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16380

GET
H2 200 um
criteo-sync.teads.tv/ Frame 1C2B 23 B
172 B 98ms
52ms Image
image/gif 23.0.251.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-TyFKUJxcHxQ4bwhCIXTVmx78vHAm55iWqM-cjg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.251.50 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-251-50.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 26 Dec 2022 21:02:32 GMT
pragma: no-cache
date: Mon, 26 Dec 2022 21:02:32 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 1C2B 37 B
140 B 61ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Z-ra75xcHxQ4bwhCIXTVmx78vHCrOtxWgC8T0Q&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 1C2B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_bpW25xcHxQ4bwhCIXTVmx78vHCj9gTJtxEu9A
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_bpW25xcHxQ4bwhCIXTVmx78vHCj9gTJtxEu9A&verify=true

0
121 B

11ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_bpW25xcHxQ4bwhCIXTVmx78vHCj9gTJtxEu9A&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_bpW25xcHxQ4bwhCIXTVmx78vHCj9gTJtxEu9A&verify=true
date: Mon, 26 Dec 2022 21:02:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 put
e1.emxdgt.com/ Frame 1C2B 0
55 B 64ms
8ms Image
text/html 18.158.8.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-fqRZC5xcHxQ4bwhCIXTVmx78vHCAsadYI3oYog
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:31 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame 1C2B 43 B
163 B 68ms
19ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-HbOSOZxcHxQ4bwhCIXTVmx78vHAQvVLfDk4RLw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 1C2B 49 B
235 B 58ms
17ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UOvB4ZxcHxQ4bwhCIXTVmx78vHDUQSrPwbywjA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:31 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 1C2B
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KZZ8UZqQ7tNNGK1ET2hQFgoJAKTOvyjq
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KZZ8UZqQ7tNNGK1ET2hQFgoJAKTOvyjq

42 B
942 B

271ms
271ms

Image
image/gif

34.251.47.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KZZ8UZqQ7tNNGK1ET2hQFgoJAKTOvyjq

Protocol

HTTP/1.1

Server

34.251.47.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-47-116.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-03da2f349.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OxhfgzT6QNU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0e1f48b6d.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5qZZmKWtTQc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KZZ8UZqQ7tNNGK1ET2hQFgoJAKTOvyjq
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 1C2B 43 B
1 KB 35ms
10ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-lJuPFZxcHxQ4bwhCIXTVmx78vHBBjbqyOjYq8w

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 26 Dec 2022 21:02:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame 1C2B 42 B
274 B 41ms
17ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-4IGKapxcHxQ4bwhCIXTVmx78vHAZreZf8gQGCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 1C2B 0
885 B 285ms
249ms Image
text/html 52.57.58.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-SsdMepxcHxQ4bwhCIXTVmx78vHD4SBQB2wZ63Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.58.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-58-128.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1C2B 42 B
581 B 64ms
19ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-XrGS05xcHxQ4bwhCIXTVmx78vHDk225kX0la6g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 26 Dec 2022 21:02:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 1C2B 43 B
183 B 280ms
93ms Image
image/gif 2600:1f18:612b:4200:8aa9:ea43:9402:2506
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-n6pzdpxcHxQ4bwhCIXTVmx78vHBPkdGCmmunbw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8aa9:ea43:9402:2506 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 26 Dec 2022 21:02:32 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 1C2B 43 B
153 B 61ms
21ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-_--HbZxcHxQ4bwhCIXTVmx78vHA-uMq3xe5LqQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Dec 2022 21:02:32 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 1C2B 0
525 B 68ms
26ms Image
text/plain 23.222.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k--5NnU5xcHxQ4bwhCIXTVmx78vHA2qLDQgloEPA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.222.35.84 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-35-84.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Dec 2022 21:02:32 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 25 Dec 2022 21:02:32 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 1C2B 43 B
220 B 182ms
32ms Image
image/gif 54.194.137.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-kHBA2ZxcHxQ4bwhCIXTVmx78vHAJfCFi-AB5xg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.137.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-137-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Dec 2022 21:02:32 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame F92A 13 KB
13 KB 15ms
13ms Font
application/octet-stream 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Mon, 26 Dec 2022 21:02:32 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: iA8DkEs1NlyYvXCYgFBCc6jMhcEfRtlrOjQ5B5uZacK2QSeiG-BRVw==
expires: Tue, 26 Dec 2023 21:02:32 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame F92A 12 KB
13 KB 16ms
15ms Font
application/octet-stream 104.110.240.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.110.240.66 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-110-240-66.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Mon, 26 Dec 2022 21:02:32 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: AaZcRG10rc_pHhtj2dVLNi09ZKYBbP2PQRROZ8zbSFLSty3eGGCGZw==
expires: Tue, 26 Dec 2023 21:02:32 GMT

GET
H2 200 / Show response
www.getback.ch/KBnMW/layer/ 2 KB
1 KB 57ms
41ms Fetch
application/json 52.29.94.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.getback.ch/KBnMW/layer/?id=w6eYp&s=4149612860&exists=0&r=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&v=1

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.94.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-94-1.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b5f81bf9ea308b928ec8f39af28da7fcfc0b853c45ae40c3ab7e56fb7444b7b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Origin, Authorization
x-xss-protection: 1; mode=block

GET
H2 200 de.html Show response
static.getback.ch/assets/quiet-push-instruction/video/chrome/ 470 B
857 B 51ms
29ms XHR
text/html 13.32.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getback.ch/assets/quiet-push-instruction/video/chrome/de.html
Requested by: Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a412ed7cb40c8dbff1485ff2bebe6c6ad4a85452637468eb624c7c7ecbce95e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 06:36:36 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified: Thu, 30 Apr 2020 05:42:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 51957
etag: "a3700d23c70ec38a413dea297d0a76ce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 470
x-amz-cf-id: uUCqUaarwG221PIW5O8xKOmnV9vGu4zIrWvdWfIhBA3gRCGLjDbvtA==

POST
H2 200 ask_subscription Show response
push.getback.ch/ 25 B
389 B 33ms
22ms XHR
application/json 52.29.94.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://push.getback.ch/ask_subscription

Requested by

Host: cdn.trackjs.com
URL: https://cdn.trackjs.com/agent/v3/latest/t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.94.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-94-1.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d3866f57ba7a47425f5aa636377cdace170d1e3e9e38abd3aa1c239f8fe2a549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.lehner-versand.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 26 Dec 2022 21:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Content-Type, Accept, Origin, Authorization
x-xss-protection: 1; mode=block

GET
H2 200 icon-push.svg
static.getback.ch/templates/clients/lehnerversand/dist/images/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 13.32.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getback.ch/templates/clients/lehnerversand/dist/images/icon-push.svg?ver=ecfbded9323a1de1ddff1b2c87e50743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1dd11c17d5d9f2c09a75157af942b42e1342eaa1e22cc95e1fb0ac25611e4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 19:29:58 GMT
content-encoding: gzip
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 14:37:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5555
etag: W/"ecfbded9323a1de1ddff1b2c87e50743"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: VY2A32_h2BuzDLjjJg8TXJT_f3ShPK_XmyHzZHnYyJMBaicaGO0rtg==

GET
H2 200 icon-close.svg
static.getback.ch/templates/clients/lehnerversand/dist/images/ 229 B
575 B 8ms
8ms Image
image/svg+xml 13.32.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getback.ch/templates/clients/lehnerversand/dist/images/icon-close.svg?ver=9aa57d57065851d56bae08c9dda3f10a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93efe7fc2b9094290ca8c3512a87cb1b30377407f503079d10d82546aee539b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 19:29:58 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 14:37:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5555
etag: "9aa57d57065851d56bae08c9dda3f10a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 229
x-amz-cf-id: Sf-u8Ww4pMv_KDshQhhD3N2rlWCfoDJbyXJsNAzpZV1MdMMobmgNww==

GET
H2 200 getback_push_chrome_de.gif
static.getback.ch/assets/quiet-push-instruction/video/images/ 111 KB
112 KB 8ms
8ms Image
image/gif 13.32.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getback.ch/assets/quiet-push-instruction/video/images/getback_push_chrome_de.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efae85c971408d9fd5c2a9781576086b9b6295056a724a71eabe2e7b24264373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 23:26:33 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified: Wed, 15 Apr 2020 12:58:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 77759
etag: "afc574966995cb240145d368de3ec3ad"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 114150
x-amz-cf-id: lOdaEi1fPVqjd3Cus956M7LQ4-jDvtAobLUcZ6PdRkejIOLhULtelw==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1C2B
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0KSQMUnNtoRhD-k9foKXpNUQ3cSsRfoA

0
338 B

100ms
31ms

Image
text/plain

54.229.18.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0KSQMUnNtoRhD-k9foKXpNUQ3cSsRfoA
Protocol: H2
Server: 54.229.18.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-18-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Mon, 26 Dec 2022 21:02:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=173 t=1672088552
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0KSQMUnNtoRhD-k9foKXpNUQ3cSsRfoA
date: Mon, 26 Dec 2022 21:02:32 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1073514
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 1C2B
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tJMbfH_i_zGHOeeMVKEKEG-Nw2F00h4l

35 B
268 B

342ms
103ms

Image
image/gif

3.16.134.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tJMbfH_i_zGHOeeMVKEKEG-Nw2F00h4l
Protocol: H2
Server: 3.16.134.16 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-134-16.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 21:02:33 GMT
x-bt-requestid: 9ddbdd60-8560-11ed-affc-0000ac170186
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tJMbfH_i_zGHOeeMVKEKEG-Nw2F00h4l
date: Mon, 26 Dec 2022 21:02:32 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 11628124
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
17 B 21ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1740304256237921&ev=Microdata&dl=https%3A%2F%2Fwww.lehner-versand.ch%2Fi-newsletter-abmeldung%2F%3Famp%253Butm_source%3Dnewsletter%26amp%253Butm_medium%3Demail%26amp%253Butm_campaign%3Dlv-nl-2022-157%252F&rl=&if=false&ts=1672088552906&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Abmeldung%20vom%20Newsletter%20von%20Lehner%20Versand%22%2C%22meta%3Adescription%22%3A%22Online%20Shop%20von%20Lehner%20Versand%2C%20das%20Schweizer%20Versandhaus%20f%C3%BCr%20Bettw%C3%A4sche%2C%20Mode%2C%20Schuhe%2C%20Arbeitskleidung%2C%20Wohnbedarfs-%20und%20Haushaltsartikel%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672088551401.1934872310&it=1672088551340&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lehner-versand.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Dec 2022 21:02:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-20 18:04:08	Name: __lc_cid Value: 7e110a53-b711-43de-5cf3-d8716d23cce0
.accounts.livechatinc.com/v2/customer/token	1970-01-20 18:04:08	Name: __lc_cst Value: 28bda9b63434f1f22a9fb3382948210ac9197b285785be31b8a77fb5e943e66b3e07752a3483fe30a278c6d302371e92799d931f93f08e067b1fa02b98ff
.accounts.livechatinc.com/customer/token	1970-01-20 18:04:08	Name: __lc_cid Value: 7e110a53-b711-43de-5cf3-d8716d23cce0
.accounts.livechatinc.com/customer/token	1970-01-20 18:04:08	Name: __lc_cst Value: 28bda9b63434f1f22a9fb3382948210ac9197b285785be31b8a77fb5e943e66b3e07752a3483fe30a278c6d302371e92799d931f93f08e067b1fa02b98ff
m.lehner-versand.ch/	1970-01-20 17:13:44	Name: mautic_device_id Value: qd6z2mxt424ckag0dot9fpm
m.lehner-versand.ch/	1969-12-31 23:59:59	Name: mtc_id Value: 1618929
m.lehner-versand.ch/	1969-12-31 23:59:59	Name: mtc_sid Value: qd6z2mxt424ckag0dot9fpm
m.lehner-versand.ch/	1970-01-20 08:28:10	Name: mautic_referer_id Value: 1236264
.www.lehner-versand.ch/	1970-01-20 08:38:13	Name: PHPSESSID Value: t5h5l4se099cmrk4e3637hm57u
www.lehner-versand.ch/	1969-12-31 23:59:59	Name: cems Value: 93d3370b-f00d-4535-99a9-505dcffac982
www.lehner-versand.ch/	1970-01-20 17:13:44	Name: cemv Value: c436e14a-c26b-4797-a0bf-255d85edca69
.www.lehner-versand.ch/	1970-01-20 08:38:13	Name: form_key Value: EvqmJxaV5Icf0Sz4
.lehner-versand.ch/	1970-01-20 08:29:34	Name: _gid Value: GA1.2.852102643.1672088551
.lehner-versand.ch/	1970-01-20 08:28:08	Name: _gat_gtag_UA_2409897_1 Value: 1
.lehner-versand.ch/	1970-01-20 17:13:44	Name: cemv Value: c436e14a-c26b-4797-a0bf-255d85edca69
.lehner-versand.ch/	1969-12-31 23:59:59	Name: cems Value: 93d3370b-f00d-4535-99a9-505dcffac982
.lehner-versand.ch/	1970-01-20 10:37:44	Name: _gcl_au Value: 1.1.1850929020.1672088551
.lehner-versand.ch/	1970-01-20 18:04:08	Name: _ga_NEGZ4C7KK5 Value: GS1.1.1672088551.1.0.1672088551.60.0.0
.lehner-versand.ch/	1970-01-20 18:04:08	Name: _ga Value: GA1.1.116610947.1672088551
.bing.com/	1970-01-20 17:49:44	Name: MUID Value: 08BE10105B366446052D02965ABD65A0
.lehner-versand.ch/	1970-01-20 08:29:34	Name: _uetsid Value: 9cdde940856011ed8f919fecc6e8adbb
.lehner-versand.ch/	1970-01-20 17:49:44	Name: _uetvid Value: 9cde0a60856011edbc29157275981990
.lehner-versand.ch/	1970-01-20 10:37:44	Name: _fbp Value: fb.1.1672088551401.1934872310
.criteo.com/	1970-01-20 17:49:44	Name: uid Value: 7b730a42-eeb0-4e37-9334-a81bd7fd7a46
.google.com/	1970-01-20 12:51:39	Name: NID Value: 511=VOCJy5BeeLfPSk2j1lSnZinxHsVgzS7iOeS8mIFvzsgV84K8CFDVyixJrqWaKfyRgABxnWnbo9_LTVZ0w6cwwdlzRA8hI9PRZJ04TxJFKnTgoZViqcJL2c9XJk2_A9GCeuSlvqFlvCaFObYmyJR5MdawHsKCkM7xz_KPBpFZIGY
.lehner-versand.ch/	1969-12-31 23:59:59	Name: _gbs Value: 471648995c1642469f700b1576a646bf
.lehner-versand.ch/	1970-01-20 10:37:44	Name: _gbc Value: 759bb609d0ff4eb8a5eb7bb5b1b5760d
.lehner-versand.ch/	1969-12-31 23:59:59	Name: _gb_lh Value: www.lehner-versand.ch
.lehner-versand.ch/	1970-01-20 17:57:32	Name: cto_bundle Value: QnwCGl95ZlpaclJUTnV3bmk2OFBmTm1NY2c4elp0TGgwb1Jjb2owRnlEVmp6MFBiZjR1T0JlTExyNmJJRExMUWE3NTB2ZlQxNFZFcmNidnJ3eTRabnFiUHclMkZ6UWU1SEVHZyUyRlFQa1Z0JTJCc1FHWlhoMG5zSzJsSm9jUnQwUFRjMThlVWIlMkZ1M0hHRXlOV0h3bmRkdUhITnNpNldFWVlyWmFBVnRXbExzY1gyVENhSG84NCUzRA
accounts.livechatinc.com/	1970-01-20 08:28:08	Name: __oauth_redirect_detector Value: counter=1&t=1672088581&tag=f77cbaba2e1fc6c200e5132d23228f9c55581ea9
.lehner-versand.ch/	1969-12-31 23:59:59	Name: _gb_views Value: 1
.lehner-versand.ch/	1970-01-20 18:04:08	Name: gb_push_permission Value: default
.lehner-versand.ch/	1970-01-20 18:04:08	Name: gb_has_push_support Value: 1
.lehner-versand.ch/	1970-01-20 18:04:08	Name: gb_is_push_subscriber Value: 0
.www.lehner-versand.ch/	1970-01-20 08:38:13	Name: last_visited_store Value: de
www.lehner-versand.ch/	1970-01-20 08:38:13	Name: mage-cache-sessid Value: true
.adnxs.com/	1970-01-20 10:37:44	Name: uuid2 Value: 8330093535669466586
.bidswitch.net/	1970-01-20 17:13:44	Name: tuuid Value: 1542b3c9-f5d7-450c-b34e-3d360985a7c0
.bidswitch.net/	1970-01-20 17:13:44	Name: c Value: 1672088552
.bidswitch.net/	1970-01-20 17:13:44	Name: tuuid_lu Value: 1672088552
.casalemedia.com/	1970-01-20 17:13:44	Name: CMID Value: Y6oL6ES3.vJm0ZujMVMuNQAA
.casalemedia.com/	1970-01-20 10:37:44	Name: CMPS Value: 5165
.casalemedia.com/	1970-01-20 10:37:44	Name: CMPRO Value: 5165
.doubleclick.net/	1970-01-20 17:49:44	Name: IDE Value: AHWqTUnu8OZRoNwSpFa7xrFREBJSierAm6JNf-9MZcFOEfDqV_uQgKKm4R_gYgg3_YA
.media.net/	1970-01-20 17:13:44	Name: visitor-id Value: 3150901529172230000V10
.media.net/	1970-01-20 09:11:20	Name: data-c-ts Value: 1672088552
.media.net/	1970-01-20 09:11:20	Name: data-c Value: k-EAoUmpxcHxQ4bwhCIXTVmx78vHAHUhx9Xq8yeg~~3
www.lehner-versand.ch/	1970-01-20 18:04:08	Name: private_content_version Value: c970a0cc56c9fd876c1fdf106ef442aa
.casalemedia.com/	1970-01-20 10:37:44	Name: CMTS Value: 5200
www.lehner-versand.ch/	1970-01-20 08:38:13	Name: section_data_ids Value: %7B%22messages%22%3A1672088552%2C%22customer%22%3A1672088552%2C%22compare-products%22%3A1672088552%2C%22last-ordered-items%22%3A1672088552%2C%22cart%22%3A1672088552%2C%22directory-data%22%3A1672088552%2C%22loggedAsCustomer%22%3A1672088552%2C%22captcha%22%3A1672088552%2C%22persistent%22%3A1672088552%2C%22review%22%3A1672088552%2C%22wishlist%22%3A1672088552%2C%22customweb_external_checkout_widgets%22%3A1672088552%2C%22amgiftcard_cart%22%3A1672088552%2C%22refusion-affiliates-addtocart%22%3A1672088552%2C%22recently_viewed_product%22%3A1672088552%2C%22recently_compared_product%22%3A1672088552%2C%22product_data_storage%22%3A1672088552%7D
.360yield.com/	1970-01-20 10:37:44	Name: tuuid Value: 7c269306-77d6-49ad-b996-87541baefe60
.360yield.com/	1970-01-20 10:37:44	Name: tuuid_lu Value: 1672088552
.yahoo.com/	1970-01-20 17:14:06	Name: A3 Value: d=AQABBOgLqmMCEND_5bouJ8IIbYqj5J7ja1UFEgEBAQFdq2OzYwAAAAAA_eMAAA&S=AQAAAhJER0yVqE49DT1fQOQ5Vsc
.analytics.yahoo.com/	1970-01-20 17:13:44	Name: IDSYNC Value: 18zh~292l
.360yield.com/	1970-01-20 10:37:44	Name: um Value: !38,qNg90iBjTdZfssFdI-7pyHkQAZmEeaIk4sy1frFsSyJguBcqGEmXrHhZcNWzHUqfWIelM0cx,1679864552
.360yield.com/	1970-01-20 10:37:44	Name: umeh Value: !38,0,1734296552,-1
.id5-sync.com/	1970-01-20 08:28:08	Name: cf Value:
.id5-sync.com/	1970-01-20 08:28:08	Name: cip Value:
.id5-sync.com/	1970-01-20 08:28:08	Name: cnac Value:
.id5-sync.com/	1970-01-20 08:28:08	Name: car Value:
.id5-sync.com/	1970-01-20 08:28:08	Name: gdpr Value:
.id5-sync.com/	1970-01-20 08:28:08	Name: callback Value:
.demdex.net/	1970-01-20 12:47:20	Name: demdex Value: 12839757358087067134505723355732873770
.pubmatic.com/	1970-01-20 09:11:20	Name: KRTBCOOKIE_97 Value: 3385-uid:k-XrGS05xcHxQ4bwhCIXTVmx78vHDk225kX0la6g&KRTB&23144-uid:k-XrGS05xcHxQ4bwhCIXTVmx78vHDk225kX0la6g&KRTB&23286-uid:k-XrGS05xcHxQ4bwhCIXTVmx78vHDk225kX0la6g&KRTB&23287-uid:k-XrGS05xcHxQ4bwhCIXTVmx78vHDk225kX0la6g
.pubmatic.com/	1970-01-20 09:11:20	Name: PugT Value: 1672088550
exchange.mediavine.com/	1970-01-20 08:48:18	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%229d929f60-8560-11ed-abcf-558a4f99737b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:48:18	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%229d929f60-8560-11ed-abcf-558a4f99737b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:48:18	Name: am_tokens Value: %7B%22mv_uuid%22%3A%229d929f60-8560-11ed-abcf-558a4f99737b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:48:18	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%229d929f60-8560-11ed-abcf-558a4f99737b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 08:48:18	Name: criteo Value: %7B%22id%22%3A%22k-SsdMepxcHxQ4bwhCIXTVmx78vHD4SBQB2wZ63Q%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/	1970-01-20 12:47:20	Name: dpm Value: 12839757358087067134505723355732873770
.krxd.net/	1970-01-20 12:47:20	Name: _kuid_ Value: PSBH8aOd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
accounts.google.com
accounts.livechatinc.com
ad.360yield.com
ad.yieldlab.net
api.livechatinc.com
apis.google.com
bat.bing.com
beacon.krxd.net
cdn.livechatinc.com
cdn.trackjs.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
googleads.g.doubleclick.net
gtm.adt313.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
m.lehner-versand.ch
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
play.google.com
push.getback.ch
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.livechatinc.com
simage2.pubmatic.com
ssl.gstatic.com
sslwidget.criteo.com
static.getback.ch
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
track.bx-cloud.com
ups.analytics.yahoo.com
usage.trackjs.com
visitor.omnitagjs.com
www.facebook.com
www.getback.ch
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.lehner-versand.ch
x.bidswitch.net
104.110.240.19
104.110.240.66
104.18.33.19
104.85.0.23
108.138.7.16
13.32.27.55
141.226.228.48
142.250.184.226
151.139.128.10
158.69.52.117
162.19.138.82
178.250.0.163
178.250.2.146
18.156.0.31
18.158.8.202
185.255.84.152
185.64.190.80
185.86.139.57
195.201.169.234
20.13.96.71
2001:4860:4802:34::36
23.0.251.50
23.222.35.84
2600:1f18:612b:4200:8aa9:ea43:9402:2506
2606:4700:20::681a:3cc
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::200d
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9c
2a00:1450:400d:803::2003
2a00:1450:400d:807::2004
2a00:1450:400d:807::200e
2a00:1450:400d:808::200e
2a02:2638:1::13
2a02:2638:1::d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.197.232
3.16.134.16
3.64.18.221
34.117.157.22
34.251.47.116
37.157.3.20
37.252.171.53
52.29.94.1
52.57.58.128
54.194.137.201
54.229.18.25
54.73.139.57
69.173.144.139
76.223.111.18
83.246.80.29
85.215.5.31
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0632db5862332ab9532c662a841ffcf248e251a3598c47af1c161397f86b83c0
064f1858b62681717ad3be9621429cb72faee29546bc25c25dc3e490aa1076d5
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
1273dbbeb9ef68b7505121b95c75d0300302642625fe965e5a12b92e4611f42c
1a518bb2c952a4b57e742ce4bba930d93c1bf8d01e829259dbfb3bbf7844b207
26466e3e04255953aa555833e4e546a612ad11109ae2b676142906e3ace01ed3
282fcd222a1c96d5bf34e72b8a30bf97e9ee3a0ddf4bd8ff49fcb369582783c8
2a71aee4b487f1bcd4cd2bae96b413b4dc6b3b87c04d9f46eeefd9a790155c6e
2dda80b68d4e15407292a3cbcfb93f409a7ed0f71adc434f8384c444a7494882
30abdec0ff019f8193494188b2ff5127368b51c14abe6207b3ae1383e385fa6c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
364958c139fd1ebcfec4563b472cbf344ee5abe299daa70f45d2b69056730482
3a412ed7cb40c8dbff1485ff2bebe6c6ad4a85452637468eb624c7c7ecbce95e
3a7afff1ea3cd33bacd2d9c9afd4b2e575092b87a010a537ef50615de81ddf81
3fc415251136981839ee367373ccf98833beb49158ba57b9803cb1f1f313f737
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
4a9bc201b9ad57267d872d6f986527614baaa17f14d37cb04f1dc8b37d53021f
4cdae00125542e7d27b5b5ff1de2162170765c9f7b6592e22cc625d00f300196
4d7ada10668aec5046d7c7aec8341d66e9bc0f329d59b270b2ce8fef61f38411
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5da7d70e5dd8c8974fefc1a6f3a3654f696d87162e3be6132ab6946ff8e6b6cc
646310db7d32ce013422255bcceef392e75d05dbf0732c77c4df546fda60e131
64900605086496e957c7cc237a8dc5be9e3383c1410d5394a6b2872757882d01
6808299f09d8cbb9c76e9f7b497c6911960b368778690236112e1eca61ca697c
6a88ebdeefa52e65d28d6dd811ed1b77e40b2f54f0e3ffb5ed9719c999babfa7
70e9a42feb64bbc9f11bd91f5a81094ece58a13c368576f14c86bcc9ae1dc576
7591b8564ab1b7a61343e65e646ff462979c98a940092c0a5c3db554a3a4ffa3
778fd5db12dadf66c62d9c347cd375e72d6c180d3efa6fbc4a603b520b8b1ba4
789004161310aeb7faf98d0bce714878366e5eb7521541970762955c285d35a9
7b116ac42dfa848b8cbeff07cae0cc208a898111a7191ab266b4f0241683671a
7c25e2142f2aa74947fbee57eba2fff6da99ff3f7a1f241e1db2745f5abb11db
8250a0a8a2b63bfae72b2604bc53e7764530aa08651e7c0cb253a90a6c762a8c
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865aaca9f8bc16868a60f4b53c3a80bcea1a359e8f2aad3aad3e0afbc2dd4fe7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d9992c5b2e1f1a91faad442284409fb2d5ede2d339664bf55f2e88757ff9261
8f9222a099bc53b4a6186012e4cb8cc0cec61af8cd7fe6453371b22fdbd8b142
93efe7fc2b9094290ca8c3512a87cb1b30377407f503079d10d82546aee539b1
9523a5a1531e063a25b418436ada3f36ca6778d56dca77315b2796bb479a3bb0
98df02b9a7834d9fd11a3bbf4f180a395359924ad6b670b13928fd7b2bb93637
994fdad01e6fc1cd44f47fc538cffc8f925fadbe272e494e292c785e0f2166fc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2cd4e8acf10bb51bdeb0c9081d86c3f4eed4b8314a5212a91e1763acdb7257a
a5229c4a3c1967b9b6819beafd832ebf8988815745ef985aa9bc80ce366f80c4
a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b
a8c1e01b8192fdd0b4a486a0b9dee0b3e721fb88b6cf37757603c2bd0b75a9a5
ae107b9ce3bcdf1f4d9e2033d52bec36b69c8360ff311a858b76c8c9a00ed0b4
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2be0b36249c190613a2ef361c20fa86cb01bbb2ab1446cb892d8d12bab25037
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5f81bf9ea308b928ec8f39af28da7fcfc0b853c45ae40c3ab7e56fb7444b7b7
b96b1a7ad2bf96449d5869ffef74a15f0aaddd491ba1e77c57f083dfff178e13
b9b25536890e2cfe49ea043da3541262e0720f94d464478a19f1d1fc35248771
ba01a0369f5a0b515e9501e05d4ad8f9c3bb149c4f1b11584ae3a73681ccd71c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd3d39ac97e1bba3259e2d2e073f5f6bb15dd7bf033b2b67f2d4f1be060f2846
c770cffe5107394a13d89d101af7dc4c9abdbb3e2bb4c63f6fcdecc20f2e9ec2
c898c1a0003ffc7b7314aeae1333ed66e4d69a2ccc078a9069090423ced86982
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3866f57ba7a47425f5aa636377cdace170d1e3e9e38abd3aa1c239f8fe2a549
d43d3e32316f379e63b5020b423618f90a2c8ca101a4c8808a904e4e423a289f
d8d54345132ec9ffe48caf618750c726a5db42a34e92ecd8e82e7f73818a9d24
da5d7379bbe5f28fd805e493f2a658e903328bb67c2a024a9eb9b39003708435
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00b6ba8eb08ebf4bf5addf93427352c33a5b1d090366851361f1584c166ffec
e0be6e128dd58edd11961625cf917b5f322aad95e5c5fcc04907ff08bbc3ca59
e0f2a2385cc0e7d4e6c021fe4d57d0a0e8f2c22c6411585109fbc16dbaf9addb
e1c9b6841b0aa3860d4de410ac328d2abb430e820e3d86fc56ba6c4efb32b0fa
e1dd11c17d5d9f2c09a75157af942b42e1342eaa1e22cc95e1fb0ac25611e4f9
e20d444e9bbde2dc36407e3c76df7c9139b798b5fb8b139e35de5114af760d3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377
e5ea5d7a883a1277fee8665d47eb69dbb0559e3151d940cd9f9dbe2f852aa891
e7201e75675b887e94ce4278a30fd7f6bc29a7953f638afbba477052424d7fb3
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
eaad8e0effaeb7ffe5e9b3d73034af06093a69bf2c45ecb8446788d3779b8b47
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae85c971408d9fd5c2a9781576086b9b6295056a724a71eabe2e7b24264373
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f4cdf668d67ad6949785eb9064b3fccb680002f699d811481cf7b4aff5b1eede
f4d5d43f7c2d138b45530ffceb38494c7c0437ed131556d479f25cf65cb9a4c1
f6759ed73aba0a5903e6d5f1adba906e83d1aac0a8e6e617eac568b913690e04
f6a9c321f948a06f592871be20431dbefb1269cf498649d668ab22ce79bbb971
fe56089a4d8a2239713840a9afbc442fb889847a6a922c1ef50c86367df32a5f
fe8886cbb8c25e660cf13f6a90f3f53c84d47b2c1d8fb99b05b6e35f6b388f5b
fe92ff49ddb53e0bc1716cdfac74e2ad313d6df2a33b20102c6c1bac75d6b76b
ff5fe555523a8cdc942d5f69d16593e448a1ac92f90fb57975d89389d4913137

www.lehner-versand.ch Open in urlscan Pro 2606:4700:20::681a:3cc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

92 %HTTPS

34 %IPv6

44 Domains

62 Subdomains

55 IPs

10 Countries

1569 kBTransfer

4393 kBSize

72 Cookies

9 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.lehner-versand.ch Open in urlscan Pro
2606:4700:20::681a:3cc Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

92 %
HTTPS

34 %
IPv6

44
Domains

62
Subdomains

55
IPs

10
Countries

1569 kB
Transfer

4393 kB
Size

72
Cookies

131 HTTP transactions
0 data transactions