lw-germany.com Open in urlscan Pro
185.128.34.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://185.230.140.88/?MTA5NTAwNTc0PTM1ODU3JjI5MjkzNTg9MTg2JjM3PWNsaWNrJjFma3dxZGc9NCZsaWQ9MjU3Ng==
Effective URL:
https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588...
Submission: On November 22 via api (November 22nd 2020, 6:30:15 pm UTC) from BE

Summary HTTP 68 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 14 domains to perform 68 HTTP transactions. The main IP is 185.128.34.117, located in Netherlands and belongs to EUROFIBER-UNET EUROFIBER / UNET Network, NL. The main domain is lw-germany.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 30th 2020. Valid for: 3 months.

This is the only time lw-germany.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.230.140.88 185.230.140.88	59504 (Hosting v...) (Hosting vpsville.ru)
1 1	35.204.93.160 35.204.93.160	15169 (GOOGLE) (GOOGLE)
1 1	35.204.14.125 35.204.14.125	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3037::681f:5e75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	185.128.34.117 185.128.34.117	29396 (EUROFIBER...) (EUROFIBER-UNET EUROFIBER / UNET Network)
1	2600:9000:210... 2600:9000:2104:7800:2:7bf5:a0c0:21	16509 (AMAZON-02) (AMAZON-02)
27	2600:9000:202... 2600:9000:2022:6200:b:413c:b700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::681f:582e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	185.221.86.34 185.221.86.34	206998 (NEW-2) (NEW-2)
68	14

1 185.230.140.88 (Russian Federation) 1 redirects

ASN59504 (Hosting vpsville.ru, RU)
PTR: taiane.net

185.230.140.88	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.93.160 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 160.93.204.35.bc.googleusercontent.com

lipmentos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.14.125 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 125.14.204.35.bc.googleusercontent.com

plaqexit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::681f:5e75 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.trlxcf02.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.128.34.117 (Netherlands)

ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL)

lw-germany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:7800:2:7bf5:a0c0:21 (United States)

ASN16509 (AMAZON-02, US)

djjcyqvteia9v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:9000:2022:6200:b:413c:b700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.cloudcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::681f:582e (United States)

ASN13335 (CLOUDFLARENET, US)

api.mdsyzz.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.221.86.34 (Germany)

ASN206998 (NEW-2, DE)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cloudcnt.com cdn.cloudcnt.com	369 KB
18	lw-germany.com lw-germany.com	852 KB
6	gstatic.com fonts.gstatic.com	63 KB
5	google-analytics.com www.google-analytics.com	56 KB
4	googleapis.com fonts.googleapis.com	3 KB
2	trlxcf02.com 1 redirects click.trlxcf02.com	4 KB
1	nr-data.net bam.eu01.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	11 KB
1	doubleclick.net stats.g.doubleclick.net	442 B
1	mdsyzz.info api.mdsyzz.info	2 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	cloudfront.net djjcyqvteia9v.cloudfront.net	43 KB
1	plaqexit.com 1 redirects plaqexit.com	739 B
1	lipmentos.com 1 redirects lipmentos.com	320 B
68	14

	Domain	Requested by
27	cdn.cloudcnt.com	lw-germany.com
18	lw-germany.com	lw-germany.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	lw-germany.com www.google-analytics.com
4	fonts.googleapis.com	lw-germany.com
2	click.trlxcf02.com	1 redirects
1	bam.eu01.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	lw-germany.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.mdsyzz.info	lw-germany.com
1	cdn.onesignal.com	lw-germany.com
1	djjcyqvteia9v.cloudfront.net	lw-germany.com
1	plaqexit.com	1 redirects
1	lipmentos.com	1 redirects
68	14

This site contains links to these domains. Also see Links.

Domain
gfunsubscribe.com
www.facebook.com
support.google.com
support.apple.com
support.mozilla.org
support.microsoft.com
www.teletekmedya.com
www.trafficrunner.de
www.suedstern-interaction.de
www.blueleads.online
www.mailcommerce.de
www.audienceserv.com
www.skyline-performance.de
www.cashbackdeals.de
emnetwork.dk
fullemedia.online
www.mscontent.de
www.outspot.de
www.yes-investmedia.de
www.finanztrends.info
www.aliceoffersyou.com
www.leadspot.de
www.club-leserservice.de
www.couponarchiv.de
www.einsaperformance.de
www.avionmedia.de
www.unifydirect.de
www.ematics.de
adviceglobal.com.mt
www.curablu.de
www.miranda-clairvoyant.com
nofancyadvertising.com
www.bcvplus.net
zahnschutztarif.de
gerdemann-versicherungsservice.de
maxilife.de
meinpreisvergleich.com
lifestyle-club-online.de
couponarena.de
www.dailytravel.de
www.zoo-mail.de
www.pmiprivacy.com
www.emailingnetwork.com
www.caranea.de
www.amazon.de
alohaopenwifi.com
www.trafficblast.nl
www.nuernberger.de
wwfa.de

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
lw-germany.com Let's Encrypt Authority X3	`2020-09-30` - `2020-12-29`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.cloudcnt.com Amazon	`2020-06-20` - `2021-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-23` - `2021-05-07`	6 months	crt.sh
*.eu01.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
Frame ID: 14231A1D3B8B24A2FD86BE94320034CA
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://185.230.140.88/?MTA5NTAwNTc0PTM1ODU3JjI5MjkzNTg9MTg2JjM3PWNsaWNrJjFma3dxZGc9NCZsaWQ9MjU3Ng== HTTP 302
https://lipmentos.com/?a=1588&oc=10880&c=31681&m=3&s1=&s2=186_185.230.141.132_37_89.249.64.171&s3=... HTTP 302
https://plaqexit.com/?a=1588&oc=10880&c=31681&m=3&s1=&s2=186_185.230.141.132_37_89.249.64.171&s3=... HTTP 302
https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=177372064&c3=1588 HTTP 302
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3F... Page URL
https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=1... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

68
Requests

99 %
HTTPS

63 %
IPv6

14
Domains

14
Subdomains

14
IPs

6
Countries

1403 kB
Transfer

2210 kB
Size

5
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://gfunsubscribe.com/
Title: jederzeit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies/cookies/
Title: Richtlinie

Search URL Search Domain Scan URL

URL: https://www.facebook.com/privacy/explanation
Title: diesen

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95647?hl=de
Title: Chrom

Search URL Search Domain Scan URL

URL: https://support.apple.com/de-de/HT201265
Title: Safari

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen
Title: Firefox

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/de-de/help/4468242/microsoft-edge-browsing-data-and-privacy
Title: Internet Explorer Edge

Search URL Search Domain Scan URL

URL: https://www.teletekmedya.com/iletisim.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.trafficrunner.de/index.php/datenschutz/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.suedstern-interaction.de/impressum.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.blueleads.online/datenschutz.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.mailcommerce.de/de/privacy.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.audienceserv.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.skyline-performance.de/impressum.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.cashbackdeals.de/static/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://emnetwork.dk/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://fullemedia.online/datenschutz.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.mscontent.de/agb.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.outspot.de/de/privacy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.yes-investmedia.de/datenschutz/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.finanztrends.info/impressum/%20IO%20yes-investmedia%2009052018%20signed.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.aliceoffersyou.com/terms-and-conditions/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.leadspot.de/datenschutz/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: http://www.club-leserservice.de/datenschutz.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.couponarchiv.de/datenschutz/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.einsaperformance.de/datenschutz.php
Title: https://www.einsaperformance.de/datenschutz.php

Search URL Search Domain Scan URL

URL: https://www.avionmedia.de/datenschutz.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.unifydirect.de/datenschutz.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.ematics.de/datenschutz.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://adviceglobal.com.mt/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.curablu.de/datenschutz/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.miranda-clairvoyant.com/terms.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://nofancyadvertising.com/datenschutzerklaerung/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bcvplus.net/ueberuns#Datenschutz_DSGVO
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://zahnschutztarif.de/datenschutzerklaerung/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://gerdemann-versicherungsservice.de/datenschutz/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://maxilife.de/datenschutz/
Title: Datenschutzinformationen

Search URL Search Domain Scan URL

URL: https://meinpreisvergleich.com/datenschutz/
Title: Datenschutzinformationen

Search URL Search Domain Scan URL

URL: https://lifestyle-club-online.de/datenschutz/
Title: Datenschutzinformation

Search URL Search Domain Scan URL

URL: https://couponarena.de/10183-2/
Title: Datenschutzinformation

Search URL Search Domain Scan URL

URL: http://www.dailytravel.de/datenschutz/
Title: Datenschutzinformation

Search URL Search Domain Scan URL

URL: http://www.zoo-mail.de/datenschutzerklaerung/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer
Title: https://www.pmiprivacy.com/de-de/consumer

Search URL Search Domain Scan URL

URL: https://www.emailingnetwork.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.caranea.de/site/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.amazon.de/gp/help/customer/display?nodeId=3312401#GUID-9DFA0CFF-9E83-4207-8EE5-5B1B8CFC3F4A__SECTION_B1A612A0C0F44BECB53C001C486B5CFE
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://alohaopenwifi.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.trafficblast.nl/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nuernberger.de/datenschutz/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://wwfa.de/datenschutz
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://185.230.140.88/?MTA5NTAwNTc0PTM1ODU3JjI5MjkzNTg9MTg2JjM3PWNsaWNrJjFma3dxZGc9NCZsaWQ9MjU3Ng== HTTP 302
https://lipmentos.com/?a=1588&oc=10880&c=31681&m=3&s1=&s2=186_185.230.141.132_37_89.249.64.171&s3=109500574_2929358_2576 HTTP 302
https://plaqexit.com/?a=1588&oc=10880&c=31681&m=3&s1=&s2=186_185.230.141.132_37_89.249.64.171&s3=109500574_2929358_2576&ckmguid=360dcb9f-e7b5-49d8-a7ce-1f77148c0229 HTTP 302
https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=177372064&c3=1588 HTTP 302
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dad2c777b-450b-45d8-9e78-4617d0c3fe2d Page URL
https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://185.230.140.88/?MTA5NTAwNTc0PTM1ODU3JjI5MjkzNTg9MTg2JjM3PWNsaWNrJjFma3dxZGc9NCZsaWQ9MjU3Ng== HTTP 302
https://lipmentos.com/?a=1588&oc=10880&c=31681&m=3&s1=&s2=186_185.230.141.132_37_89.249.64.171&s3=109500574_2929358_2576 HTTP 302
https://plaqexit.com/?a=1588&oc=10880&c=31681&m=3&s1=&s2=186_185.230.141.132_37_89.249.64.171&s3=109500574_2929358_2576&ckmguid=360dcb9f-e7b5-49d8-a7ce-1f77148c0229 HTTP 302
https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=177372064&c3=1588 HTTP 302
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dad2c777b-450b-45d8-9e78-4617d0c3fe2d

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

d.php Show response
click.trlxcf02.com/main/
Redirect Chain

http://185.230.140.88/?MTA5NTAwNTc0PTM1ODU3JjI5MjkzNTg9MTg2JjM3PWNsaWNrJjFma3dxZGc9NCZsaWQ9MjU3Ng==
https://lipmentos.com/?a=1588&oc=10880&c=31681&m=3&s1=&s2=186_185.230.141.132_37_89.249.64.171&s3=109500574_2929358_2576
https://plaqexit.com/?a=1588&oc=10880&c=31681&m=3&s1=&s2=186_185.230.141.132_37_89.249.64.171&s3=109500574_2929358_2576&ckmguid=360dcb9f-e7b5-49d8-a7ce-1f77148c0229
https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=177372064&c3=1588
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%...

263 B
819 B

392ms
392ms

Document
text/html

2606:4700:3037::681f:5e75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dad2c777b-450b-45d8-9e78-4617d0c3fe2d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:5e75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08032b732064c7cabb63f2449884e3ca384383b867e2ba8c39d84ad98011791b

Request headers

:method: GET
:authority: click.trlxcf02.com
:scheme: https
:path: /main/d.php?s=1&link=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dad2c777b-450b-45d8-9e78-4617d0c3fe2d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=df8eedf48bc524c0c820b3cbb2a137a621606069797; AWSALB=lMfceHQ2Zqww1DJISDuO2RHhSDwSmRYbuddrQeRC7sIyTw0dZMg3k6eYHFrzR92xmKSEW4a120v5b64iRmgk64HsEgytcq49y+7zpYvPq1y6G+8arujd+yn7iqI8; XSRF-TOKEN=eyJpdiI6InU2RDJtMDVwZHN3eG91Skwrelo3bkE9PSIsInZhbHVlIjoibEtKZktweDlkXC82RkZiSTBIZHU5WThPbjh2TTJRb09XdmpKcjlaYjJqVk1IZGhidEdHZkZ4bVQ2TEZDYXF2eUptXC9ZVHJrRXdiNW4rb3ZmODBwSndVZz09IiwibWFjIjoiOTQ5MTEwNTgyOTQ0MjY5Yjc3ODQzMjE4MmNmMWJhNTZkMzdiMTdlMTM2MjkwZTJkNDA3MjY0MjliZmRlMjdlYyJ9; session=eyJpdiI6IlJwZGZKK20zZGhVcENkdnVLMEJQQUE9PSIsInZhbHVlIjoiQzAzSXBuTmRkM3F3M0QxTnBSckZLUkxla0NHeG56YWI2N1FKNTJwc0F3cndcL0h4dlRFSkpWeFU1MkZrcDZvMTQyNlpoZW53SHFyTkdpbmNZY1dCTFVRPT0iLCJtYWMiOiI5ODUwZTcxY2EwYTEyZjgwZjJkZGUwNjkxMTUyZjg1ZWE5MjMyODIyMjA5NjAxNDJjN2VmMGZhOGM2ZDRhODdlIn0%3D; ept2=eyJpdiI6IjA5UExURFp5SkJuK2JWNklOcG9salE9PSIsInZhbHVlIjoiWnA3R0NCdmY0QU0zd21WR2tmcFVtejdsOWJSa2J0YTFqcnBHbnZicUd0ZklcL2JBK2NCVHhvb1NmWFRSZ0M2R3NNWWY2OW1tcXd4Y2pWQVlxaHo5M2dDVE82d0NKa3o5VTFSaVd5bmhKMUoxMXZBWWRyM2dNMGJzZTBIdVwvNjZZY1dWYkRsUkJBR2UweUx3bGVucmp6cGhwSk1ZdzlUU2xQSUtBUE9ieWN1cE4rbHQ2bVoyREJIM2tzMFFOQmZRZW0iLCJtYWMiOiJkNDQ2MGViNTQwNDEwYjZmMWNiY2U0YjliMjkyYWZjMjg0ZDE0OGQ3OTNjNTMzNGI3MzVmYjZmMWFjZWJiNjY3In0%3D; Js6EHTIqT99dPO0kAV3MzQwjzO30QN9jDzRnsFqp=eyJpdiI6IkRJNFFvOWl5TjRyK1FnenYzeE5waWc9PSIsInZhbHVlIjoiZURGMWZoVmVqQXgyXC9TRDdiZnpnRVdGR0tJYlRUS1NOcGdDVGNxUmFCVmdibkY3OEdRditneE8yUkUxSG9Kd1JrdU42aU1zV1wvNG04bEsyN3hEWU1oVVpmQUwxN1VDWEZYOVowcHgxbkNHVkVzUkRYWTNabTRPcWJHQW5aU0VnMTJcLzg4b1MzUjRrTmF2TklCbm5VWml5WWtKa2gyeUJtYzBXUVdYZWE5b3JOYTZ0T1lRMHlacUthRlg2K1piOWtQa3lXQjdBNVwvejR4eG5aalB6WDJjbmhFWlVPNjgzREJGOTBOcitqMU5YNnR0a0dcL3pFZ0lxdXorOGlFVzk1QXFzN0xxa2dTRklCTmdCYnJNelNWVDY3QmVHRWEyZ0YzZEVkR01uQk9KYWcwYWZ2NEdkR3BvblEzclNcL2lPa0ZXYmhsVEhUTER3ZnFRSXVqQlF1aHB1c09DcjdGdkZwTm1LNStMY3hMRDhqU2lTUFUyOEk2cmphOVwvUDhTN0dIYnZFXC9vWHBJaXFuRGZWbGF1ZFdKRGlEUVVFcFwvMXE1VlwvZzgxSndsZmZySmJmVm10ZFNWMFdPVjhlM1pLRUFWdE4xaVZsNHZHNEtRRDRxM2FrRG5cL0FCXC9QWTl0RnlCaHpoOXo0R3BscUM5MUh3SXl0TlBmQkx6cDJZRGl3ckQ0STlPUXh4RWFHNWRpY05jRnpNS1wvSENSbklxTjE5UjNpZ1M5b0FPcWUyQkJaRTNmU3pBOXp3eld5YmdxbmRsWWR0RWFhTUhmblIzbDl5MUZIUHpRREk2UGtpY1F4Mmc3U1NseElyeitYbGJST3A2YVk9IiwibWFjIjoiOGYwYTI2Nzc0OWJiYzM0NmY5OGM2OTZiMzVhMTJiODcyODY0OWExNDZkZGIyZTY1OTYzN2JhZDJiMjY4OWQ0NyJ9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 18:29:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=MFHzCY9Bs1VKWmb0NudbsevHXTTKWevZVskqtvJyv1TvZUf8Ncm+o/kFUalURv6TjqGKqXASPKbH2cIajVl+kuvYZfxLs31OGCPLxoYL0aQOeA8Xz1WUEsELB8ga; Expires=Sun, 29 Nov 2020 18:29:58 GMT; Path=/ AWSALBCORS=MFHzCY9Bs1VKWmb0NudbsevHXTTKWevZVskqtvJyv1TvZUf8Ncm+o/kFUalURv6TjqGKqXASPKbH2cIajVl+kuvYZfxLs31OGCPLxoYL0aQOeA8Xz1WUEsELB8ga; Expires=Sun, 29 Nov 2020 18:29:58 GMT; Path=/; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0692d15e900000d6e9c08a6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4WqMeqjV1c%2Bo3%2B%2BIsnrvNw7WgsFGMHV6HL22C4Yf8zphGtsZp5gHUi8RWLsZnApEF8yg%2BeGJIhTWjQxWTP6YjU1CRiNCYa4MBLyw9hGQ1TxPnLQbn3dv5Vt%2FbqDj8VM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f64b810ec66d6e9-FRA
content-encoding: br

Redirect headers

date: Sun, 22 Nov 2020 18:29:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df8eedf48bc524c0c820b3cbb2a137a621606069797; expires=Tue, 22-Dec-20 18:29:57 GMT; path=/; domain=.trlxcf02.com; HttpOnly; SameSite=Lax AWSALB=lMfceHQ2Zqww1DJISDuO2RHhSDwSmRYbuddrQeRC7sIyTw0dZMg3k6eYHFrzR92xmKSEW4a120v5b64iRmgk64HsEgytcq49y+7zpYvPq1y6G+8arujd+yn7iqI8; Expires=Sun, 29 Nov 2020 18:29:58 GMT; Path=/ AWSALBCORS=lMfceHQ2Zqww1DJISDuO2RHhSDwSmRYbuddrQeRC7sIyTw0dZMg3k6eYHFrzR92xmKSEW4a120v5b64iRmgk64HsEgytcq49y+7zpYvPq1y6G+8arujd+yn7iqI8; Expires=Sun, 29 Nov 2020 18:29:58 GMT; Path=/; SameSite=None XSRF-TOKEN=eyJpdiI6InU2RDJtMDVwZHN3eG91Skwrelo3bkE9PSIsInZhbHVlIjoibEtKZktweDlkXC82RkZiSTBIZHU5WThPbjh2TTJRb09XdmpKcjlaYjJqVk1IZGhidEdHZkZ4bVQ2TEZDYXF2eUptXC9ZVHJrRXdiNW4rb3ZmODBwSndVZz09IiwibWFjIjoiOTQ5MTEwNTgyOTQ0MjY5Yjc3ODQzMjE4MmNmMWJhNTZkMzdiMTdlMTM2MjkwZTJkNDA3MjY0MjliZmRlMjdlYyJ9; expires=Sun, 22-Nov-2020 20:29:58 GMT; Max-Age=7200; path=/ session=eyJpdiI6IlJwZGZKK20zZGhVcENkdnVLMEJQQUE9PSIsInZhbHVlIjoiQzAzSXBuTmRkM3F3M0QxTnBSckZLUkxla0NHeG56YWI2N1FKNTJwc0F3cndcL0h4dlRFSkpWeFU1MkZrcDZvMTQyNlpoZW53SHFyTkdpbmNZY1dCTFVRPT0iLCJtYWMiOiI5ODUwZTcxY2EwYTEyZjgwZjJkZGUwNjkxMTUyZjg1ZWE5MjMyODIyMjA5NjAxNDJjN2VmMGZhOGM2ZDRhODdlIn0%3D; expires=Sun, 22-Nov-2020 20:29:58 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6IjA5UExURFp5SkJuK2JWNklOcG9salE9PSIsInZhbHVlIjoiWnA3R0NCdmY0QU0zd21WR2tmcFVtejdsOWJSa2J0YTFqcnBHbnZicUd0ZklcL2JBK2NCVHhvb1NmWFRSZ0M2R3NNWWY2OW1tcXd4Y2pWQVlxaHo5M2dDVE82d0NKa3o5VTFSaVd5bmhKMUoxMXZBWWRyM2dNMGJzZTBIdVwvNjZZY1dWYkRsUkJBR2UweUx3bGVucmp6cGhwSk1ZdzlUU2xQSUtBUE9ieWN1cE4rbHQ2bVoyREJIM2tzMFFOQmZRZW0iLCJtYWMiOiJkNDQ2MGViNTQwNDEwYjZmMWNiY2U0YjliMjkyYWZjMjg0ZDE0OGQ3OTNjNTMzNGI3MzVmYjZmMWFjZWJiNjY3In0%3D; expires=Mon, 23-Nov-2020 18:29:58 GMT; Max-Age=86400; path=/; HttpOnly Js6EHTIqT99dPO0kAV3MzQwjzO30QN9jDzRnsFqp=eyJpdiI6IkRJNFFvOWl5TjRyK1FnenYzeE5waWc9PSIsInZhbHVlIjoiZURGMWZoVmVqQXgyXC9TRDdiZnpnRVdGR0tJYlRUS1NOcGdDVGNxUmFCVmdibkY3OEdRditneE8yUkUxSG9Kd1JrdU42aU1zV1wvNG04bEsyN3hEWU1oVVpmQUwxN1VDWEZYOVowcHgxbkNHVkVzUkRYWTNabTRPcWJHQW5aU0VnMTJcLzg4b1MzUjRrTmF2TklCbm5VWml5WWtKa2gyeUJtYzBXUVdYZWE5b3JOYTZ0T1lRMHlacUthRlg2K1piOWtQa3lXQjdBNVwvejR4eG5aalB6WDJjbmhFWlVPNjgzREJGOTBOcitqMU5YNnR0a0dcL3pFZ0lxdXorOGlFVzk1QXFzN0xxa2dTRklCTmdCYnJNelNWVDY3QmVHRWEyZ0YzZEVkR01uQk9KYWcwYWZ2NEdkR3BvblEzclNcL2lPa0ZXYmhsVEhUTER3ZnFRSXVqQlF1aHB1c09DcjdGdkZwTm1LNStMY3hMRDhqU2lTUFUyOEk2cmphOVwvUDhTN0dIYnZFXC9vWHBJaXFuRGZWbGF1ZFdKRGlEUVVFcFwvMXE1VlwvZzgxSndsZmZySmJmVm10ZFNWMFdPVjhlM1pLRUFWdE4xaVZsNHZHNEtRRDRxM2FrRG5cL0FCXC9QWTl0RnlCaHpoOXo0R3BscUM5MUh3SXl0TlBmQkx6cDJZRGl3ckQ0STlPUXh4RWFHNWRpY05jRnpNS1wvSENSbklxTjE5UjNpZ1M5b0FPcWUyQkJaRTNmU3pBOXp3eld5YmdxbmRsWWR0RWFhTUhmblIzbDl5MUZIUHpRREk2UGtpY1F4Mmc3U1NseElyeitYbGJST3A2YVk9IiwibWFjIjoiOGYwYTI2Nzc0OWJiYzM0NmY5OGM2OTZiMzVhMTJiODcyODY0OWExNDZkZGIyZTY1OTYzN2JhZDJiMjY4OWQ0NyJ9; expires=Sun, 22-Nov-2020 20:29:58 GMT; Max-Age=7200; path=/; HttpOnly
cache-control: no-cache, private
location: /main/d.php?s=1&link=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dad2c777b-450b-45d8-9e78-4617d0c3fe2d
cf-cache-status: DYNAMIC
cf-request-id: 0692d15c230000d6e9da1ae000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vXB6%2FGonn1dkuXMsHxTj12xrXZolAttHnPMXkep%2FuHLVA49SuoBabDZNmPyzUBsFwelOZZOqcmDiYRmC%2B5i8kqgT7st0rgd%2Br8V9SK2VgnsbksJYUg0rhCXWTtKx0zc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f64b80d0c1fd6e9-FRA

GET
H/1.1 200
OK Primary Request Cookie set tr_bfmmdenopre Show response
lw-germany.com/de_de/ 126 KB
29 KB 378ms
174ms Document
text/html 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

b9f6ee33583a10883afda9579d5861abc0078a28090484d2d2f35b406c6817d9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: lw-germany.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: visitId=0b8ef966078feb4e1dab345bbd5debc303369456f3260faac9c49e8ae4004c63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22visitId%22%3Bi%3A1%3Bs%3A35%3A%22qbeYHlvZcV-5fbaae26c96c4345373e9b94%22%3B%7D; expires=Tue, 22-Dec-2020 18:29:59 GMT; Max-Age=2592000; path=/; HttpOnly _csrf-frontend=fe4af07139f26c05e7c6e1d7a8d949884a2a22cf23647780694e6fb9dcafa9eaa%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22km33vzX4ytUj9p7RTsQxD4RZha468cbz%22%3B%7D; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Encoding: gzip

GET
H/1.1 200
OK common.css
lw-germany.com/bundles/ 2 KB
1 KB 92ms
59ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/bundles/common.css?v=1605886531

Requested by

Host: lw-germany.com
URL: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:35:31 GMT
Server: nginx
ETag: W/"5fb7e243-72b"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_main_style.css
lw-germany.com/bundles/ 132 KB
28 KB 149ms
57ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/bundles/flamingo_main_style.css?v=1605886556

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

b5ff2ec7b008c40a6629894df4951f4127e6447df3fa7b5bd3ad2118c56b0c54

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:35:56 GMT
Server: nginx
ETag: W/"5fb7e25c-20fab"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_layout_layout-4steps.css
lw-germany.com/bundles/ 106 KB
22 KB 127ms
33ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/bundles/flamingo_layout_layout-4steps.css?v=1605886557

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

c74a2d925d32fee490f1b123013666dd7fc6e5d2b08e2474c8f3745de75c2a3e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:35:48 GMT
Server: nginx
ETag: W/"5fb7e254-1a91c"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_color_white.css
lw-germany.com/bundles/ 12 KB
2 KB 125ms
29ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/bundles/flamingo_color_white.css?v=1605886559

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

8c63ee1c9d488d8f070c5865f4d8f32d0396ca6adf054fc6bb0e9e2e4186172a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:35:31 GMT
Server: nginx
ETag: W/"5fb7e243-30dd"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_brand_samsung-s9-uk.css
lw-germany.com/bundles/ 8 KB
2 KB 157ms
30ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1605886559

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

be38cdc0b740422ba5962887ace345ae5c0cf263625b23645e21436dcb6c7d8e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:35:32 GMT
Server: nginx
ETag: W/"5fb7e244-1fb7"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK flamingo_extra_empty.css
lw-germany.com/bundles/ 0
413 B 167ms
35ms Stylesheet
text/css 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/bundles/flamingo_extra_empty.css?v=1605886565

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:36:05 GMT
Server: nginx
ETag: "5fb7e265-0"
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 2_8850352941737efd2c313db1613e94c1.png
lw-germany.com/uploads/landings/8339/main/ 319 KB
320 KB 35ms
33ms Image
image/png 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lw-germany.com/uploads/landings/8339/main/2_8850352941737efd2c313db1613e94c1.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

05a29f6d3112600487aaa48c7a0a633983fa2dae48831b3d5188e3fbaf207956

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 07 Jan 2019 12:52:43 GMT
Server: nginx
ETag: "5c334b9b-4fc74"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 326772
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 3_e1172ddbfea5f87951baaab988854450.jpg
lw-germany.com/uploads/landings/8339/main/ 148 KB
148 KB 53ms
52ms Image
image/jpeg 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lw-germany.com/uploads/landings/8339/main/3_e1172ddbfea5f87951baaab988854450.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

2bf100ad9c2a6632df59281ac992cae309864d9ccf9b828de1f58b0ed344f946

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 07 Jan 2019 12:52:43 GMT
Server: nginx
ETag: "5c334b9b-24ecf"
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151247
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 4_3626a44cdcc1727867ede99dc0bd920a.svg
lw-germany.com/uploads/landings/8339/main/ 2 KB
1 KB 54ms
27ms Image
image/svg+xml 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lw-germany.com/uploads/landings/8339/main/4_3626a44cdcc1727867ede99dc0bd920a.svg
Requested by: Host: lw-germany.com
URL: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: nginx /
Resource Hash: c9b73a88475e88f9fb290cde36d82cd8e742b4664fb84737dbbc634446566fcc

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jan 2019 12:52:43 GMT
Server: nginx
ETag: W/"5c334b9b-7c3"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 29 Nov 2020 18:29:59 GMT

GET
H/1.1 200
OK 5_81eabdb7d70e87e9c8922ee54fe608ad.svg
lw-germany.com/uploads/landings/8339/main/ 662 B
741 B 98ms
61ms Image
image/svg+xml 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lw-germany.com/uploads/landings/8339/main/5_81eabdb7d70e87e9c8922ee54fe608ad.svg
Requested by: Host: lw-germany.com
URL: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: nginx /
Resource Hash: 79761c1d3145340f14662606b227767fc7b8466cb608caf8479388bb6e6da66b

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jan 2019 12:52:43 GMT
Server: nginx
ETag: W/"5c334b9b-296"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 29 Nov 2020 18:29:59 GMT

GET
H/1.1 200
OK 6_b62296920055904f4785d97394b4de91.svg
lw-germany.com/uploads/landings/8339/main/ 773 B
817 B 19ms
19ms Image
image/svg+xml 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lw-germany.com/uploads/landings/8339/main/6_b62296920055904f4785d97394b4de91.svg
Requested by: Host: lw-germany.com
URL: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),
Reverse DNS
Software: nginx /
Resource Hash: bab73517c0ae20d5addc03d1f8eb46fde709f42a5f91d1cb9d2afff7da9cf314

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Jan 2019 12:52:43 GMT
Server: nginx
ETag: W/"5c334b9b-305"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 29 Nov 2020 18:29:59 GMT

GET
H2 200 EHawkTalon.js Show response
djjcyqvteia9v.cloudfront.net/ 43 KB
43 KB 49ms
17ms Script
application/javascript 2600:9000:2104:7800:2:7bf5:a0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:7800:2:7bf5:a0c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 19:22:51 GMT
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
last-modified: Mon, 04 May 2020 17:54:16 GMT
server: Apache
age: 342428
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 43822
x-amz-cf-id: M7veuYE65KGpG-JgABJgX6jPAHK_TogTq9NHfFDvXG3mQgQn-MnJ5g==
expires: Fri, 18 Dec 2020 19:22:51 GMT

GET
H2 200 5caf02536774b.png
cdn.cloudcnt.com/uploads/entityLogos/ 3 KB
4 KB 84ms
29ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/uploads/entityLogos/5caf02536774b.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bfe854925ea083ffd5d883a565d6deb7104539a443f0a7367975962ca706003a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2185
x-cache: Hit from cloudfront
date: Sun, 22 Nov 2020 17:53:54 GMT
content-length: 3423
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Apr 2019 09:01:07 GMT
server: nginx
etag: "5caf0253-d5f"
content-type: image/png
x-amz-cf-pop: MRS52-C1
accept-ranges: bytes
x-amz-cf-id: idbyeiaatBPhQRuvNx58T-cjhvqBWQdxCGDsfJpg1gZxpcGZRvWLDQ==

GET
H/1.1 200
OK common.js Show response
lw-germany.com/bundles/ 419 KB
118 KB 37ms
37ms Script
application/javascript 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/bundles/common.js?v=1605886531

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

1e4267a737fd9ce379e235cfb5289aadea23f9c188b658dc5c5302e08e8fef3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:35:31 GMT
Server: nginx
ETag: W/"5fb7e243-68b90"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Form.js Show response
lw-germany.com/assets/57baba60/js/ 9 KB
2 KB 65ms
62ms Script
application/javascript 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/assets/57baba60/js/Form.js?v=1605886570

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

7090c8ce3dc1702e3f2c0408de14f7a8f677586187b7b41d46826d157de36b82

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:36:10 GMT
Server: nginx
ETag: W/"5fb7e26a-2275"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK scripts.js Show response
lw-germany.com/assets/f6d3e949/js/ 2 KB
1 KB 27ms
25ms Script
application/javascript 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/assets/f6d3e949/js/scripts.js?v=1605886570

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

89ad71822e874a1edddd658dd450f9013a97d4847fb6c9efed59134aba4e6b16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:36:11 GMT
Server: nginx
ETag: W/"5fb7e26b-7d2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 27ms
13ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: lw-germany.com
URL: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 18:29:59 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1193
etag: W/"af07e3bccd7885748057bb532c526ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 5f64b81709483237-FRA
cf-request-id: 0692d1626900003237cdbd0000000001
expires: Mon, 23 Nov 2020 06:29:59 GMT

GET
H2 200 auto-push.min.js Show response
api.mdsyzz.info/ 3 KB
2 KB 355ms
312ms Script
application/x-javascript 2606:4700:3032::681f:582e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mdsyzz.info/auto-push.min.js
Requested by: Host: lw-germany.com
URL: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681f:582e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b06f7d0490cab0748132202a04418a8ff03b3c58435aa22f22ac241504ef0722

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 18:29:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 20 Nov 2020 16:39:50 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"08fafc35bbfd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BHFNUkEliILKjqAIVCsivhr3YYTn2DBBQEdPzrVGpggdy2vVeHXGs4DrgSHWfbnwR94AxVkIcF%2B4JT6VEU0JSlSlzml4tcYS0iyGcdoCAnUPmyC%2BtdJ9DqL%2F0%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f64b817386316f2-FRA
cf-request-id: 0692d16287000016f29d348000000001

GET
H2 200 css
fonts.googleapis.com/ 10 KB
834 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Requested by

Host: lw-germany.com
URL: https://lw-germany.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1605886559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51f2f79e64b33d994f8c1f25ad14f451b51597dd36bfb9bed179b5e88315cc75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lw-germany.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1605886559
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 18:29:59 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sun, 22 Nov 2020 18:29:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 22 Nov 2020 18:29:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
641 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,600,700,800,900&subset=latin-ext

Requested by

Host: lw-germany.com
URL: https://lw-germany.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1605886559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18400525a8cd30c2ea60b97451937bb13a3ed0e8358195c49f0092e0bd90eaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lw-germany.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1605886559
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 18:29:59 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sun, 22 Nov 2020 18:29:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 22 Nov 2020 18:29:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 29 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: lw-germany.com
URL: https://lw-germany.com/bundles/flamingo_main_style.css?v=1605886556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18b99ca0bbec52d747e3564e0e734bd88232ae3614cb16c83a52a2a9c29d4908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lw-germany.com/bundles/flamingo_main_style.css?v=1605886556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 17:43:33 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sun, 22 Nov 2020 18:29:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 22 Nov 2020 18:29:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 387 B
384 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Indie+Flower

Requested by

Host: lw-germany.com
URL: https://lw-germany.com/bundles/flamingo_main_style.css?v=1605886556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73ddcd62b141cd720099a5271145e7334e2adca2237c344d3a77e6df29247bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lw-germany.com/bundles/flamingo_main_style.css?v=1605886556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 16:36:21 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sun, 22 Nov 2020 18:29:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 22 Nov 2020 18:29:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4451
date: Sun, 22 Nov 2020 17:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 22 Nov 2020 19:15:48 GMT

GET
H/1.1 200
OK 1_c64c55adf6201c9eee9a5b10c01decff.jpg
lw-germany.com/uploads/landings/8339/main/ 162 KB
162 KB 74ms
67ms Image
image/jpeg 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lw-germany.com/uploads/landings/8339/main/1_c64c55adf6201c9eee9a5b10c01decff.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

25abc2be76660307c4964a816b822098c4c59a90f998c65af513b45afbde6d3d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 07 Jan 2019 12:52:43 GMT
Server: nginx
ETag: "5c334b9b-28812"
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 165906
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK lock_grey.png
lw-germany.com/bundles/f6d3e949/images/ 2 KB
3 KB 42ms
24ms Image
image/png 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lw-germany.com/bundles/f6d3e949/images/lock_grey.png

Requested by

Host: lw-germany.com
URL: https://lw-germany.com/bundles/flamingo_layout_layout-4steps.css?v=1605886557

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

e507babf987b47de747a47fb3bd2d3ed3438528784241632f8fc776e290e15eb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/bundles/flamingo_layout_layout-4steps.css?v=1605886557
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Nov 2020 15:34:54 GMT
Server: nginx
ETag: "5fb7e21e-898"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2200
X-Content-Type-Options: nosniff

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lw-germany.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 18:57:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:44 GMT
server: sffe
age: 84753
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9192
x-xss-protection: 0
expires: Sun, 21 Nov 2021 18:57:26 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lw-germany.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 16:29:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 525615
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Tue, 16 Nov 2021 16:29:44 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lw-germany.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 19:32:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 82653
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sun, 21 Nov 2021 19:32:26 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lw-germany.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 08:17:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 36758
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Mon, 22 Nov 2021 08:17:21 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lw-germany.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:20:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 457757
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:20:42 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://lw-germany.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:43 GMT
server: sffe
age: 25762
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13560
x-xss-protection: 0
expires: Mon, 22 Nov 2021 11:20:37 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 112 KB
37 KB 45ms
30ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P8KTJJW&cid=1222663579.1606069800

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3baf9d02021ddedeb06925b094da105fd2b93aa4aada8c3fa83dd98bc6c621e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 18:29:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37057
x-xss-protection: 0
expires: Sun, 22 Nov 2020 18:29:59 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
168 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=988225296&t=pageview&_s=1&dl=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dad2c777b-450b-45d8-9e78-4617d0c3fe2d&ul=en-us&de=UTF-8&dt=Gewinne!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADQAAAAC~&jid=151595874&gjid=547327410&cid=1222663579.1606069800&tid=UA-111673602-1&_gid=2051788894.1606069800&_r=1&_slc=1&z=1234304550

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Nov 2020 18:29:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lw-germany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 42ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-111673602-1&cid=1222663579.1606069800&jid=151595874&gjid=547327410&_gid=2051788894.1606069800&_u=aGBAAEACQAAAAC~&z=1858169742

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 Nov 2020 18:29:59 GMT
content-type: text/plain
access-control-allow-origin: https://lw-germany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 172ms
52ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: lw-germany.com
URL: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 18:30:00 GMT
content-encoding: gzip
x-amz-request-id: A21809B1C987C063
x-cache: HIT
content-length: 10624
x-amz-id-2: 5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by: cache-hhn4023-HHN
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1606069800.024970,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 45246

GET
H/1.1 200
OK sponsor Show response
lw-germany.com/ 54 KB
10 KB 117ms
116ms XHR
application/json 185.128.34.117
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL

https://lw-germany.com/sponsor?externalId=qbeYHlvZcV-5fbaae26c96c4345373e9b94

Requested by

Host: lw-germany.com
URL: https://lw-germany.com/bundles/common.js?v=1605886531

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER / UNET Network, NL),

Reverse DNS

Software

nginx /

Resource Hash

03d561a34b74ef3ff5b0a2dd6460bf092aa292c9cf90582c8c03f472332c69de

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 22 Nov 2020 18:29:59 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=988225296&t=event&_s=2&dl=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dad2c777b-450b-45d8-9e78-4617d0c3fe2d&ul=en-us&de=UTF-8&dt=Gewinne!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tr_bfmmdenopre.100481.1588&ea=01.%20home&_u=aGBAAEADQAAAAC~&jid=&gjid=&cid=1222663579.1606069800&tid=UA-111673602-1&_gid=2051788894.1606069800&z=839167165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 22:16:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72816
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=988225296&t=timing&_s=3&dl=https%3A%2F%2Flw-germany.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-5fbaae26c96c4345373e9b94%26networkid%3D100481%26publisher%3D1588%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3Dad2c777b-450b-45d8-9e78-4617d0c3fe2d&ul=en-us&de=UTF-8&dt=Gewinne!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=932&pdt=45&dns=7&rrt=2&srt=174&tcp=196&dit=931&clt=931&_gst=572&_gbt=711&_u=aGBAAEADQAAAAC~&jid=&gjid=&cid=1222663579.1606069800&tid=UA-111673602-1&_gid=2051788894.1606069800&z=1446189688

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 22:16:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72816
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5b8ff035179b6.jpg
cdn.cloudcnt.com/content/image/ 9 KB
9 KB 32ms
25ms Image
image/jpeg 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b8ff035179b6.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ded9d1b70d03b7dcbc6d6e22bc570ca717516d77eb2221200d988e9d2adb6f71

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 17:10:59 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 91141
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: d4Zo-nGTGNW2dpVFwHw-VfziT-vN3Kk_I7xEjpGZSsQKc4je9eJMNg==
x-xss-protection: 1; mode=block

GET
H2 200 5c6e6979b0366.jpg
cdn.cloudcnt.com/content/image/ 10 KB
11 KB 84ms
77ms Image
image/jpeg 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c6e6979b0366.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7dd3ddef06a2cd439415afed00b4fb2f21519aef3cc3247a0d36245677f34d60

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 14:32:24 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 100656
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: m0i_C6FWoHtmyci_LfHNnMa_26QEal2sbq3Ps_IBZP-zi7Xp-OrAeQ==
x-xss-protection: 1; mode=block

GET
H2 200 5b9146568d1a8.png
cdn.cloudcnt.com/content/image/ 18 KB
18 KB 55ms
49ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b9146568d1a8.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7afe4e0c85b78a136d5549874e91936414c6594eb41562cef9cd7ec369a00c8c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 10:58:20 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 199900
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: 7D4U84foFtwj7D4wJ4e92ZvinWJgAieLbPSe4G72qG8yI_0tdseV5Q==
x-xss-protection: 1; mode=block

GET
H2 200 5d4989a9dd066.jpg
cdn.cloudcnt.com/content/image/ 41 KB
41 KB 59ms
53ms Image
image/jpeg 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d4989a9dd066.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b468367aabe8b610a7a1a8935c4fba7407d9629abd009bceae4d101a7b0e1f44

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 10:58:20 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 199900
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: -jIDSZjYSV9A5_DZeq9iyvKy69rRQisaL0vhEZ4LaQ8gwU76oA90og==
x-xss-protection: 1; mode=block

GET
H2 200 5c629ed7939c1.jpg
cdn.cloudcnt.com/content/image/ 9 KB
10 KB 82ms
75ms Image
image/jpeg 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c629ed7939c1.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dac87e71da029477fab6c767f7e1f83720602ee44a8ea8b20b82b5c142146e72

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 08:22:34 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 209246
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: x9Rk5N3V3HLzfKwIwd2_xpfTU02aB_v25_x3ZyLNAb8pld3gGmDDkQ==
x-xss-protection: 1; mode=block

GET
H2 200 5bf6d65d0b581.png
cdn.cloudcnt.com/content/image/ 8 KB
9 KB 79ms
73ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5bf6d65d0b581.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b92e9f07abbf0addf89b10529349a408d603339e6bf8e927e2c16f34415d7d22

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 10:13:21 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 29799
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: 0f9RxH11o_VMW6ZQW3FsGCJkO61w8ncJYl5DFAteQsUUJmF9Y1lFOQ==
x-xss-protection: 1; mode=block

GET
H2 200 5e67ac174dd68.png
cdn.cloudcnt.com/content/image/ 1 KB
2 KB 84ms
78ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e67ac174dd68.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fbd5df2eb9eb5d251ce51ecaed0e3d3b0a5e3e44e39f9efbe8046af520ef6a4d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 10:58:20 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 199900
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: udl5RiYdiXERQGIzc_1lzFB33xclvcwBF_zo2SB31sI0Trxi5SQFhw==
x-xss-protection: 1; mode=block

GET
H2 200 5b76b6fddcf47.png
cdn.cloudcnt.com/content/image/ 13 KB
14 KB 98ms
92ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b76b6fddcf47.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

05bc39fb310731e18f96f1c5f8dd558b08b8a6639e5fb24595e6b0bd74a94470

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 17:10:59 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 91141
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: R_B_FsVQzBk4Ybkf6Ttb40Kt7HxG-rvz_SlAFZFOts6GMsdfSTnPwQ==
x-xss-protection: 1; mode=block

GET
H2 200 5b8fcb96755d0.jpg
cdn.cloudcnt.com/content/image/ 11 KB
12 KB 93ms
87ms Image
image/jpeg 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5b8fcb96755d0.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 14:32:24 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 100656
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: w6JzGkghA7oMl-vjLpHhiJTvymfRYp1k8HcnG4JkcT6zss8z6xjLoQ==
x-xss-protection: 1; mode=block

GET
H2 200 5bd9b8c80bd8f.png
cdn.cloudcnt.com/content/image/ 10 KB
11 KB 107ms
101ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5bd9b8c80bd8f.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f39156e5e98660d25c9cd20f685b961c160feac042baf32dece3638223e7c312

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 05:07:57 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 220923
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: wAxvnBXl_qyNhlnEbkoOpSmaDFKs2iadWaCEJStvYFdd43wXpZOU6g==
x-xss-protection: 1; mode=block

GET
H2 200 5bd9bc96bbe50.png
cdn.cloudcnt.com/content/image/ 10 KB
11 KB 94ms
89ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5bd9bc96bbe50.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d4307811e885028aa2f2453d8301f47fad4c5a68fa66ec26198f30b745677ad4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:25:05 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 119095
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: 5d--jOuuzmyRBlPpG80fJ4puSq5Tcs8Iufxo0XiDz6wTfk3cypSIQQ==
x-xss-protection: 1; mode=block

GET
H2 200 5bd9be6b7afbe.png
cdn.cloudcnt.com/content/image/ 13 KB
13 KB 100ms
95ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5bd9be6b7afbe.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8d9d44741d4af545336a8dee0b5b0ff3e2983a1c691465614a0db794ab53d982

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 13:50:06 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 16794
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: vVfILCIraRUIQYkDEpqoUrPraLSnbKZhUuA0K67PcoEF_8--CDWNaA==
x-xss-protection: 1; mode=block

GET
H2 200 5c332463836b5.png
cdn.cloudcnt.com/content/image/ 4 KB
5 KB 100ms
95ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c332463836b5.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6301f3a52ebd083288eedaf2b623170e0b3c8178249d2b09a66dc22952859937

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:25:05 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 119095
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: PrxXkw_UGOLnZXehXxg0GdjcQ6BCdeptx6_vlt1m_lMghY7hpip1Rg==
x-xss-protection: 1; mode=block

GET
H2 200 5c35fe40dbd36.jpg
cdn.cloudcnt.com/content/image/ 10 KB
11 KB 120ms
115ms Image
image/jpeg 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c35fe40dbd36.jpg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ce874bd573d13063c9541b0aea89e88571150599a3f3e8658909856ce7af47b4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 20:47:42 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 164538
x-cache: Hit from cloudfront
content-type: image/JPEG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: RaoC4AnFIbNA7nRCYupfS8zbSKwIzIaAn6c5gyPqIzSdj5k8uAgAgw==
x-xss-protection: 1; mode=block

GET
H2 200 5c93716a8e49a.png
cdn.cloudcnt.com/content/image/ 4 KB
4 KB 101ms
96ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5c93716a8e49a.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d12746410faf422fc33f929e46776c6f41780eb8566f6a5b0aa023e2e77f37b8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 20:47:42 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 164538
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: 7ZPZeXRVRTGMS-zDd_pSMaW8sgcBsC9InqmjtgbdHaxQSYTUFCs27w==
x-xss-protection: 1; mode=block

GET
H2 200 5d8b663d3f95c.png
cdn.cloudcnt.com/content/image/ 16 KB
16 KB 114ms
109ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d8b663d3f95c.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

df14a4492e33f4fa6cc2aa4391c0b99f7fbccc642ad57a23f2edd5e4a2cf40aa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 11:14:16 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 112544
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: pTdQtN0ZJcwb9d0SllPk17hXd0NQ_i7QXU8SO-IR3tKjIF5M3KdbDQ==
x-xss-protection: 1; mode=block

GET
H2 200 5d9b0c7b7df65.png
cdn.cloudcnt.com/content/image/ 25 KB
26 KB 103ms
98ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9b0c7b7df65.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e9249dba30d8f9cfd8f022c2f3491e2379e3ca0e8b9fa291ee2c2b4814ecf955

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 04:47:30 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 49350
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: SNyb6ocsYtHPAu83dNvpPYchzHhjkz4eOQnpzlamAsqEe_NgicsWVQ==
x-xss-protection: 1; mode=block

GET
H2 200 5d9f03625eb67.png
cdn.cloudcnt.com/content/image/ 7 KB
8 KB 107ms
102ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9f03625eb67.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

271c318ca000ac87a32cd930db29468f6fe05a6af5523aa601592c188669f25c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 14:32:24 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 100656
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: USbNJ2JDikmLHaZdfX0uVPkrNN_v1-aiDPPCMGgC-6PFMbUixQVG1g==
x-xss-protection: 1; mode=block

GET
H2 200 5d9f07c287974.png
cdn.cloudcnt.com/content/image/ 12 KB
12 KB 111ms
107ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9f07c287974.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bc88c7e4bf0e21c16eb50ad10797c6a393abbc969996ac75419ee717a59d0566

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 10:13:21 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 29799
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: yDrscl4ceQbpJOM74QCSsMpmS603tI3hFhbPIi_y32UI4jfs-H8hEQ==
x-xss-protection: 1; mode=block

GET
H2 200 5d9f2ad17be9c.png
cdn.cloudcnt.com/content/image/ 13 KB
13 KB 108ms
104ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9f2ad17be9c.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4aef0fcf1747a503bfcb17761ddea97c3e0c4b6ad7e117f0b52b198fec6898e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 14:32:24 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 100656
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: LLCs2LP74ynpnvDL85N9Z-gfiK30h78qLK0UeqMvzVOqypgjztUL8w==
x-xss-protection: 1; mode=block

GET
H2 200 5d9f2bbcaba53.png
cdn.cloudcnt.com/content/image/ 15 KB
15 KB 122ms
119ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5d9f2bbcaba53.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ccba1298baf07e862e325680327de10bb6b43282a21321ef40f2f9b690a646d2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 10:58:20 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 199900
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: XdkJabkeEL-4J1PAInaNJvdextaBVLJ1eP-t7H9kwZ6XcXuek_kvFA==
x-xss-protection: 1; mode=block

GET
H2 200 5db2df8f5581f.png
cdn.cloudcnt.com/content/image/ 17 KB
18 KB 123ms
120ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5db2df8f5581f.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3d8205a4f20ba55fbed3826c083b70398658ffd9c1e16a5a2276bfaf93410feb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:25:05 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 119095
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: UcDyeg0FMypOQ_KrEJfDI1B8K3H4T581JWJj3Q48YSWqbYmtYaj9vw==
x-xss-protection: 1; mode=block

GET
H2 200 5e8601758c946.png
cdn.cloudcnt.com/content/image/ 15 KB
15 KB 120ms
117ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e8601758c946.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0a0d05463fc3d0f793b5826ff93479b0dc026bb77a5253bbf3ab1e825eb2afb0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 16:32:55 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 179825
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: h7po_78o1M7I_Mjp6ZYsNPuPgsZNgUtZCt1wteZ51x7dHGmrFukaDw==
x-xss-protection: 1; mode=block

GET
H2 200 5e85db22d5138.png
cdn.cloudcnt.com/content/image/ 17 KB
18 KB 117ms
114ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5e85db22d5138.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c6ae47dc678c4a8c42cf2ce4ddd7fdae99ea7bbf319ad12d6ecb76af9a989510

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 12:12:29 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 22651
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: 3xR9iMoIMQm79CH3Sr_Ug_l_kyxisUNJb9EdyLTyZY_BsW5eboPWVA==
x-xss-protection: 1; mode=block

GET
H2 200 5f195fdab85bb.png
cdn.cloudcnt.com/content/image/ 29 KB
29 KB 114ms
111ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5f195fdab85bb.png?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

39ae08ba44912ba00edf7c1c3780b7dd0d736aa48764490975be81c99d333fc5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 13:50:06 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 16794
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: jmo6nwKxpZsi1Xax-ZBl3dfdCe0Dm7Ng6DRh6RnPW5n-IJWgbjGHdg==
x-xss-protection: 1; mode=block

GET
H2 200 5f621a0078470.jpeg
cdn.cloudcnt.com/content/image/ 15 KB
16 KB 125ms
122ms Image
image/png 2600:9000:2022:6200:b:413c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cloudcnt.com/content/image/5f621a0078470.jpeg?size=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2022:6200:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9113bc02111f73a37db387e74847157b6a98c2634f141823d9f0e2c468054295

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 15:12:24 GMT
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 11856
x-cache: Hit from cloudfront
content-type: image/PNG
cache-control: max-age=259200
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop: MRS52-C1
x-amz-cf-id: CpXw2Ckdu5bA-djh9TjiN-NG61CRHglqx9PQbHUEX4BjbhBXiz_vQw==
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK NRJS-9facc869c359219f55d Show response
bam.eu01.nr-data.net/1/ 57 B
275 B 153ms
40ms Script
text/javascript 185.221.86.34
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-9facc869c359219f55d?a=32509574&v=1184.ab39b52&to=MhBSZQoZCBFYABZcWAtaZUMRVw8MXQYaG0cNBQ%3D%3D&rst=1250&ck=1&ref=https://lw-germany.com/de_de/tr_bfmmdenopre&ap=94&be=394&fe=931&dc=931&perf=%7B%22timing%22:%7B%22of%22:1606069798939,%22n%22:0,%22f%22:2,%22dn%22:3,%22dne%22:10,%22c%22:10,%22s%22:35,%22ce%22:206,%22rq%22:206,%22rp%22:380,%22rpe%22:425,%22dl%22:384,%22di%22:931,%22ds%22:931,%22de%22:931,%22dc%22:932,%22l%22:932,%22le%22:932%7D,%22navigation%22:%7B%7D%7D&fp=622&fcp=622&at=HldRE0IDGx8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.221.86.34 , Germany, ASN206998 (NEW-2, DE),
Reverse DNS
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://lw-germany.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-5fbaae26c96c4345373e9b94&networkid=100481&publisher=1588&c6=&c7=&s_id=&s_type=&ept2=ad2c777b-450b-45d8-9e78-4617d0c3fe2d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST NRJS-9facc869c359219f55d
bam.eu01.nr-data.net/events/1/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.eu01.nr-data.net
URL: https://bam.eu01.nr-data.net/events/1/NRJS-9facc869c359219f55d?a=32509574&v=1184.ab39b52&to=MhBSZQoZCBFYABZcWAtaZUMRVw8MXQYaG0cNBQ%3D%3D&rst=11250&ck=1&ref=https://lw-germany.com/de_de/tr_bfmmdenopre

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lw-germany.com/	1970-01-19 14:07:49	Name: _gat Value: 1
.lw-germany.com/	1970-01-19 14:09:16	Name: _gid Value: GA1.2.2051788894.1606069800
.lw-germany.com/	1970-01-20 07:39:01	Name: _ga Value: GA1.2.1222663579.1606069800
lw-germany.com/	1969-12-31 23:59:59	Name: _csrf-frontend Value: fe4af07139f26c05e7c6e1d7a8d949884a2a22cf23647780694e6fb9dcafa9eaa%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22km33vzX4ytUj9p7RTsQxD4RZha468cbz%22%3B%7D
lw-germany.com/	1970-01-19 14:51:01	Name: visitId Value: 0b8ef966078feb4e1dab345bbd5debc303369456f3260faac9c49e8ae4004c63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22visitId%22%3Bi%3A1%3Bs%3A35%3A%22qbeYHlvZcV-5fbaae26c96c4345373e9b94%22%3B%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mdsyzz.info
bam.eu01.nr-data.net
cdn.cloudcnt.com
cdn.onesignal.com
click.trlxcf02.com
djjcyqvteia9v.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
lipmentos.com
lw-germany.com
plaqexit.com
stats.g.doubleclick.net
www.google-analytics.com
bam.eu01.nr-data.net
151.101.114.110
185.128.34.117
185.221.86.34
185.230.140.88
2600:9000:2022:6200:b:413c:b700:93a1
2600:9000:2104:7800:2:7bf5:a0c0:21
2606:4700:3032::681f:582e
2606:4700:3037::681f:5e75
2606:4700::6812:e234
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:819::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9b
35.204.14.125
35.204.93.160
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
03d561a34b74ef3ff5b0a2dd6460bf092aa292c9cf90582c8c03f472332c69de
05a29f6d3112600487aaa48c7a0a633983fa2dae48831b3d5188e3fbaf207956
05bc39fb310731e18f96f1c5f8dd558b08b8a6639e5fb24595e6b0bd74a94470
08032b732064c7cabb63f2449884e3ca384383b867e2ba8c39d84ad98011791b
0a0d05463fc3d0f793b5826ff93479b0dc026bb77a5253bbf3ab1e825eb2afb0
18400525a8cd30c2ea60b97451937bb13a3ed0e8358195c49f0092e0bd90eaf5
18b99ca0bbec52d747e3564e0e734bd88232ae3614cb16c83a52a2a9c29d4908
1a2a572f006b242096d76275e8c9edb114f9aa65cbd67fd1c4d57053da83932f
1e4267a737fd9ce379e235cfb5289aadea23f9c188b658dc5c5302e08e8fef3c
25abc2be76660307c4964a816b822098c4c59a90f998c65af513b45afbde6d3d
271c318ca000ac87a32cd930db29468f6fe05a6af5523aa601592c188669f25c
2bf100ad9c2a6632df59281ac992cae309864d9ccf9b828de1f58b0ed344f946
39ae08ba44912ba00edf7c1c3780b7dd0d736aa48764490975be81c99d333fc5
3baf9d02021ddedeb06925b094da105fd2b93aa4aada8c3fa83dd98bc6c621e7
3d8205a4f20ba55fbed3826c083b70398658ffd9c1e16a5a2276bfaf93410feb
51f2f79e64b33d994f8c1f25ad14f451b51597dd36bfb9bed179b5e88315cc75
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6301f3a52ebd083288eedaf2b623170e0b3c8178249d2b09a66dc22952859937
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7090c8ce3dc1702e3f2c0408de14f7a8f677586187b7b41d46826d157de36b82
73ddcd62b141cd720099a5271145e7334e2adca2237c344d3a77e6df29247bec
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
79761c1d3145340f14662606b227767fc7b8466cb608caf8479388bb6e6da66b
7afe4e0c85b78a136d5549874e91936414c6594eb41562cef9cd7ec369a00c8c
7dd3ddef06a2cd439415afed00b4fb2f21519aef3cc3247a0d36245677f34d60
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89ad71822e874a1edddd658dd450f9013a97d4847fb6c9efed59134aba4e6b16
8c63ee1c9d488d8f070c5865f4d8f32d0396ca6adf054fc6bb0e9e2e4186172a
8d9d44741d4af545336a8dee0b5b0ff3e2983a1c691465614a0db794ab53d982
9113bc02111f73a37db387e74847157b6a98c2634f141823d9f0e2c468054295
93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b06f7d0490cab0748132202a04418a8ff03b3c58435aa22f22ac241504ef0722
b468367aabe8b610a7a1a8935c4fba7407d9629abd009bceae4d101a7b0e1f44
b5ff2ec7b008c40a6629894df4951f4127e6447df3fa7b5bd3ad2118c56b0c54
b92e9f07abbf0addf89b10529349a408d603339e6bf8e927e2c16f34415d7d22
b9f6ee33583a10883afda9579d5861abc0078a28090484d2d2f35b406c6817d9
bab73517c0ae20d5addc03d1f8eb46fde709f42a5f91d1cb9d2afff7da9cf314
bc88c7e4bf0e21c16eb50ad10797c6a393abbc969996ac75419ee717a59d0566
be38cdc0b740422ba5962887ace345ae5c0cf263625b23645e21436dcb6c7d8e
bfe854925ea083ffd5d883a565d6deb7104539a443f0a7367975962ca706003a
c4aef0fcf1747a503bfcb17761ddea97c3e0c4b6ad7e117f0b52b198fec6898e
c6ae47dc678c4a8c42cf2ce4ddd7fdae99ea7bbf319ad12d6ecb76af9a989510
c74a2d925d32fee490f1b123013666dd7fc6e5d2b08e2474c8f3745de75c2a3e
c9b73a88475e88f9fb290cde36d82cd8e742b4664fb84737dbbc634446566fcc
ccba1298baf07e862e325680327de10bb6b43282a21321ef40f2f9b690a646d2
ce874bd573d13063c9541b0aea89e88571150599a3f3e8658909856ce7af47b4
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d12746410faf422fc33f929e46776c6f41780eb8566f6a5b0aa023e2e77f37b8
d4307811e885028aa2f2453d8301f47fad4c5a68fa66ec26198f30b745677ad4
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
dac87e71da029477fab6c767f7e1f83720602ee44a8ea8b20b82b5c142146e72
ded9d1b70d03b7dcbc6d6e22bc570ca717516d77eb2221200d988e9d2adb6f71
df14a4492e33f4fa6cc2aa4391c0b99f7fbccc642ad57a23f2edd5e4a2cf40aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e507babf987b47de747a47fb3bd2d3ed3438528784241632f8fc776e290e15eb
e9249dba30d8f9cfd8f022c2f3491e2379e3ca0e8b9fa291ee2c2b4814ecf955
f39156e5e98660d25c9cd20f685b961c160feac042baf32dece3638223e7c312
fbd5df2eb9eb5d251ce51ecaed0e3d3b0a5e3e44e39f9efbe8046af520ef6a4d
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

lw-germany.com Open in urlscan Pro 185.128.34.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

99 %HTTPS

63 %IPv6

14 Domains

14 Subdomains

14 IPs

6 Countries

1403 kBTransfer

2210 kBSize

5 Cookies

50 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lw-germany.com Open in urlscan Pro
185.128.34.117 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

99 %
HTTPS

63 %
IPv6

14
Domains

14
Subdomains

14
IPs

6
Countries

1403 kB
Transfer

2210 kB
Size

5
Cookies

68 HTTP transactions
0 data transactions