urlscan.io logo urlscan.io
SecurityTrails logo

pages.kw.com Open in urlscan Pro
34.36.254.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mikeslist.vip/
Effective URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Submission: On June 06 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 46 HTTP transactions. The main IP is 34.36.254.121, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is pages.kw.com.
TLS certificate: Issued by R3 on April 18th 2024. Valid for: 3 months.
This is the only time pages.kw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    15.197.142.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
mikeslist.vip
2    34.36.254.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.254.36.34.bc.googleusercontent.com
pages.kw.com
3    52.216.208.200 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    2400:52e0:1e00::1078:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.icomoon.io
1    54.231.137.233 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
kw-console-assets.s3.amazonaws.com
12    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    2a00:1450:4001:81c::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net
www.google.com
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net
maps.googleapis.com
4    35.227.253.245 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.253.227.35.bc.googleusercontent.com
kong.command-api.kw.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
12 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 260
246 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
maps.googleapis.com — Cisco Umbrella Rank: 387
storage.googleapis.com — Cisco Umbrella Rank: 451
10 MB
6 kw.com
pages.kw.com
kong.command-api.kw.com — Cisco Umbrella Rank: 313958
62 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
282 KB
4 amazonaws.com
s3.amazonaws.com
kw-console-assets.s3.amazonaws.com
363 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
969 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
2 icomoon.io
cdn.icomoon.io — Cisco Umbrella Rank: 17262
31 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 354
26 KB
1 mikeslist.vip
mikeslist.vip
362 B
46 11
Domain Requested by
12 cdnjs.cloudflare.com pages.kw.com
cdnjs.cloudflare.com
5 storage.googleapis.com pages.kw.com
4 fonts.gstatic.com fonts.googleapis.com
4 kong.command-api.kw.com pages.kw.com
3 www.google.com pages.kw.com
www.gstatic.com
3 s3.amazonaws.com pages.kw.com
2 www.facebook.com pages.kw.com
2 connect.facebook.net pages.kw.com
connect.facebook.net
2 maps.googleapis.com pages.kw.com
maps.googleapis.com
2 fonts.googleapis.com pages.kw.com
s3.amazonaws.com
2 cdn.icomoon.io pages.kw.com
cdn.icomoon.io
2 pages.kw.com
1 www.gstatic.com www.google.com
1 cdn.jsdelivr.net pages.kw.com
1 kw-console-assets.s3.amazonaws.com pages.kw.com
1 mikeslist.vip 1 redirects
46 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
Subject Issuer Validity Valid
pages.kw.com
R3		 2024-04-18 -
2024-07-17		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
cdn.icomoon.io
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
storage.googleapis.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
kong.command-api.kw.com
GTS CA 1D4		 2024-04-24 -
2024-07-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Frame ID: AC846E0EFE682535D272019E3C1218E2
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS&co=aHR0cHM6Ly9wYWdlcy5rdy5jb206NDQz&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&theme=dark&size=normal&cb=vvp081lmycn6
Frame ID: A3AD0881B943057723BB713EF7BB30FC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS
Frame ID: 1C8330A0E28B6A6851F3DF3D01AB8666
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mike's List

Page URL History Show full URLs

  1. http://mikeslist.vip/ HTTP 307
    https://mikeslist.vip/ HTTP 307
    http://mikeslist.vip/ HTTP 301
    https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /Chart(?:\.bundle)?(?:\.min)?\.js
  • cdnjs\.cloudflare\.com/ajax/libs/Chart\.js/([\d.]+(?:-[^/]+)?)/Chart.*\.js
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

46
Requests

100 %
HTTPS

53 %
IPv6

11
Domains

16
Subdomains

16
IPs

3
Countries

11758 kB
Transfer

13093 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mikeslist.vip/ HTTP 307
    https://mikeslist.vip/ HTTP 307
    http://mikeslist.vip/ HTTP 301
    https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cpfl47qn482s775stkg0.html
pages.kw.com/michael-winter/602780/
Redirect Chain
  • http://mikeslist.vip/
  • https://mikeslist.vip/
  • http://mikeslist.vip/
  • https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.254.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.254.36.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
0d1e9020ac413b2433b2407ce7798cdacdedf4a6bcf4ba650e801743523a5c61

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52946
content-type
text/html
date
Thu, 06 Jun 2024 22:09:06 GMT
server
istio-envoy
via
1.1 google
x-envoy-decorator-operation
lp-fileserver.tier2.svc.cluster.local:8080/*
x-envoy-upstream-service-time
118

Redirect headers

Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
Date
Thu, 06 Jun 2024 22:09:05 GMT
Location
https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Server
ip-100-74-4-41.eu-west-2.compute.internal
Vary
Accept-Encoding
X-Request-Id
62e8eb6d-0dcf-420c-8b27-f811d1a3453e
real.css
s3.amazonaws.com/kw-console-assets/css/ 		136 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/kw-console-assets/css/real.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.208.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e2dd37233b4ac9cb81185715ac4129d401020b0e17aa8f28a666b7e5f9e5a94f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 22:09:07 GMT
x-amz-version-id
S3.Bltp_ZIa1jPKNFFPMmWGxJc.jfRHu
Last-Modified
Wed, 15 Feb 2023 17:16:31 GMT
Server
AmazonS3
x-amz-request-id
G0S8E8CXAS5Y8HPH
ETag
"04e38a27e41b3e5bf08d54144b0d9bbf"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
139105
x-amz-id-2
7FIbu9XilQbYmuwwr1mcbSp+qnllPrgyTXedruwDuUfPqKDiCvlfLSqulPMZrj9YDS29jZmAaqs=
style-cf.css
cdn.icomoon.io/149221/KW/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.icomoon.io/149221/KW/style-cf.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
8c440009e8ad667c9f76ea18c1515395eb773bcfaf32a283227a0a2e25a14ac9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
cdn-edgestorageid
1075
cdn-cachedat
04/15/2024 23:00:09
cdn-pullzone
1460617
last-modified
Thu, 17 Aug 2023 15:55:47 GMT
server
BunnyCDN-DE1-1078
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"49b231a594598df22f4884ff2faa4fe5"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
66c99a1c7ff88b48d74a312c6082f701
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
prefixed-consumer-grid.css
kw-console-assets.s3.amazonaws.com/css/ 		221 KB
221 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kw-console-assets.s3.amazonaws.com/css/prefixed-consumer-grid.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.137.233 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e66ce2194a28121844896ef35548a492ba5c22723c29728a3ca346aa924ee85e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 22:09:07 GMT
x-amz-version-id
YN234oEbicDzJV1Ps5o1yk.INMeDtjo7
Last-Modified
Thu, 16 Feb 2023 01:11:26 GMT
Server
AmazonS3
x-amz-request-id
G0S7NJAGW7HQGXW1
ETag
"ca3ed0fdcb748ae05aed5715d9d8bdce"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
226149
x-amz-id-2
ZcrZJjTn9irbuL/HkljcjKMaN9fVMU1M53J/rZypTy2V9gTuvJVJINR+SYVQafQ6zVWnszl0E5s=
nouislider.min.css
cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/nouislider.min.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3323ce4a9aebf7fbd1c174d8734b1ac3ceb297318cd8755129651f1c816d6bbe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
176432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
921
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-f0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=edt5cknZ6cWWOBprzjZXmNoz3Ft%2BwRMyN2bdi%2FSoBZ6RMw5Vszxi%2FTuAQfuepKCv8Ap8bgtgup%2B7qJFI6iMEG2uyBkdF7H0um9m6SuOFu65Aydw%2FN5q%2FmSUPFp2C%2FHS88%2B9jIdBY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbeb739da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
597625
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpQXLYRgY6%2FMea4CQ5Hv358KSPz1gYKda1V3b3fve5hFOAK5ZpReJzEFvR7UhVi8eDWof9NDfq46A3kYP6BB7TCceHLFREhqUqrUfXfnwXPcT%2B1sZC7gCIZ5GMdufFGa1KVFbCjE"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbeb939da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
css
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26eaf8c2dff2c35edd16a7c1140c11f226bccdcfe598a58bf156ebb6b59d54c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 22:09:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jun 2024 22:09:06 GMT
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/intlTelInput.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
176457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1970
last-modified
Tue, 13 Sep 2022 14:08:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63208edf-7b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYI9P6lQhbYetTnOYnte2SFKKTuLuTlGl8tjUDrigEaHaFZ7k0JgCLrwQkOReTFAxt9iw8mjqxqNr%2FNJzog%2BXVUvzVoIXe4%2FkeNcARsEKaVhoIENwzeN3Rj%2FHqKf9qqeLKLK8d8o"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbeaa39da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
js
maps.googleapis.com/maps/api/ 		258 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
bb68584492c8167a99e2c2cf651f266d866a533149573aa52f29278439bc2c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86910
x-xss-protection
0
es5-shim.min.js
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.5.9/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.5.9/es5-shim.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1724757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7596
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-636d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8Doy8EdtimaZFXgXMXnF2TwRZpHlEWI7SdldUbv87u7gk1%2F0yoy8EZB%2Fhp0tMDd%2BtzNM8DfZIZwDeRhgSUbJpr5bdZCjBrNjK%2FMZy0b%2Fhg0wVuRv1O%2BMBFlHrlMq5mCWFshYrVW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbea539da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
es6-shim.min.js
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.9.3/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es6-shim/0.9.3/es6-shim.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88523d4d96f0cc7b8fc1846963d2122ad4fc7e72d9fa6a3b4bb164a96e702d48
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7360505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4820
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-3ecd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8us5lmSkxcLiyEkvbSJS50ptUuBXDbcInJpqcpQTRlZXOu9txP8rLXplsrtB5TZqGskhMiUaIj184mrtJfa61DrEudlf5%2FhClL9hPuU76OQ8rqQUBRctw%2BGARk7IxcxuXJu8Kx5i"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbea939da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
nouislider.min.js
cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/nouislider.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57bebe1420e09ea56a69f510ef8728891eea03719de99955b8581dc1c1821a57
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6961
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-5740"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hcn3%2BYcq2QmeEEMNyv3b%2F6kgnKiPYJ2rgYa6IjIwPqGdewog4ur%2Bkobht4Mg5q2p%2FLccuMU62c9TpQlFQzUWb4l%2FkMeQ6wi79d8n3vAoCMqHBimmgaFAAIa%2BlbQhEQkP7JYtEh4C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbead39da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
Chart.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/ 		205 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/Chart.bundle.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319a395d8d4087b67602e8b8fda9647de8aadc2a2931d57f6db91cfd2878d7eb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
605240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
55786
last-modified
Mon, 04 May 2020 16:03:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cee-335f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jBGiuGjhPuDlvaQUYDYjd4ljrD5mtjl5dYcZPhPb6Vo%2F13Ps5K3c7oaErlSeoZnjerHNEwN4a%2F13%2BHK86Y%2FZqCwC8gX2C694V1dRozDF8gLZqNSTK21jypOHF9P0ixzC2YMZ4Hdt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbeae39da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
tiny-slider.js
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/min/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/min/tiny-slider.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5abbe1236a010bbe65bb5e80ce833e0308a1dea741ae0be930e94f0640aa3de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11348
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-7bf9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDTy3HmJhgxzsqBkzJitDudcIITKkm605nTzMIaJmow40gM5hq4WndSRNann8Gegrwaxkg4UE9bv1cPgfVo7tWaAFyv0RwGgwFSoiVRqSTuMGdaprCOPuQ9PbjaayGA8anf2fFUB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbeaf39da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
lodash.min.js
cdn.jsdelivr.net/npm/lodash@4.17.11/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lodash@4.17.11/lodash.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effca8652df9e3c7d74915ea73fc58ce3b26b96dec14aceebce087774e8f9a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2879507
x-jsd-version
4.17.11
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25711
x-served-by
cache-fra-etou8220066-FRA, cache-lga21938-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"11e0d-3OXT28m77PLKdI3jgbSD65CA5Po"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2By%2BsxJNUtLDVTJHwtUZAzLj5wr19c1BG55Kaj4glknkMNGqT5lgGgFMjQNgTU2lySaICDO1DNxTewtopVexfwaiPaypGgA8CmmLf984N1rkIsL0k5a5zhsVkWiS%2FpHHdY30nocAT9%2BkGfBYSWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dc8c5363e-FRA
libphonenumber-js.min.js
cdnjs.cloudflare.com/ajax/libs/libphonenumber-js/1.9.20/ 		148 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/libphonenumber-js/1.9.20/libphonenumber-js.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65545b63c9371c00f0e3acd843b61a550cb36b310784e3a944496012171a91f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5446169
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
32164
last-modified
Sun, 20 Jun 2021 19:35:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60cf987e-7da4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7TcQnGlRKPm4dqz8n8e9np%2BXFL%2BH6hLzmMGfEkOucTF8vvB4JmaOhWkS74gcC5HPRhzHhzo8P9QwCjskApTTtVDBNF74HesYXz8T5ZO5%2Ba9QNYeUu2sghO251nqIx4sSy6PVoTJF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbeb139da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/intlTelInput.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd20b6e4bb5af8690406a2de275141ea221822ba78a99261b5412d2ba9ca217c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
174494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8933
last-modified
Tue, 13 Sep 2022 14:08:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63208edf-22e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2B3nlJ3y9oT3iSra96zUf6toRjzjSXJSaZ5tWwctNe377h4TS%2BoCQmJUFMxAsZE5aW8WU%2BqcJTCGnBbacfrp%2FhyRUuVGsYb1qCYrLQa8RDqHzGqIq80sEPq0zy6PEz6fFYoqezYA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbeb239da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/ 		243 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/utils.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67fec30ceac38bc9439e34f50f29a25697238404f8d382641e0f81d214196bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
602006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
45672
last-modified
Tue, 13 Sep 2022 14:08:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63208edf-b268"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFkCPYQPCD2b8kNpfARrIJFSiZawEx7rixup3J4xbomkAjJX493wOOXT9Bsp7EAK51%2F7loyaUZt7Ef%2BQiRPIVZaMuzxhSeRD1o9dmTId3u3Vrv%2F1JSUY5v8GjLVtA4kTG36qQPy1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb98dbeb539da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
informal.svg
s3.amazonaws.com/kw-console-assets/images/kw-logos/ 		401 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/kw-console-assets/images/kw-logos/informal.svg
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.216.208.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ca3c900b36b6327a0b1ceb5bc847be9683f5e338b84f9a98a076e9c78b9f45b8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 22:09:07 GMT
x-amz-version-id
kfmveB9H0linVLbgRdr6xs6zsfOvuwtp
Last-Modified
Thu, 13 Apr 2023 20:50:39 GMT
Server
AmazonS3
x-amz-request-id
G0S8FJFDPBEGW0GG
ETag
"a1e5d4e2a9a10c266b196b02e1dfc387"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
401
x-amz-id-2
C+MKkPB3+AnuOqdkepS9giDYG4j9Bs44rSiV8nWt+MxPGOcLd/xGjkqWB40rXSbG5+g8X/XqTBM=
cpfn8thter1s70bapn90.png
storage.googleapis.com/attachment-prod-e2ad/602780/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/602780/cpfn8thter1s70bapn90.png
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
00a069ead903b57eaee537fa6cc1cd16b2fc677466a2066f9a639fd9a8450e7c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
x-guploader-uploadid
ABPtcPq6amz2sRxUFpOOTvkuZi9LdN4JbrBY9mncN68gpDq7NV7Hq_io63ctxmZ6sxrw2BSsh7QxKfgJaA
x-goog-meta-file-name
kwonly-favicon-hpstacked.png
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=kwonly-favicon-hpstacked.png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43589
last-modified
Tue, 04 Jun 2024 20:09:26 GMT
server
UploadServer
etag
"9d41b51faa4d296ca7445ee67bffd6d7"
x-goog-generation
1717531766247960
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=ofJvxw==, md5=nUG1H6pNKWynRF7me//W1w==
cache-control
Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length
43589
accept-ranges
bytes
expires
Thu, 06 Jun 2024 22:09:06 GMT
primary.svg
s3.amazonaws.com/kw-console-assets/images/kw-logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/kw-console-assets/images/kw-logos/primary.svg
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.216.208.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e38ca4f731276a45daeddf80f32df269d1f218c0832ddbdd1d16dacae99a8f15

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 22:09:07 GMT
x-amz-version-id
Us3jcu6Yb7414BDYl9iGm7KX.5oZqcKz
Last-Modified
Tue, 28 Feb 2023 17:15:44 GMT
Server
AmazonS3
x-amz-request-id
G0S75MKKEG86WR1P
ETag
"450519e1d9b43990ecf257def8feaad8"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
3934
x-amz-id-2
92aVFa0gY7g+jvDQUd8bz4fotdspm8z6IuWqy4yjvZUfZbThvHG/DxAWzbEwSPIrJrTsFiCSHWM=
api.js
www.google.com/recaptcha/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
cae443bb12ea2b1c7d2bce65473561ff6d09b5a847f36af1666bc6d2bee29d6d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 06 Jun 2024 22:09:06 GMT
css
fonts.googleapis.com/ 		3 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,700
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/kw-console-assets/css/real.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a59127a6af964e87984cbefb43fa9664c3edbdefa6a96353bcf86cd0b00a18d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://s3.amazonaws.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 21:52:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jun 2024 22:09:06 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pages.kw.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
cpfmqp122ars70eel54g
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ 		567 B
639 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/cpfmqp122ars70eel54g
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.253.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
245.253.227.35.bc.googleusercontent.com
Software
/
Resource Hash
c1c64e1d526401e1a52d1c39e11afca75ff8d0a769783d33bcec98821616429b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
x-envoy-decorator-operation
widget-manager.tier2.svc.cluster.local:8080/*
via
1.1 google
x-kong-proxy-latency
0
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-kong-upstream-latency
9
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
567
cpfmo2122ars70eel53g
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ 		314 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/cpfmo2122ars70eel53g
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.253.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
245.253.227.35.bc.googleusercontent.com
Software
/
Resource Hash
7ee01223fce5ae9af8bfe97dd8417c7d940b7d90831dc1aae4d47b8f4680aca4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
x-envoy-decorator-operation
widget-manager.tier2.svc.cluster.local:8080/*
via
1.1 google
x-kong-proxy-latency
0
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-kong-upstream-latency
8
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
cpfmo6talohs70p9vdp0
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ 		838 B
908 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/cpfmo6talohs70p9vdp0
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.253.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
245.253.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e73ba8710aefb626c78b900972702e8aaae3dd50947977bba92c0f5a1cbff6a8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
x-envoy-decorator-operation
widget-manager.tier2.svc.cluster.local:8080/*
via
1.1 google
x-kong-proxy-latency
0
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-kong-upstream-latency
13
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
838
cpfmo55alohs70p9vdog
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ 		866 B
935 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/cpfmo55alohs70p9vdog
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.253.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
245.253.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f1afa6b472d6aecf4f965f460649a97800b4d621a822359e9a363a47a4c76e9b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
x-envoy-decorator-operation
widget-manager.tier2.svc.cluster.local:8080/*
via
1.1 google
x-kong-proxy-latency
0
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-kong-upstream-latency
8
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
866
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 06 Jun 2024 22:09:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Xm1TdtLOsvD7pQ1Lmzk4hxvbmtU4SvfBpuJxqw/yQ/IFiLewh1QQRxECGTa7OkUsBMe/dN6JV+3UHwUNZXWkPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/img/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/img/flags.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/intlTelInput.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/intlTelInput.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
694018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
67650
last-modified
Tue, 13 Sep 2022 14:08:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63208edf-10842"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iuerkGx%2BjfXILUglVQLNlqVrzGuvB9c6nBge8JE1d%2FzbeD2lFF96lt0p4cup3%2BGunzjzGrqppc3oIxFrsNv0D0RURo807ekzEBb3gI6tDCzHVISTKy4ZqljAJoRxMfh%2Fh%2B72wIkf"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88fbb9918abf39da-FRA
expires
Tue, 27 May 2025 22:09:06 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://pages.kw.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:11:11 GMT
x-content-type-options
nosniff
age
201475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:11:11 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://pages.kw.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:09:43 GMT
x-content-type-options
nosniff
age
201563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:09:43 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://pages.kw.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:15:28 GMT
x-content-type-options
nosniff
age
201218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:15:28 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://pages.kw.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:09:58 GMT
x-content-type-options
nosniff
age
201548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:09:58 GMT
real-icons.woff2
cdn.icomoon.io/149221/KW/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.icomoon.io/149221/KW/real-icons.woff2?7a3ysd
Requested by
Host: cdn.icomoon.io
URL: https://cdn.icomoon.io/149221/KW/style-cf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
5538394af6d51ec90de03a47834b718e7fbf500b986203800c996aee90106d53

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn.icomoon.io/149221/KW/style-cf.css
Origin
https://pages.kw.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:06 GMT
cdn-edgestorageid
874
cdn-cachedat
04/15/2024 23:00:09
cdn-pullzone
1460617
content-length
27172
last-modified
Thu, 17 Aug 2023 15:55:47 GMT
server
BunnyCDN-DE1-1078
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"fe7fddcd9f80e7239a791e290188ab59"
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
d7d899493dad8fb4d80798182028db74
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
recaptcha__de.js
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 		515 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Origin
https://pages.kw.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 04:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209755
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 04:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Jun 2025 04:10:24 GMT
1349076498498506
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1349076498498506?v=2.9.157&r=stable&domain=pages.kw.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30cb86212db7d3c8a69586794092aed278fa13db15b3ce638f81ae6be48246ac
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 06 Jun 2024 22:09:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=65, mss=1297, tbw=63518, tp=-1, tpl=-1, uplat=65, ullat=0
pragma
public
x-fb-debug
svsH502tlkV3bv0IZXAox/PnBli5GPgBaOs4jeadb//PGdOA/Q1GWYxetg3fRh8L3ohwxP2wa1qRBKtKzBd3nA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame A3AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS&co=aHR0cHM6Ly9wYWdlcy5rdy5jb206NDQz&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&theme=dark&size=normal&cb=vvp081lmycn6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u4y1FIM2yPJEPuiodQWh1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://pages.kw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-u4y1FIM2yPJEPuiodQWh1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 22:09:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1349076498498506&ev=PageView&dl=https%3A%2F%2Fpages.kw.com%2Fmichael-winter%2F602780%2Fcpfl47qn482s775stkg0.html&rl=&if=false&ts=1717711746946&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717711746946.693255429667001106&ler=empty&cdl=API_unavailable&it=1717711746862&coo=false&rqm=GET
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=2811, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 06 Jun 2024 22:09:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1349076498498506&ev=PageView&dl=https%3A%2F%2Fpages.kw.com%2Fmichael-winter%2F602780%2Fcpfl47qn482s775stkg0.html&rl=&if=false&ts=1717711746946&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717711746946.693255429667001106&ler=empty&cdl=API_unavailable&it=1717711746862&coo=false&rqm=FGET
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x94d37e1613e16bdf","source_keys":["1","2"]},{"key_piece":"0x2e0f4a7f85dc84f7","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 06 Jun 2024 22:09:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=13, mss=1297, tbw=3128, tp=-1, tpl=-1, uplat=164, ullat=0
pragma
no-cache
x-fb-debug
cGE3LWFXvhpkWz15NamTkuSJChiMvS+t3SdUKvP17ynGK/lzdtLtO4AtkcA0uSmSmRUzopfkyNem3H5eCSiZyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
bk20lhncdmq8fg7iak5g
storage.googleapis.com/attachment-prod-e2ad/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/bk20lhncdmq8fg7iak5g
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8037cdf15d97b2777b2f21b30f272b699421342443e80fa9b7e6a9fc4681145b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:07 GMT
x-guploader-uploadid
ABPtcPrOznhrPvBAzQUCxTBpDGH0_Au6OMVbTtj3J70ifM-G0oCCIJW975sIdpFHjzHmoen4Zg9BCMLT3w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=bk20lhncdmq8fg7iak50
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27835
last-modified
Fri, 14 Jun 2019 20:59:50 GMT
server
UploadServer
etag
"da63c7569047fc8b7f4aa3cc304f836a"
x-goog-generation
1560545990218816
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=sRfW2Q==, md5=2mPHVpBH/It/SqPMME+Dag==
cache-control
public, max-age=3600
x-goog-stored-content-length
27835
accept-ranges
bytes
expires
Thu, 06 Jun 2024 23:09:07 GMT
cpfmqt1ter1s70bapmcg.png
storage.googleapis.com/attachment-prod-e2ad/602780/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/602780/cpfmqt1ter1s70bapmcg.png
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6a2dc7f36695dd064c5f88177887110df478ba2d4fb8086b39b9cc292c36c796

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:07 GMT
x-guploader-uploadid
ABPtcPq3q-cCIJ8Oq_pt9RrXEpk4a_Sv1QytlQOnCYoDlxQPNzHTqx51bqZjy9CdPTar2F4DhMWebwJGZg
x-goog-meta-file-name
blob
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=blob
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5368723
last-modified
Tue, 04 Jun 2024 19:39:32 GMT
server
UploadServer
etag
"78b97243e369beb6d27ab694871bea7c"
x-goog-generation
1717529972971614
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=bA2yAA==, md5=eLlyQ+NpvrbSeraUhxvqfA==
cache-control
Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length
5368723
accept-ranges
bytes
expires
Thu, 06 Jun 2024 22:09:07 GMT
bk20lhncdmq8fg7iak6g
storage.googleapis.com/attachment-prod-e2ad/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/bk20lhncdmq8fg7iak6g
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a9273b979be41cdaf343d87a63de7f7c6aa73ee05e7918989174d71aa67fa09b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:07 GMT
x-guploader-uploadid
ABPtcPrvVfspMEfIRU_2qiNMYILebkrWVbydouZE52BuOameQnnkIXSscAwzPP7iq0Fy6mnNHx4pqWO6sA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=bk20lhncdmq8fg7iak60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23743
last-modified
Fri, 14 Jun 2019 20:59:50 GMT
server
UploadServer
etag
"525d5575fdb64f4c23eb00b1ad7960c9"
x-goog-generation
1560545990328083
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=3+ShKg==, md5=Ul1Vdf22T0wj6wCxrXlgyQ==
cache-control
public, max-age=3600
x-goog-stored-content-length
23743
accept-ranges
bytes
expires
Thu, 06 Jun 2024 23:09:07 GMT
cpfmp1hter1s70bapm9g.png
storage.googleapis.com/attachment-prod-e2ad/602780/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/602780/cpfmp1hter1s70bapm9g.png
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6a2dc7f36695dd064c5f88177887110df478ba2d4fb8086b39b9cc292c36c796

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:07 GMT
x-guploader-uploadid
ABPtcPoIHJYux2sPff7CX57tIAUO7-rFdtxN68L3uYO2KRo_iBGJM3ELf1611tOtcBNSCUJMzi6QaPAOag
x-goog-meta-file-name
blob
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=blob
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5368723
last-modified
Tue, 04 Jun 2024 19:35:34 GMT
server
UploadServer
etag
"78b97243e369beb6d27ab694871bea7c"
x-goog-generation
1717529734983600
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=bA2yAA==, md5=eLlyQ+NpvrbSeraUhxvqfA==
cache-control
Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length
5368723
accept-ranges
bytes
expires
Thu, 06 Jun 2024 22:09:07 GMT
bframe
www.google.com/recaptcha/api2/ Frame 1C83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F1_qXZa0HGK7YAIQFtekWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://pages.kw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-F1_qXZa0HGK7YAIQFtekWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 22:09:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
pages.kw.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pages.kw.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.254.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.254.36.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
efd8b8abfac8d53514c9df09ffde24f025b0b504c6fd592a0c978163b90ba508

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pages.kw.com/michael-winter/602780/cpfl47qn482s775stkg0.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 22:09:09 GMT
x-envoy-decorator-operation
lp-fileserver.tier2.svc.cluster.local:8080/*
x-envoy-upstream-service-time
141
via
1.1 google
server
istio-envoy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView undefined| returnExports object| noUiSlider function| Color function| Chart function| tns function| _ object| libphonenumber object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils object| items number| len function| onloadCallback function| fbq function| _fbq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_914005

1 Cookies

Domain/Path Name / Value
.kw.com/ Name: _fbp
Value: fb.1.1717711746946.693255429667001106

1 Console Messages

Source Level URL
Text
network error URL: https://pages.kw.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.icomoon.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
kong.command-api.kw.com
kw-console-assets.s3.amazonaws.com
maps.googleapis.com
mikeslist.vip
pages.kw.com
s3.amazonaws.com
storage.googleapis.com
www.facebook.com
www.google.com
www.gstatic.com
104.17.24.14
15.197.142.173
172.217.18.10
172.217.23.100
2400:52e0:1e00::1078:1
2606:4700::6812:ba1f
2a00:1450:4001:810::2003
2a00:1450:4001:813::2003
2a00:1450:4001:81c::201b
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.36.254.121
35.227.253.245
52.216.208.200
54.231.137.233
00a069ead903b57eaee537fa6cc1cd16b2fc677466a2066f9a639fd9a8450e7c
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d1e9020ac413b2433b2407ce7798cdacdedf4a6bcf4ba650e801743523a5c61
26eaf8c2dff2c35edd16a7c1140c11f226bccdcfe598a58bf156ebb6b59d54c5
30cb86212db7d3c8a69586794092aed278fa13db15b3ce638f81ae6be48246ac
319a395d8d4087b67602e8b8fda9647de8aadc2a2931d57f6db91cfd2878d7eb
3323ce4a9aebf7fbd1c174d8734b1ac3ceb297318cd8755129651f1c816d6bbe
5538394af6d51ec90de03a47834b718e7fbf500b986203800c996aee90106d53
57bebe1420e09ea56a69f510ef8728891eea03719de99955b8581dc1c1821a57
65545b63c9371c00f0e3acd843b61a550cb36b310784e3a944496012171a91f9
6a2dc7f36695dd064c5f88177887110df478ba2d4fb8086b39b9cc292c36c796
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ee01223fce5ae9af8bfe97dd8417c7d940b7d90831dc1aae4d47b8f4680aca4
8037cdf15d97b2777b2f21b30f272b699421342443e80fa9b7e6a9fc4681145b
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
88523d4d96f0cc7b8fc1846963d2122ad4fc7e72d9fa6a3b4bb164a96e702d48
8c440009e8ad667c9f76ea18c1515395eb773bcfaf32a283227a0a2e25a14ac9
a59127a6af964e87984cbefb43fa9664c3edbdefa6a96353bcf86cd0b00a18d1
a5abbe1236a010bbe65bb5e80ce833e0308a1dea741ae0be930e94f0640aa3de
a9273b979be41cdaf343d87a63de7f7c6aa73ee05e7918989174d71aa67fa09b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b67fec30ceac38bc9439e34f50f29a25697238404f8d382641e0f81d214196bd
bb68584492c8167a99e2c2cf651f266d866a533149573aa52f29278439bc2c26
c1c64e1d526401e1a52d1c39e11afca75ff8d0a769783d33bcec98821616429b
ca3c900b36b6327a0b1ceb5bc847be9683f5e338b84f9a98a076e9c78b9f45b8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cae443bb12ea2b1c7d2bce65473561ff6d09b5a847f36af1666bc6d2bee29d6d
e2dd37233b4ac9cb81185715ac4129d401020b0e17aa8f28a666b7e5f9e5a94f
e38ca4f731276a45daeddf80f32df269d1f218c0832ddbdd1d16dacae99a8f15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66ce2194a28121844896ef35548a492ba5c22723c29728a3ca346aa924ee85e
e73ba8710aefb626c78b900972702e8aaae3dd50947977bba92c0f5a1cbff6a8
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
efd8b8abfac8d53514c9df09ffde24f025b0b504c6fd592a0c978163b90ba508
effca8652df9e3c7d74915ea73fc58ce3b26b96dec14aceebce087774e8f9a9b
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a
f1afa6b472d6aecf4f965f460649a97800b4d621a822359e9a363a47a4c76e9b
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
fd20b6e4bb5af8690406a2de275141ea221822ba78a99261b5412d2ba9ca217c
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d