ww2.liftrelations.com Open in urlscan Pro
13.69.228.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u23575444.ct.sendgrid.net/ls/click?upn=1fFmwOVCb4CfK1j9kwGMqHYDotF0tmVEyPbZCa6z8u6X3B6tcCrEAKT7Fcbu6VO-2BnfR2lWEurX-2BfPEC...
Effective URL:
https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
Submission: On January 24 via manual (January 24th 2022, 9:56:59 am UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 21 HTTP transactions. The main IP is 13.69.228.12, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ww2.liftrelations.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on November 28th 2021. Valid for: 6 months.

This is the only time ww2.liftrelations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
3 18	13.69.228.12 13.69.228.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
21	6

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u23575444.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.69.228.12 (Dublin, Ireland) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ww2.liftrelations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	liftrelations.com 3 redirects ww2.liftrelations.com	275 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5557	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 13	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	446 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	37 KB
1	sendgrid.net 1 redirects u23575444.ct.sendgrid.net	319 B
21	7

	Domain	Requested by
18	ww2.liftrelations.com	3 redirects ww2.liftrelations.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	ww2.liftrelations.com
1	u23575444.ct.sendgrid.net	1 redirects
21	7

This site contains no links.

Subject Issuer	Validity	Valid
ww2.liftrelations.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-28` - `2022-05-27`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
Frame ID: 23D458DE355096DBCC98C02506684358
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Evaluation

Page URL History Show full URLs

https://u23575444.ct.sendgrid.net/ls/click?upn=1fFmwOVCb4CfK1j9kwGMqHYDotF0tmVEyPbZCa6z8u6X3B6tcCrEAKT7Fcbu6VO... HTTP 302
https://ww2.liftrelations.com/Auth/login?email=Holly.Gammage&token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTV... HTTP 302
https://ww2.liftrelations.com/Localize/Index/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DOTZGNzY3MT... HTTP 302
https://ww2.liftrelations.com/Localize/Set/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DOTZGNzY3MTMt... HTTP 302
https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

21
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

331 kB
Transfer

859 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u23575444.ct.sendgrid.net/ls/click?upn=1fFmwOVCb4CfK1j9kwGMqHYDotF0tmVEyPbZCa6z8u6X3B6tcCrEAKT7Fcbu6VO-2BnfR2lWEurX-2BfPEC5D55Dnp6palYsF-2BRdxmkEbVOo-2BYoETeu-2FWn9Ww-2FwE-2B0IbSBFP-2BtnJRIELcNZQhAh4TbwFYQv1JJBAReCMFMLmQ-2BFSPz0-3DQNUX_QFRPfkIsnhCwygLmSkZqlK9FXMJwmli5QEtD-2BhQ8IFHJCPx0dOywGNT5miEEQuqTII0GO8ZpJ-2BJ33wIJyzvVj19kba2BGT1hTBsclrnSNQUnS8LFezFMK2zWBVYyQSML59Q-2BpoGxChLt-2FdepwpAmic8FJUiv2b338Wk-2BJrHSpUylmpQ3Gt-2BoLraTOO8LjTVxc5dD8PNu-2FrO6XytsmrUhpbY7TskivM89rVzRP-2FZo9fCpX8Q68lnWJb7fcF4fbnkrPJK12bmqLyjYwxGHRtl-2BwxHHWS4CXofhbdKRUdeCVFmGoogEKgPYtmpJ19SfGzFDn0Eb-2BG-2BfgZdr7c03uE-2Bf0A4Zf1DizI0SRQIgGL1hi5Nyp2y03bGCSbh069jTFNePx9EM7YP30yC5JNuE2wV-2F-2Fg4TxMOvPakIeFb88zdtsqkR8etstWAdKETLEiWuWL0o HTTP 302
https://ww2.liftrelations.com/Auth/login?email=Holly.Gammage&token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz HTTP 302
https://ww2.liftrelations.com/Localize/Index/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DOTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz HTTP 302
https://ww2.liftrelations.com/Localize/Set/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DOTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz HTTP 302
https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Index Show response
ww2.liftrelations.com/Account/Survey/
Redirect Chain

https://u23575444.ct.sendgrid.net/ls/click?upn=1fFmwOVCb4CfK1j9kwGMqHYDotF0tmVEyPbZCa6z8u6X3B6tcCrEAKT7Fcbu6VO-2BnfR2lWEurX-2BfPEC5D55Dnp6palYsF-2BRdxmkEbVOo-2BYoETeu-2FWn9Ww-2FwE-2B0IbSBFP-2BtnJRI...
https://ww2.liftrelations.com/Auth/login?email=Holly.Gammage&token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
https://ww2.liftrelations.com/Localize/Index/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DOTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
https://ww2.liftrelations.com/Localize/Set/en?returnUrl=%2FAccount%2FSurvey%2FIndex%3Ftoken%3DOTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

7 KB
3 KB

303ms
302ms

Document
text/html

13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

afc9bf547aa85fa0d7453ce5fa1caafe13ddaae4532416e19eb2b709f6d8b53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private, s-maxage=0
Content-Length: 2853
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Mon, 24 Jan 2022 09:56:54 GMT

Redirect headers

Cache-Control: private
Content-Length: 193
Content-Type: text/html; charset=utf-8
Location: /Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Mon, 24 Jan 2022 09:56:54 GMT

GET
H/1.1 200
OK Common
ww2.liftrelations.com/Content/Survey/ 7 KB
3 KB 36ms
35ms Stylesheet
text/css 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Content/Survey/Common?v=A1VxYOUjFPqRY2yKSJlv6sgZJyOeBQ5SppjFdyb4wiU1

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

aabbc67b8742c2f23f9d0ab402846f5655b2cb7ff5b48c049e55274ca9168ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Mon, 24 Jan 2022 09:56:55 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/css; charset=utf-8
Cache-Control: public
Date: Mon, 24 Jan 2022 09:56:54 GMT
Content-Length: 2385
Expires: Tue, 24 Jan 2023 09:56:55 GMT

GET
H/1.1 200
OK popper.js Show response
ww2.liftrelations.com/Scripts/umd/ 85 KB
29 KB 156ms
49ms Script
application/x-javascript 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Scripts/umd/popper.js

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

27435a221e3a696543acfb828b3281ae78fdde2544729cae66a6979cd7c14080

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
ETag: "2d5a83841ef7d71:0"
Last-Modified: Wed, 22 Dec 2021 10:27:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: application/x-javascript
Date: Mon, 24 Jan 2022 09:56:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 29622

GET
H/1.1 200
OK jquery Show response
ww2.liftrelations.com/Scripts/ 194 KB
87 KB 171ms
57ms Script
text/javascript 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Scripts/jquery?v=K5Ek42SOeixP7TkrBotxAAsKNZOmMqGfz4sXo_0oQwc1

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9727a6a805bf36768d72ede5f519dab6376ad24fe95513ad8cdbd035bbd743c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Mon, 24 Jan 2022 09:56:55 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Date: Mon, 24 Jan 2022 09:56:54 GMT
Expires: Tue, 24 Jan 2023 09:56:55 GMT

GET
H/1.1 200
OK Common Show response
ww2.liftrelations.com/Scripts/Survey/ 58 KB
22 KB 171ms
48ms Script
text/javascript 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Scripts/Survey/Common?v=aW8LRtjx5Ci_ADqXL3_GWLU1l5xoTmIBVZHfYp1xD501

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

86a7cb3a6b929a12179e707f8ded2c5efc0655f17ea8e98953077c3c524c6ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Mon, 24 Jan 2022 09:56:55 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Date: Mon, 24 Jan 2022 09:56:54 GMT
Content-Length: 22220
Expires: Tue, 24 Jan 2023 09:56:55 GMT

GET
H/1.1 200
OK font.css
ww2.liftrelations.com/Fonts/ 396 B
665 B 89ms
45ms Stylesheet
text/css 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Fonts/font.css

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5ca328e975c1b4b38c55a1920c281ee48b7d5070204a77994f66f6641b65e65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
ETag: "c4f020841ef7d71:0"
Last-Modified: Wed, 22 Dec 2021 10:27:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/css
Date: Mon, 24 Jan 2022 09:56:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 284

GET
H/1.1 200
OK liftrelations.survey.index.css
ww2.liftrelations.com/Content/ 1 KB
1 KB 126ms
34ms Stylesheet
text/css 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Content/liftrelations.survey.index.css?modified=20211222102726

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

81a48d82b590dd2426bcb0947ca39b7f98073dcbd0a8651502bdd52fabc832a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
ETag: "7c119841ef7d71:0"
Last-Modified: Wed, 22 Dec 2021 10:27:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/css
Date: Mon, 24 Jan 2022 09:56:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 645

GET
H/1.1 200
OK bootstrap-select.min.css
ww2.liftrelations.com/Content/ 10 KB
3 KB 175ms
74ms Stylesheet
text/css 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Content/bootstrap-select.min.css?modified=20211222102726

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8f0244538a7561db7298b17002361f6a6e4f8f934e9f2966b3ade4ecb610f499

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
ETag: "d9bf12841ef7d71:0"
Last-Modified: Wed, 22 Dec 2021 10:27:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/css
Date: Mon, 24 Jan 2022 09:56:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2601

GET
H/1.1 200
OK bootstrap.min.css
ww2.liftrelations.com/Content/ 152 KB
35 KB 156ms
55ms Stylesheet
text/css 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Content/bootstrap.min.css?modified=20211222102726

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
ETag: "32aa13841ef7d71:0"
Last-Modified: Wed, 22 Dec 2021 10:27:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: text/css
Date: Mon, 24 Jan 2022 09:56:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 35478

GET
H/1.1 200
OK hainsight.common.js Show response
ww2.liftrelations.com/Scripts/ 2 KB
1 KB 169ms
42ms Script
application/x-javascript 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Scripts/hainsight.common.js?modified=20211222102727

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2c6064ce1d247950bdf7f47cd670a80ab58c08ce059f363a93133c1db2ecbe6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
ETag: "64a4d841ef7d71:0"
Last-Modified: Wed, 22 Dec 2021 10:27:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: application/x-javascript
Date: Mon, 24 Jan 2022 09:56:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 783

GET
H/1.1 200
OK bootstrap-select.js Show response
ww2.liftrelations.com/Scripts/ 111 KB
35 KB 216ms
44ms Script
application/x-javascript 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Scripts/bootstrap-select.js?modified=20211222102727

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1b000cb512aaf28719c817609b5c17fadcdddbf9c36dbd941ae94876a388b625

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
ETag: "62e243841ef7d71:0"
Last-Modified: Wed, 22 Dec 2021 10:27:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: application/x-javascript
Date: Mon, 24 Jan 2022 09:56:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 35039

GET
H/1.1 200
OK bootstrap.min.js Show response
ww2.liftrelations.com/Scripts/ 57 KB
21 KB 215ms
40ms Script
application/x-javascript 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Scripts/bootstrap.min.js

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
ETag: "6e5346841ef7d71:0"
Last-Modified: Wed, 22 Dec 2021 10:27:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: application/x-javascript
Date: Mon, 24 Jan 2022 09:56:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 21407

GET
H/1.1 200
OK GetLogo
ww2.liftrelations.com/Account/Survey/ 2 KB
2 KB 69ms
68ms Image
image/png 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ww2.liftrelations.com/Account/Survey/GetLogo

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

292819aa6e646600c45ed2b1c80ab88475b166dbca24035f2e5e23438742511f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private, s-maxage=0
Date: Mon, 24 Jan 2022 09:56:54 GMT
Content-Length: 2223

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 179ms
81ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJHWDFF

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Account/Survey/Index?token=OTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9964492860dde7a034907d97488fdf9bb0a0b50f8bee21dc713a5266d1c4f8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:56:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37374
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jan 2022 09:56:55 GMT

GET
H/1.1 200
OK lift-logo-poweredby.png
ww2.liftrelations.com/Images/Common/ 5 KB
5 KB 34ms
33ms Image
image/png 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ww2.liftrelations.com/Images/Common/lift-logo-poweredby.png

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Content/Survey/Common?v=A1VxYOUjFPqRY2yKSJlv6sgZJyOeBQ5SppjFdyb4wiU1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e95bf5f90cf4fb24fd9e72dfb068713138402a111c946aa4b0ed79f28c380a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/Content/Survey/Common?v=A1VxYOUjFPqRY2yKSJlv6sgZJyOeBQ5SppjFdyb4wiU1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 22 Dec 2021 10:27:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "29e92d841ef7d71:0"
X-Frame-Options: DENY
Content-Type: image/png
Date: Mon, 24 Jan 2022 09:56:55 GMT
Accept-Ranges: bytes
Content-Length: 5170

GET
H/1.1 200
OK Montserrat-Regular.woff
ww2.liftrelations.com/Fonts/ 23 KB
24 KB 36ms
35ms Font
application/font-woff 13.69.228.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ww2.liftrelations.com/Fonts/Montserrat-Regular.woff

Requested by

Host: ww2.liftrelations.com
URL: https://ww2.liftrelations.com/Fonts/font.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.228.12 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dd65545505bce94615dd3dabd95e8cde5f3095703c740c7afd8ccfb4be42c486

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://ww2.liftrelations.com/Fonts/font.css
Origin: https://ww2.liftrelations.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 22 Dec 2021 10:27:26 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "c4f020841ef7d71:0"
X-Frame-Options: DENY
Content-Type: application/font-woff
Date: Mon, 24 Jan 2022 09:56:54 GMT
Accept-Ranges: bytes
Content-Length: 23756

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 136ms
43ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJHWDFF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6724
date: Mon, 24 Jan 2022 08:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 24 Jan 2022 10:04:52 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 49ms
48ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1438604800&t=pageview&_s=1&dl=https%3A%2F%2Fww2.liftrelations.com%2FAccount%2FSurvey%2FIndex%3Ftoken%3DOTZGNzY3MTMtRUEwRi00NjVBLTlBNDYtMTgyNTVDQzEzOUUz&ul=en-us&de=UTF-8&dt=Evaluation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=422667014&gjid=932441078&cid=280327261.1643018216&tid=UA-58364987-2&_gid=1162563436.1643018216&_r=1&gtm=2wg1j0NJHWDFF&z=1768357813

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww2.liftrelations.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 09:56:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ww2.liftrelations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 187ms
22ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-58364987-2&cid=280327261.1643018216&jid=422667014&gjid=932441078&_gid=1162563436.1643018216&_u=YEBAAEAAAAAAAC~&z=1936448443

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww2.liftrelations.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 24 Jan 2022 09:56:56 GMT
content-type: text/plain
access-control-allow-origin: https://ww2.liftrelations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 160ms
64ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-58364987-2&cid=280327261.1643018216&jid=422667014&_u=YEBAAEAAAAAAAC~&z=365967010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 09:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 160ms
65ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-58364987-2&cid=280327261.1643018216&jid=422667014&_u=YEBAAEAAAAAAAC~&z=365967010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ww2.liftrelations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 09:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ww2.liftrelations.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bupzpvi5oztwhcik1oi2v1ub
ww2.liftrelations.com/	1969-12-31 23:59:59	Name: .ASPXAUTH Value: B0107723288600298559AF0BD2B9620CFAA627863E9E4557C2290895D95A9C7975FB56058A3474DF757D5581BF9F316098443FB790574689916A6A7A5648BAF053881C25C6E43690DDD0300E8BCF3CE95DE45169B1290F7A79B44ABC0A624B6B8EFD2140DFC0A973DC10350FAA805450
.ww2.liftrelations.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 31bb1e6c8f4949276f5af115106d44974e47b4bc1cf4866a2ee2790c7e7e132c
.ww2.liftrelations.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 31bb1e6c8f4949276f5af115106d44974e47b4bc1cf4866a2ee2790c7e7e132c
.liftrelations.com/	1970-01-20 17:54:50	Name: _ga Value: GA1.2.280327261.1643018216
.liftrelations.com/	1970-01-20 00:25:04	Name: _gid Value: GA1.2.1162563436.1643018216
.liftrelations.com/	1970-01-20 00:23:38	Name: _gat_UA-58364987-2 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

stats.g.doubleclick.net
u23575444.ct.sendgrid.net
ww2.liftrelations.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.69.228.12
167.89.123.122
2a00:1450:4001:808::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9c
1b000cb512aaf28719c817609b5c17fadcdddbf9c36dbd941ae94876a388b625
27435a221e3a696543acfb828b3281ae78fdde2544729cae66a6979cd7c14080
292819aa6e646600c45ed2b1c80ab88475b166dbca24035f2e5e23438742511f
2c6064ce1d247950bdf7f47cd670a80ab58c08ce059f363a93133c1db2ecbe6d
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
5ca328e975c1b4b38c55a1920c281ee48b7d5070204a77994f66f6641b65e65a
81a48d82b590dd2426bcb0947ca39b7f98073dcbd0a8651502bdd52fabc832a8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a7cb3a6b929a12179e707f8ded2c5efc0655f17ea8e98953077c3c524c6ed8
8f0244538a7561db7298b17002361f6a6e4f8f934e9f2966b3ade4ecb610f499
9727a6a805bf36768d72ede5f519dab6376ad24fe95513ad8cdbd035bbd743c3
9964492860dde7a034907d97488fdf9bb0a0b50f8bee21dc713a5266d1c4f8c2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aabbc67b8742c2f23f9d0ab402846f5655b2cb7ff5b48c049e55274ca9168ab4
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
afc9bf547aa85fa0d7453ce5fa1caafe13ddaae4532416e19eb2b709f6d8b53c
dd65545505bce94615dd3dabd95e8cde5f3095703c740c7afd8ccfb4be42c486
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e95bf5f90cf4fb24fd9e72dfb068713138402a111c946aa4b0ed79f28c380a60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

ww2.liftrelations.com Open in urlscan Pro 13.69.228.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

6 IPs

4 Countries

331 kBTransfer

859 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

ww2.liftrelations.com Open in urlscan Pro
13.69.228.12 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

331 kB
Transfer

859 kB
Size

7
Cookies

21 HTTP transactions
0 data transactions