social.lewin.digital Open in urlscan Pro
2600:9000:26e8:4a00:9:dd7b:bf80:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://social.lewin.digital/
Submission: On January 03 via api (January 3rd 2025, 11:09:39 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 18 domains to perform 64 HTTP transactions. The main IP is 2600:9000:26e8:4a00:9:dd7b:bf80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is social.lewin.digital.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 30th 2024. Valid for: a year.

This is the only time social.lewin.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2600:9000:26e... 2600:9000:26e8:4a00:9:dd7b:bf80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2240:600:1e:b6b6:9ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.5.128.175 3.5.128.175	16509 (AMAZON-02) (AMAZON-02)
6	104.18.28.104 104.18.28.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
7	104.126.37.177 104.126.37.177	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:1400:1e:14d2:6dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
4	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	172.67.135.7 172.67.135.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
3	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:2251:400:1e:14d2:6dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	54.77.63.179 54.77.63.179	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
2	3.167.227.96 3.167.227.96	() ()
1	2a00:1450:400... 2a00:1450:400c:c00::54	15169 (GOOGLE) (GOOGLE)
2	16.12.64.52 16.12.64.52	16509 (AMAZON-02) (AMAZON-02)
64	25

4 2600:9000:26e8:4a00:9:dd7b:bf80:93a1 (United States)

ASN16509 (AMAZON-02, US)

social.lewin.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:600:1e:b6b6:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.firstpromoter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.5.128.175 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

marky-image-posts.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.28.104 (None, )

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.126.37.177 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a104-126-37-177.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:1400:1e:14d2:6dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.135.7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-intake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4505598825136128.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.growthbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:400:1e:14d2:6dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.77.63.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-63-179.eu-west-1.compute.amazonaws.com

api.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.167.227.96 (United States)

ASN ()
PTR: server-3-167-227-96.fra60.r.cloudfront.net

x5x7v0gecd.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 16.12.64.52 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-w.us-east-2.amazonaws.com

marky-image-posts.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	142 KB
7	amazonaws.com marky-image-posts.s3.us-east-2.amazonaws.com x5x7v0gecd.execute-api.us-east-1.amazonaws.com marky-image-posts.s3.amazonaws.com	301 KB
6	refiner.io js.refiner.io — Cisco Umbrella Rank: 18749 api.refiner.io — Cisco Umbrella Rank: 21638	24 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 21493	122 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	166 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	423 B
4	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108 accounts.google.com — Cisco Umbrella Rank: 17	86 KB
4	lewin.digital social.lewin.digital	3 MB
3	gstatic.com fonts.gstatic.com	89 KB
3	growthbook.io cdn.growthbook.io — Cisco Umbrella Rank: 8478	919 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	242 KB
2	sentry.io o4505598825136128.ingest.sentry.io	589 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
1	lr-intake.com cdn.lr-intake.com — Cisco Umbrella Rank: 80992	186 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	548 B
1	firstpromoter.com cdn.firstpromoter.com — Cisco Umbrella Rank: 32290	2 KB
64	18

	Domain	Requested by
7	analytics.tiktok.com	social.lewin.digital analytics.tiktok.com
6	client.crisp.chat	social.lewin.digital client.crisp.chat
4	api.refiner.io	social.lewin.digital
4	js.stripe.com	social.lewin.digital js.stripe.com
4	www.facebook.com	social.lewin.digital
4	social.lewin.digital	social.lewin.digital
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn.growthbook.io	social.lewin.digital
3	fonts.googleapis.com	social.lewin.digital
3	www.googletagmanager.com	social.lewin.digital www.googletagmanager.com
3	marky-image-posts.s3.us-east-2.amazonaws.com	social.lewin.digital
2	marky-image-posts.s3.amazonaws.com
2	x5x7v0gecd.execute-api.us-east-1.amazonaws.com	social.lewin.digital
2	o4505598825136128.ingest.sentry.io	social.lewin.digital
2	region1.analytics.google.com	www.googletagmanager.com social.lewin.digital
2	connect.facebook.net	social.lewin.digital connect.facebook.net
2	js.refiner.io	www.googletagmanager.com js.refiner.io
1	accounts.google.com	social.lewin.digital
1	cdn.lr-intake.com	social.lewin.digital
1	www.google.de	social.lewin.digital
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	cdn.firstpromoter.com	social.lewin.digital
64	23

This site contains no links.

Subject Issuer	Validity	Valid
social.lewin.digital Amazon RSA 2048 M03	`2024-12-30` - `2026-01-28`	a year	crt.sh
*.firstpromoter.com Amazon RSA 2048 M03	`2024-10-20` - `2025-11-17`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-11-09` - `2025-11-05`	a year	crt.sh
crisp.chat E6	`2024-11-27` - `2025-02-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
js.refiner.io Amazon RSA 2048 M03	`2024-08-26` - `2025-09-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-12` - `2025-01-10`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.de WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
lr-intake.com WE1	`2024-11-11` - `2025-02-09`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-12-16` - `2025-04-03`	4 months	crt.sh
cdn.growthbook.io R11	`2024-11-23` - `2025-02-21`	3 months	crt.sh
api.refiner.io Amazon RSA 2048 M03	`2024-04-21` - `2025-05-20`	a year	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M03	`2024-02-14` - `2025-03-15`	a year	crt.sh
accounts.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://social.lewin.digital/
Frame ID: ED20F84CFF8739EBFC9C7EB5DF849D8D
Requests: 58 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fsocial.lewin.digital
Frame ID: 7506F8ECD676CBD2A6D94CB825163135
Requests: 1 HTTP requests in this frame

Frame: https://js.refiner.io/v001/render/index.html
Frame ID: 58DA2E949485CFD94056E5D99CD21FDD
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-5f8fe069f0f25d457a465ae97c75bf56.html
Frame ID: AFC904A8E83F92687A34993051F812AB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 29B67D36E47CCBFEDCE2DDADD09F2F07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

social.lewin.digital

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

64
Requests

97 %
HTTPS

38 %
IPv6

18
Domains

23
Subdomains

25
IPs

5
Countries

4010 kB
Transfer

13136 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
social.lewin.digital/ 6 KB
2 KB 389ms
337ms Document
text/html 2600:9000:26e8:4a00:9:dd7b:bf80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://social.lewin.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:4a00:9:dd7b:bf80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9587ee57917976740505a97eee5a30c79d020185a3561d41a424d50ae64c6c98

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 03 Jan 2025 11:09:27 GMT
etag: W/"9e061c5a240614099abda995f9672624"
last-modified: Fri, 03 Jan 2025 11:01:09 GMT
server: AmazonS3
vary: accept-encoding
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
x-amz-cf-id: v1K0G3S6dDuT_RH8VYPOKfkZjcvb-kUEk4LKx4qSETsl8r93mwyjBQ==
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 fpr.js Show response
cdn.firstpromoter.com/ 5 KB
2 KB 48ms
14ms Script
application/javascript 2600:9000:2240:600:1e:b6b6:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstpromoter.com/fpr.js
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:600:1e:b6b6:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 428fefa036de5a227b40945c94be22b37a89516bc6b8a5c0dd09b88e17fd9ddf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: gzip
etag: W/"d53f26ce71a7333d477b01f52bdade3e"
age: 30901
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: K6g18CN3oYf13Sbo2Ny1MgFCOPaLMEX5PBCZsCLQixJ-URclcpx04Q==
date: Fri, 03 Jan 2025 02:34:26 GMT
content-type: application/javascript
last-modified: Mon, 07 Feb 2022 04:29:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
vary: accept-encoding

GET
H2 200 index-03e430a8.js Show response
social.lewin.digital/assets/ 8 MB
2 MB 480ms
475ms Script
application/javascript 2600:9000:26e8:4a00:9:dd7b:bf80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://social.lewin.digital/assets/index-03e430a8.js
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:4a00:9:dd7b:bf80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e5521f0454c60416956e77e484896ad6a6390f4106bc3c10a1e790a85783c89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://social.lewin.digital
Referer: https://social.lewin.digital/

Response headers

x-amz-cf-pop: FRA56-P10
content-encoding: gzip
etag: W/"6512b95d991227338e0f149e393e3e18"
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: rXDC5CwYKiK7NrkIMK5kUxw-0IyayfC3HgdOejxUVIZoYQkQuxA1nA==
date: Fri, 03 Jan 2025 11:09:28 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Fri, 03 Jan 2025 11:01:08 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 index-0b940f5b.css
social.lewin.digital/assets/ 1 MB
131 KB 481ms
476ms Stylesheet
text/css 2600:9000:26e8:4a00:9:dd7b:bf80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://social.lewin.digital/assets/index-0b940f5b.css
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:4a00:9:dd7b:bf80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b940f5bcce4457cf5ba264544a2d709280a6d9f0ae603910acb32f5170a6daf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-amz-cf-pop: FRA56-P10
content-encoding: gzip
etag: W/"dde4f6467f086ac9acd2a4965d3972d1"
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: NNDWXVpRUwt3BHD2013t7OLIAlhAjULnTA-0Z2xbzMcpwGtFi26V5g==
date: Fri, 03 Jan 2025 11:09:28 GMT
content-type: text/css
vary: accept-encoding
server: AmazonS3
last-modified: Fri, 03 Jan 2025 11:01:08 GMT
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK fb-ss.jpeg
marky-image-posts.s3.us-east-2.amazonaws.com/ 0
66 KB 372ms
126ms Other
image/jpeg 3.5.128.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://marky-image-posts.s3.us-east-2.amazonaws.com/fb-ss.jpeg
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.128.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-amz-id-2: bVq3MIWe/iUYyi9XNL0eSCzK5auM+C6lR/XOHUshT0qWoSBYOJmaaRpgD9VwDPMF9OsG7fCYdkGY4yJn/UoZEw==
ETag: "755287e9278a33bf749cbc175e741e72"
x-amz-request-id: BHXKV9PKK0Y72GVN
Accept-Ranges: bytes
Content-Length: 66919
Date: Fri, 03 Jan 2025 11:09:28 GMT
Last-Modified: Fri, 12 Jan 2024 18:00:39 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK Screenshot+2024-03-10+at+1.08.14%E2%80%AFAM.png
marky-image-posts.s3.us-east-2.amazonaws.com/ 0
196 KB 413ms
168ms Other
image/png 3.5.128.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://marky-image-posts.s3.us-east-2.amazonaws.com/Screenshot+2024-03-10+at+1.08.14%E2%80%AFAM.png
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.128.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-amz-id-2: oAm4AbWKaUiMqtcnHd0bwhjSYQFdnK7g0LA7Jyi3H/extIsi2QifWh0U+JLPJnMhv9/lb09OMXu2HcDuF8K+7w==
ETag: "6ddcb68b8ff0545f3bfc2ac729890cd2"
x-amz-request-id: BHXVPSR0ZWYQ70AD
Accept-Ranges: bytes
Content-Length: 200370
Date: Fri, 03 Jan 2025 11:09:28 GMT
Last-Modified: Sat, 09 Mar 2024 19:39:03 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 l.js Show response
client.crisp.chat/ 9 KB
4 KB 63ms
33ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cde2081451e2cbed947ccc4aebcd294d7a96224084e26a167fabb67fd0d55917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
etag: W/"64e73b34-2428"
age: 27677
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Sat, 04 Jan 2025 11:09:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 03 Jan 2025 11:09:26 GMT
content-type: application/javascript
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8fc28962f8679048-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
110 KB 70ms
34ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK9NW5N7

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a64a0ec112eb4f19a3ca3262de932b1b1d1c488405d45617985aba3589a4719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 03 Jan 2025 11:09:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 03 Jan 2025 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 112309
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 186ms
140ms Script
application/javascript 104.126.37.177
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRD2IDJC77UD2MA11VOG&lib=ttq
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3d7f1fc0e96aa5fb53677956d358984910da0b4fd7884a6f76c49974c7cd8053

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: gzip
expires: Fri, 03 Jan 2025 11:09:27 GMT
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=5, origin; dur=109
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: bca46c6
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e75e5f7ed825d953cf2922606fab0b28700577500f8c8b8e29ed4cfe35a61aee07c469c3ffbb83a4848033421383fd154a5a8e96998e0b4905b69664447690f530b6e42af83c542c2f011d11b000fadcba
x-origin-response-time: 109,104.126.37.141
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-250103110926B2E7E82F41DB836A64E9-144DF0A67D6C69B9-00
content-length: 2035
x-tt-logid: 20250103110926B2E7E82F41DB836A64E9
server: nginx

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 375 KB
98 KB 29ms
28ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?7cadd01

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada5faeab0ddad466623705895d4a8eb5432921c44c95534962f5a9db861da3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
etag: W/"64e73b34-5dd52"
age: 84262
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 2035 11:09:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 03 Jan 2025 11:09:26 GMT
content-type: application/javascript
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8fc28963589b9048-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 113 KB
14 KB 20ms
20ms Stylesheet
text/css 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?7cadd01

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed47babcdfca4f506a15afce02631af2cc3e9335558090ea9d5328bd5d5bc7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
etag: W/"676e92ea-1c58d"
age: 84262
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 2035 11:09:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 03 Jan 2025 11:09:26 GMT
content-type: text/css
last-modified: Fri, 27 Dec 2024 11:43:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8fc28963589d9048-FRA
access-control-allow-origin: *
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 94ms
20ms Ping
text/plain 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsocial.lewin.digital%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=2052845269.1735902567&auid=1740695327.1735902567&navt=n&npa=1&gtm=45He4cc1v9183922873za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735902566964&tfd=535&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK9NW5N7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 407 KB
132 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZXC39SX45K&l=dataLayer&cx=c&gtm=45He4cc1v9183922873za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK9NW5N7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec1b972f7325bdcf8f463917500aa7665c7a73b93fa7a60d7e57accea616ce7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 03 Jan 2025 11:09:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134446
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 client.js Show response
js.refiner.io/v001/ 62 KB
21 KB 82ms
8ms Script
application/javascript 2600:9000:2251:1400:1e:14d2:6dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.refiner.io/v001/client.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK9NW5N7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:1400:1e:14d2:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4ea85d984b3a54471a31b849568ea4bfcc3f3523e98318cf70f3119ad4fc222

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: gzip
x-amz-version-id: pIJUKXMyr1H.8l.uT.ZBNRRstn5SYVMb
etag: "4976bcbec94d9783d56b2f6bb508b567"
age: 3208
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 21226
x-amz-cf-id: QIr_E7YVgH8H81G75H4qxJjJoNJNa7DJHnixywSMrDe7p_Xaq7rkeA==
date: Fri, 03 Jan 2025 10:16:00 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 17:19:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 79ms
7ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-g9xSGix2' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-g9xSGix2' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4593, tp=11, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: t5jLXXRZJHHuq+9zfNXcl/xlor4cRJZsngnujOuj0lB25WUp5OCUpiI49yt/RzCQnEKWD3hvStQ+KwBycStIXw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62279
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 7506 0
0 36ms
16ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fsocial.lewin.digital

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK9NW5N7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 11:09:27 GMT
expires: Sat, 03 Jan 2026 11:09:27 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 49ms
19ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZXC39SX45K&gtm=45je4cc1v9163503759z89183922873za200zb9183922873&_p=1735902566839&_gaz=1&gcs=G1--&gcd=13l3l3R2l5l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=2062878962.1735902567&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735902567&sct=1&seg=0&dl=https%3A%2F%2Fsocial.lewin.digital%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=648
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZXC39SX45K&l=dataLayer&cx=c&gtm=45He4cc1v9183922873za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://social.lewin.digital
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
548 B 64ms
21ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZXC39SX45K&cid=2062878962.1735902567&gtm=45je4cc1v9163503759z89183922873za200zb9183922873&aip=1&dma=1&dma_cps=syphamo&gcs=G1--&gcd=13l3l3R2l5l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZXC39SX45K&l=dataLayer&cx=c&gtm=45He4cc1v9183922873za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://social.lewin.digital
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 60ms
33ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZXC39SX45K&cid=2062878962.1735902567&gtm=45je4cc1v9163503759z89183922873za200zb9183922873&aip=1&dma=1&dma_cps=syphamo&gcs=G1--&gcd=13l3l3R2l5l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1624515539

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 03 Jan 2025 11:09:27 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 main.MWE1OTI4NzI4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 352 KB
97 KB 18ms
14ms Script
application/javascript 104.126.37.177
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRD2IDJC77UD2MA11VOG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
x-tt-trace-id: 00-24121913242637819D396CBEBAE07E67-5CDE66795364015D-00
content-length: 99026
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024121913242637819D396CBEBAE07E67
server: nginx
x-akamai-request-id: bca490a
x-tt-trace-host: 01920ff03f31b8f9f40a1e99b09b8d79c781fd568bf844b854c81bac245033bfbbcc07b7dc5327e3b7d82ae8d10d2bbfb5ddd1427090866677d221f127fb1bfe37a87fbc8275b6f7cde8fce192e376b58d14f500ded36ff6de7e861b4063b12333

GET
H3 200 1041962353462931 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 395ms
395ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1041962353462931?v=2.9.179&r=stable&domain=social.lewin.digital&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

347107357db4ff16b73a3d90e5ea6228d107c6b9c28c6318893da8c1b30a8055

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-4nUY0Ekl' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-4nUY0Ekl' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=69, mss=1232, tbw=70609, tp=67, tpl=0, uplat=386, ullat=0
pragma: public
x-fb-debug: PHJiKHzzPhrhmEUFkABRdI11MKcohWnTSuEXkq2jF+ETjl+dkYl+xkkMDmTwDlNJ4Jxe8EXfBAonGJQ0n8AoyQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 79ms
78ms Script
application/javascript 104.126.37.177
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=14
x-tt-trace-id: 00-241115050233F43D76A3E184AA166B24-35E8287D38D506DD-00
content-length: 39538
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241115050233F43D76A3E184AA166B24
server: nginx
x-akamai-request-id: bca4a9a
x-tt-trace-host: 01b2772d08dc2e64270ae20f4a4b8b52972e74fe5ac0a55040d5855cc7438be15e5205275afa736a30cc95a0b251d97cd946cb6633d7ae51caa40c2f854d4db7c6407fed021642971a870d0ed10bf6c807d8abd7686ca19db81318a79f9a46c023

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
878 B 175ms
174ms Ping
text/plain 104.126.37.177
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://social.lewin.digital/

Response headers

x-cache-remote: TCP_MISS from a23-32-16-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 03 Jan 2025 11:09:27 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=19, inner; dur=16
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 03 Jan 2025 11:09:27 GMT
x-akamai-request-id: b34c2994.bca4a9c
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e7a46ba6d42284aba52b70e5c5dc4e791e8f3b79e0f08100d07b92326af25c0d8e5998bdd64edb0b11cde6f4d37ad2851f729c4312024b6f543a3e8e942e86fae543745e1117939905dfb981399ca535cedb26e57233a6d1d15982f6f0845383f4
x-origin-response-time: 19,23.32.16.73
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-25010311092796DE09B4B0F23016D56B-6B3006F16456BB4E-00
content-length: 0
x-parent-response-time: 110,104.126.37.141
x-tt-logid: 2025010311092796DE09B4B0F23016D56B
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
719 B 137ms
136ms Ping
text/plain 104.126.37.177
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://social.lewin.digital/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 03 Jan 2025 11:09:27 GMT
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=10, origin; dur=102
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 03 Jan 2025 11:09:27 GMT
x-akamai-request-id: bca4cd5
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e75e5f7ed825d953cf2922606fab0b28709a268e37e8c8bcda90b9dbbfd0954f7f9f605dc4355e63fba77e7681d177831e3f89d161f233e10b2232618b583c3956edea368d36723205b810efe6e10d78af
x-origin-response-time: 104,104.126.37.141
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-250103110927A2C3C6589146B38DCCFC-421006BE47B22341-00
content-length: 0
x-tt-logid: 20250103110927A2C3C6589146B38DCCFC
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 97ms
8ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1041962353462931&ev=PageView&dl=https%3A%2F%2Fsocial.lewin.digital%2F&rl=&if=false&ts=1735902567640&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735902567637.852003169133373639&cs_est=true&ler=empty&cdl=API_unavailable&it=1735902567108&coo=false&rqm=GET

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4725, tp=13, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 284ms
195ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1041962353462931&ev=PageView&dl=https%3A%2F%2Fsocial.lewin.digital%2F&rl=&if=false&ts=1735902567640&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735902567637.852003169133373639&cs_est=true&ler=empty&cdl=API_unavailable&it=1735902567108&coo=false&rqm=FGET

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455644754884057231"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: R2ciOTrvemsriCBwIFE8p5ZxY4E541z6Q7QQ4t6ArAoQr2t7yGWPHrXb9288LsJXrX0t3JFTERjPxVR30E/z6A==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455644754884057231", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5093, tp=16, tpl=0, uplat=150, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
916 B 58ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-0b940f5b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c3a94721a6f632c4e652a6476dc6bc9ed8970d11c70a591caeab39153833d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 11:09:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 03 Jan 2025 09:46:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
2 KB 61ms
21ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Great+Vibes&family=Inter&family=Lato&family=Montserrat&family=Open+Sans&family=Oswald&family=Playfair+Display&family=Poppins&family=Raleway&family=Roboto&display=swap

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-0b940f5b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c2d556fb00bb27b0d0ad38d5daa1f0a46f550c0376a9d9a4ec8a0713acb5bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 11:09:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 03 Jan 2025 11:09:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
2 KB 57ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Acme&family=Dancing+Script&family=Electrolize&family=Luckiest+Guy&family=PT+Sans&family=Sacramento&family=Staatliches&family=Teko&family=Titillium+Web&family=Ubuntu&display=swap

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-0b940f5b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf56cf73d4c82f5b90ad08504d2129453409fe987646b40b00f42eab36989eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 11:09:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 03 Jan 2025 11:09:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET 1dcbb6f6-610e-4286-979a-0670aeff7d89
https://social.lewin.digital/ Frame 0
0

GET
H3 200 logger-1.min.js Show response
cdn.lr-intake.com/ 904 KB
186 KB 57ms
27ms Script
text/javascript 172.67.135.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-intake.com/logger-1.min.js

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.135.7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98292ab3833d7faf164e5b6191f869789770c39e7c4d3f7383c1f2462dc200f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"a52d047ef0759ec10a4266671d993cc411a2a91a4b818c5ab39d78f9a5f84242-br"
age: 138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0q3bWbXFUG2aDuOehvRphsJ4utRSeMwLPHEzXqzfePNBPoYBGUfqGK0O1Kz%2BmGqhIO7lgaGFe2NYp2O%2FIIvB5upyPLyRVsNx28X%2BtHPaY%2FGqsDfpORfD3LdhEGsCErbUSDyWSg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=7145&min_rtt=6917&rtt_var=1608&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4181&recv_bytes=4332&delivery_rate=81912&cwnd=12000&unsent_bytes=0&cid=14e77c8ffaf875d0&ts=31&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 03 Jan 2025 11:09:28 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 02 Jan 2025 20:53:15 GMT
x-served-by: cache-fra-eddf8230027-FRA
x-cache-hits: 1
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
priority: u=3,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1735851368.543609,VS0,VE2
cross-origin-resource-policy: cross-origin
cf-ray: 8fc2896dfc0735f4-FRA
access-control-allow-origin: *
server: cloudflare

POST
H2 200 / Show response
o4505598825136128.ingest.sentry.io/api/4506503370637312/envelope/ 2 B
297 B 96ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505598825136128.ingest.sentry.io/api/4506503370637312/envelope/?sentry_key=5ce4d628f05749c54a23f5bb574562ae&sentry_version=7&sentry_client=sentry.javascript.react%2F8.33.1

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://social.lewin.digital/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:28 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 v3 Show response
js.stripe.com/ 694 KB
166 KB 79ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

49eb91ccb014544e86ffd670d8f1f1c2048d59e663c41655ad02651b0a1e302f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-request-id: f4c1daec-8acb-4bb9-9fb9-207f3f46e88a
content-encoding: br
etag: "057d0c0fbd2c6945e582717c1b7e7e73"
age: 60
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 03 Jan 2025 11:09:28 GMT
last-modified: Mon, 23 Dec 2024 22:36:46 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-etou8220064-FRA
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 169529
server: Fastly

GET
DATA 200
OK truncated
/ 590 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2be80a0e4cf0a6dab670848de97975cc63dd706ef98e5acbcf6ceb5a11e12d6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 922 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d8f6c0b9507aa07382bef64fd665e63b71d6a32e4ecdce0b711a1bee947c690

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 sdk-eRVT3CPIUXQudvX2 Show response
cdn.growthbook.io/api/features/ 1 KB
919 B 73ms
10ms Fetch
application/json 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/api/features/sdk-eRVT3CPIUXQudvX2
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 3e351c8f6cc082a8bbde344256622333ff121d65804237f0644c715206c69f53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

access-control-expose-headers: x-sse-support
content-encoding: gzip
etag: W/"4fb-66XajhGHm2wf1VOVdFfMxTPWGhc"
age: 401
x-cache: HIT, HIT
date: Fri, 03 Jan 2025 11:09:28 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-iad-kiad7000176-IAD, cache-fra-etou8220073-FRA
x-cache-hits: 5246, 0
vary: Accept-Encoding
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
x-timer: S1735902569.885535,VS0,VE2
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-sse-support: enabled
content-length: 533
x-powered-by: Express

GET
H2 200 index.html
js.refiner.io/v001/render/ Frame 58DA 0
0 25ms
8ms Document
text/html 2600:9000:2251:400:1e:14d2:6dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.refiner.io/v001/render/index.html
Requested by: Host: js.refiner.io
URL: https://js.refiner.io/v001/client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:400:1e:14d2:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://social.lewin.digital/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 4785
content-encoding: gzip
content-length: 303
content-type: text/html; charset=utf-8
date: Fri, 03 Jan 2025 09:49:44 GMT
etag: "415c8f25cb7eca50c3d0881380c2d248"
last-modified: Tue, 10 Dec 2024 17:19:22 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-id: sdq4tRoNrYPz4_HiZsSss5pT1pln4mOPt74fhIWgwpALnpaWKVuMzQ==
x-amz-cf-pop: FRA60-P3
x-amz-version-id: 2I5HePxQ29ojZA..9WDfUsgc0hBpcuQd
x-cache: Hit from cloudfront

POST
H2 201 ping Show response
api.refiner.io/js-client/v1/f9ddd930-2b71-11ef-9a71-6701c988cce0/ 209 B
2 KB 58ms
57ms XHR
application/json 54.77.63.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.refiner.io/js-client/v1/f9ddd930-2b71-11ef-9a71-6701c988cce0/ping

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.63.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-63-179.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

06884c8c333e45723cf6f7e4df7ff163490a1ad5ee0f51bf3e12211920f7ca11

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://social.lewin.digital/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
expect-ct: max-age=2147483648
x-permitted-cross-domain-policies: none
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
expires: Sat, 04 Jan 2025 11:09:28 GMT
date: Fri, 03 Jan 2025 11:09:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
cache-control: no-cache, private, max-age=86400, public
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
x-download-options: noopen
x-ratelimit-remaining: 119
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
cross-origin-embedder-policy: unsafe-none
access-control-allow-origin: *
content-length: 201
x-xss-protection: 1; mode=block
x-ratelimit-limit: 120
server: Apache/2.4.52 (Ubuntu)

OPTIONS
H2 200 ping
api.refiner.io/js-client/v1/f9ddd930-2b71-11ef-9a71-6701c988cce0/ Frame 0
0 114ms
40ms Preflight
application/json 54.77.63.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.refiner.io/js-client/v1/f9ddd930-2b71-11ef-9a71-6701c988cce0/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.63.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-63-179.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://social.lewin.digital
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-cache, private max-age=86400, public
content-length: 0
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
content-type: application/json
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 11:09:28 GMT
expect-ct: max-age=2147483648
expires: Sat, 04 Jan 2025 11:09:28 GMT
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.52 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 workbox-window.prod.es5-e3e4e09b.js Show response
social.lewin.digital/assets/ 6 KB
3 KB 308ms
308ms Script
application/javascript 2600:9000:26e8:4a00:9:dd7b:bf80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://social.lewin.digital/assets/workbox-window.prod.es5-e3e4e09b.js
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:4a00:9:dd7b:bf80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b375d5fd4b1911b413d4f8e556ce55dfc890a6ea5de8dca80a816119e9c4144f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://social.lewin.digital
Referer: https://social.lewin.digital/assets/index-03e430a8.js

Response headers

x-amz-cf-pop: FRA56-P10
content-encoding: gzip
etag: W/"2c862e45487ff914ff7bbf1747e55264"
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 6mBuoAobx0Pn2bSLSE29jjKZJy30kTozMrvOugcWdAB3VFLkligBqQ==
date: Fri, 03 Jan 2025 11:09:30 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Fri, 03 Jan 2025 11:01:09 GMT
x-amz-server-side-encryption: AES256

GET
H3 200 UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ 23 KB
23 KB 25ms
8ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Great+Vibes&family=Inter&family=Lato&family=Montserrat&family=Open+Sans&family=Oswald&family=Playfair+Display&family=Poppins&family=Raleway&family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://social.lewin.digital
Referer: https://fonts.googleapis.com/

Response headers

age: 157089
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 01 Jan 2026 15:31:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 01 Jan 2025 15:31:22 GMT
last-modified: Mon, 29 Jul 2024 22:45:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23692
x-xss-protection: 0
server: sffe

GET
H3 200 / Show response
client.crisp.chat/settings/website/160ed2ac-c152-4a21-8db6-1fe8d859cfb7/prelude/ 222 B
546 B 88ms
88ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/160ed2ac-c152-4a21-8db6-1fe8d859cfb7/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2025-0-3-12-9

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c3385d3a30b641633f972734728b425395ab4f03fdaacb68bb7dc54a8d148e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: MISS
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 15:09:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 03 Jan 2025 11:09:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
last-modified: Fri, 03 Jan 2025 11:09:31 GMT
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8fc2897efa709048-FRA
access-control-allow-origin: *
server: cloudflare

GET a6bbf1d1-0986-4961-bd65-6126429496dd
https://social.lewin.digital/ Frame 0
0

GET
H2 200 controller-with-preconnect-5f8fe069f0f25d457a465ae97c75bf56.html
js.stripe.com/v3/ Frame AFC9 0
0 29ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-5f8fe069f0f25d457a465ae97c75bf56.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://social.lewin.digital/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 403
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Jan 2025 11:09:31 GMT
etag: "5f8fe069f0f25d457a465ae97c75bf56"
last-modified: Mon, 23 Dec 2024 21:44:29 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 10
x-content-type-options: nosniff
x-request-id: 5f3d134f-fbb8-45f5-8f91-0eea8c8d4e06
x-served-by: cache-fra-etou8220061-FRA

GET
H2 200 realms Show response
x5x7v0gecd.execute-api.us-east-1.amazonaws.com/api/v1/ 826 B
1 KB 318ms
317ms XHR
application/json 3.167.227.96

General

Check archive.org

Show headers Download Go to

Full URL: https://x5x7v0gecd.execute-api.us-east-1.amazonaws.com/api/v1/realms
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.227.96 , United States, ASN (),
Reverse DNS: server-3-167-227-96.fra60.r.cloudfront.net
Software: /
Resource Hash: 30e886b70676194954301398d351bc8753623cde68c7bbc4f14c23b7b2ce4e00

Request headers

sentry-trace: c5acb86e93ce485689d2bfb96c6ef1c0-9889a7649201175d-1
Referer: https://social.lewin.digital/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
baggage: sentry-environment=PRODUCTION,sentry-release=44ebf9516ee07a86ecb3bd07e4f8a3d4195c5a7e,sentry-public_key=5ce4d628f05749c54a23f5bb574562ae,sentry-trace_id=c5acb86e93ce485689d2bfb96c6ef1c0,sentry-sample_rate=0.5,sentry-sampled=true

Response headers

x-amz-apigw-id: DzvI7HZ3oAMEqTw=
x-amzn-trace-id: Root=1-6777c56b-407dce3417e607bb70dc7f4a;Parent=29853ad627e7b591;Sampled=0;Lineage=1:2ddef798:0
x-amzn-requestid: 379db437-b23b-4ffa-8e8f-384ecb30d11a
via: 1.1 27331d40ce87c331f48276ef8195d14c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 826
x-amz-cf-id: _V64tFMEJrZvwA1yMihyu25Rsbd00IybgNltyOjVUEWD6ogK7v1EBg==
date: Fri, 03 Jan 2025 11:09:32 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P11
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,baggage,sentry-trace

OPTIONS
H2 200 realms
x5x7v0gecd.execute-api.us-east-1.amazonaws.com/api/v1/ Frame 0
0 313ms
284ms Preflight
application/json 3.167.227.96

General

Check archive.org

Show headers Download Go to

Full URL: https://x5x7v0gecd.execute-api.us-east-1.amazonaws.com/api/v1/realms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.227.96 , United States, ASN (),
Reverse DNS: server-3-167-227-96.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: baggage,sentry-trace
Access-Control-Request-Method: GET
Origin: https://social.lewin.digital
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,baggage,sentry-trace
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 03 Jan 2025 11:09:31 GMT
via: 1.1 27331d40ce87c331f48276ef8195d14c.cloudfront.net (CloudFront)
x-amz-apigw-id: DzvI5GcAoAMEVZQ=
x-amz-cf-id: Io-EyrJpqK22DyS5OjDKcOVwimI3jAcFJE9TDBT1TDyXGi2K5k6Nlg==
x-amz-cf-pop: FRA60-P11
x-amzn-requestid: a5d7d4c8-f0b5-4e2f-a8c4-59b772008476
x-cache: Miss from cloudfront

GET
H2 200 sdk-eRVT3CPIUXQudvX2
cdn.growthbook.io/sub/ 22 B
0 97ms
97ms EventSource
text/event-stream 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-eRVT3CPIUXQudvX2
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Cache-Control: no-cache
Referer: https://social.lewin.digital/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

cache-control: private, no-store
x-timer: S1735902571.453263,VS0,VE89
age: 8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, MISS
date: Fri, 03 Jan 2025 11:09:31 GMT
content-type: text/event-stream
x-powered-by: Express
x-served-by: cache-iad-kcgs7200093-IAD, cache-fra-etou8220073-FRA
x-cache-hits: 3, 0

GET
H/1.1 200
OK simple-agency-logo.png
marky-image-posts.s3.us-east-2.amazonaws.com/ 1 KB
2 KB 121ms
120ms Other
image/png 3.5.128.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://marky-image-posts.s3.us-east-2.amazonaws.com/simple-agency-logo.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.128.175 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: bd89f7821a9e21100af9586c1583d5d0de8dedfb047e33529236a33781d6c724

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-amz-id-2: ChDuLoOgqLE4Gaw1rE13XhrXfrwXePNjNDCRDAaVuTYgdWaPfDj8gdwAuaoGaQ2mwInNH4bP9i9jk/7XkN5F4w==
ETag: "b850528e918a33e8f0ac83c9ee26a2fb"
x-amz-request-id: NA15AQT0JWAWVV9P
Accept-Ranges: bytes
Content-Length: 1411
Date: Fri, 03 Jan 2025 11:09:32 GMT
Last-Modified: Fri, 02 Aug 2024 18:41:45 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 / Show response
client.crisp.chat/settings/website/160ed2ac-c152-4a21-8db6-1fe8d859cfb7/ 3 KB
2 KB 19ms
19ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/160ed2ac-c152-4a21-8db6-1fe8d859cfb7/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1735601785433

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24fd8db668073c1ef8bee7ea0b2a80933b0c94054de371a560d9b9b7a764b1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
age: 10117
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 15:09:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 03 Jan 2025 11:09:31 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
last-modified: Fri, 03 Jan 2025 08:20:54 GMT
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8fc28980cb899048-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 10 KB
4 KB 19ms
19ms Script
application/javascript 104.18.28.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?7cadd01

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444b58f8f0cf2c56c53fada3c5e27a87b713a0855c8b84d93caa2316604b3c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

access-control-max-age: 300
content-encoding: br
cf-cache-status: HIT
etag: W/"66759605-26a4"
age: 84264
access-control-allow-methods: HEAD, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 2035 11:09:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 03 Jan 2025 11:09:31 GMT
content-type: application/javascript
last-modified: Fri, 21 Jun 2024 15:02:29 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Content-Type, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: false
cf-ray: 8fc28980eb9a9048-FRA
access-control-allow-origin: *
server: cloudflare

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 client Show response
accounts.google.com/gsi/ 226 KB
86 KB 88ms
35ms Script
application/javascript 2a00:1450:400c:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

302221b684cb81ddba81c6dd9796d80f47cda6ca2b23773669f286ef8299d359

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-y1F-1MmCwh034eliSixkNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-y1F-1MmCwh034eliSixkNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Fri, 03 Jan 2025 11:09:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Fri, 03 Jan 2025 11:09:32 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 8ms
8ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1041962353462931&ev=PageView&dl=https%3A%2F%2Fsocial.lewin.digital%2Flogin&rl=&if=false&ts=1735902572091&sw=1600&sh=1200&v=2.9.179&r=stable&ec=1&o=12318&fbp=fb.1.1735902567637.852003169133373639&cs_est=true&ler=empty&cdl=API_unavailable&it=1735902567108&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=2, c=28, mss=1232, tbw=11973, tp=26, tpl=2, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 03 Jan 2025 11:09:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 125ms
124ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1041962353462931&ev=PageView&dl=https%3A%2F%2Fsocial.lewin.digital%2Flogin&rl=&if=false&ts=1735902572091&sw=1600&sh=1200&v=2.9.179&r=stable&ec=1&o=12318&fbp=fb.1.1735902567637.852003169133373639&cs_est=true&ler=empty&cdl=API_unavailable&it=1735902567108&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455644777898396527"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Jan 2025 11:09:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: A+UF3bfmNwXY1dUv90W+CvP+GWYxkC8vyhzhNSPyDYH5kcvO25y1zqvW9X+CF1Wzbsq2qzFW1Q9+jaWSzBpIAw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455644777898396527", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=2, c=28, mss=1232, tbw=12213, tp=29, tpl=2, uplat=116, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 10ms
10ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://social.lewin.digital
Referer: https://fonts.googleapis.com/

Response headers

age: 152216
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 01 Jan 2026 16:52:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 01 Jan 2025 16:52:39 GMT
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48444
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 8ms
7ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://social.lewin.digital
Referer: https://fonts.googleapis.com/

Response headers

age: 516567
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 28 Dec 2025 11:40:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Dec 2024 11:40:08 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK 41a590ad-88d0-4798-ad6f-398b72ea603e__response_14255758.png
marky-image-posts.s3.amazonaws.com/ 18 KB
18 KB 386ms
161ms Image
image/png 16.12.64.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marky-image-posts.s3.amazonaws.com/41a590ad-88d0-4798-ad6f-398b72ea603e__response_14255758.png?no_cache=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.12.64.52 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7adffed15ab4d26694b41dc81328ec0641dc758f5bf66511eb4e0d888ed0ed67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-amz-id-2: gRkCnGJCtMBz4Bj+6YHtBz264cR4HtjI6eniEdmgmGi0aaM5+fZ/nQV3C3oP8TmB0+LipHMNooA=
ETag: "986ecc077f2a09c5ec503ab79cdc90c6"
x-amz-request-id: GA6SJRQJJE6RS4AM
Accept-Ranges: bytes
Content-Length: 18139
Date: Fri, 03 Jan 2025 11:09:36 GMT
Last-Modified: Mon, 30 Dec 2024 12:22:35 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
720 B 125ms
124ms Ping
text/plain 104.126.37.177
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://social.lewin.digital/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 03 Jan 2025 11:09:35 GMT
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=7, origin; dur=108
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 03 Jan 2025 11:09:35 GMT
x-akamai-request-id: bcaacc7
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e75e5f7ed825d953cf2922606fab0b2870df59ca85da26663a7a9971f0eb13abf0e5d8ebedc670e893c5f9a766135e2f94c29e6720206fdd275c9511021bea27d8379248ae1a60ad272951d607a04976b4
x-origin-response-time: 108,104.126.37.141
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-250103110935A65999DE174EBD8AB85E-62E7DA961D18BEF9-00
content-length: 0
x-tt-logid: 20250103110935A65999DE174EBD8AB85E
server: nginx

GET
H/1.1 200
OK 41a590ad-88d0-4798-ad6f-398b72ea603e__response_14255758.png
marky-image-posts.s3.amazonaws.com/ 18 KB
18 KB 381ms
162ms Other
image/png 16.12.64.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://marky-image-posts.s3.amazonaws.com/41a590ad-88d0-4798-ad6f-398b72ea603e__response_14255758.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.12.64.52 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7adffed15ab4d26694b41dc81328ec0641dc758f5bf66511eb4e0d888ed0ed67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-amz-id-2: 3OswKbsozYw3ZgBvO3PgAf9wl7XZx5+NWMIy+0ey4BkxINac9yvCkY8EhmYzJfRniBrGrwAq+fs=
ETag: "986ecc077f2a09c5ec503ab79cdc90c6"
x-amz-request-id: GA6NRQX55MM5NCN4
Accept-Ranges: bytes
Content-Length: 18139
Date: Fri, 03 Jan 2025 11:09:36 GMT
Last-Modified: Mon, 30 Dec 2024 12:22:35 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 201 ping Show response
api.refiner.io/js-client/v1/f9ddd930-2b71-11ef-9a71-6701c988cce0/ 209 B
2 KB 50ms
49ms XHR
application/json 54.77.63.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.refiner.io/js-client/v1/f9ddd930-2b71-11ef-9a71-6701c988cce0/ping

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.63.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-63-179.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

06884c8c333e45723cf6f7e4df7ff163490a1ad5ee0f51bf3e12211920f7ca11

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Authorization: Bearer NmY4MDdjYjUwMDRjZmFkOWUwMzYwMzAyMTZkN2VkOWZkMGI2NDY5Yw==:MzcxYzM1OTUzY2I2YTYxNDgyYTY2MDNjMTkyMjI5ZmY2YzlhOTlmYQ==
Referer: https://social.lewin.digital/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
expect-ct: max-age=2147483648
x-permitted-cross-domain-policies: none
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
expires: Sat, 04 Jan 2025 11:09:35 GMT
date: Fri, 03 Jan 2025 11:09:35 GMT
content-type: application/json
vary: Authorization,Accept-Encoding
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
x-frame-options: sameorigin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
cache-control: no-cache, private, max-age=86400, public
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
x-download-options: noopen
x-ratelimit-remaining: 118
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
cross-origin-embedder-policy: unsafe-none
access-control-allow-origin: *
content-length: 201
x-xss-protection: 1; mode=block
x-ratelimit-limit: 120
server: Apache/2.4.52 (Ubuntu)

OPTIONS
H2 200 ping
api.refiner.io/js-client/v1/f9ddd930-2b71-11ef-9a71-6701c988cce0/ Frame 0
0 38ms
35ms Preflight
application/json 54.77.63.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.refiner.io/js-client/v1/f9ddd930-2b71-11ef-9a71-6701c988cce0/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.63.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-63-179.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://social.lewin.digital
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-cache, private max-age=86400, public
content-length: 0
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
content-type: application/json
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jan 2025 11:09:35 GMT
expect-ct: max-age=2147483648
expires: Sat, 04 Jan 2025 11:09:35 GMT
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.52 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
57 B 16ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZXC39SX45K&gtm=45je4cc1v9163503759z89183922873za200zb9183922873&_p=1735902566839&gcs=G1--&gcd=13l3l3R2l5l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=2062878962.1735902567&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1735902567&sct=1&seg=0&dl=https%3A%2F%2Fsocial.lewin.digital%2F&dt=Loading...&_s=2&tfd=8729
Requested by: Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://social.lewin.digital/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://social.lewin.digital
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:35 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
876 B 141ms
139ms Ping
text/plain 104.126.37.177
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://social.lewin.digital/

Response headers

x-cache-remote: TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 03 Jan 2025 11:09:35 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=33, inner; dur=30
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 03 Jan 2025 11:09:35 GMT
x-akamai-request-id: bc1ec68e.bcaafb5
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e7a46ba6d42284aba52b70e5c5dc4e791ea7625d8c0fec6a001b022be63beb4ed3d561e6c5b19f2b1183664839681ddfa1f5eeb98097b22bd4ed704fb96a24279239a4a49653e876eefa6c92d3b1b5a214c5bd899190dea2bed9fa18d414ba8870
x-origin-response-time: 33,23.32.16.92
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-250103110935CAB2B3A2F7743FF99A0C-5C97612E3978E14B-00
content-length: 0
x-parent-response-time: 121,104.126.37.141
x-tt-logid: 20250103110935CAB2B3A2F7743FF99A0C
server: nginx

POST
H2 429 / Show response
o4505598825136128.ingest.sentry.io/api/4506503370637312/envelope/ 198 B
292 B 27ms
13ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505598825136128.ingest.sentry.io/api/4506503370637312/envelope/?sentry_key=5ce4d628f05749c54a23f5bb574562ae&sentry_version=7&sentry_client=sentry.javascript.react%2F8.33.1

Requested by

Host: social.lewin.digital
URL: https://social.lewin.digital/assets/index-03e430a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://social.lewin.digital/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-sentry-rate-limits: 60:transaction;profile:organization:transaction_usage_exceeded
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
retry-after: 60
content-encoding: zstd
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 03 Jan 2025 11:09:36 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: nginx

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 29B6 0
0 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://social.lewin.digital/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1500985
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Jan 2025 11:09:36 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 265095
x-content-type-options: nosniff
x-request-id: ee54c865-610e-436f-adef-391a8c43e631
x-served-by: cache-fra-etou8220136-FRA

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
299 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://social.lewin.digital/

Response headers

x-request-id: 4392cc26-d1b8-48f2-9795-2a2147324caa
content-encoding: br
etag: "96f5b26d366f47393b3ff36fe7471474"
age: 1468722
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 03 Jan 2025 11:09:36 GMT
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-etou8220064-FRA
x-cache-hits: 53136
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 127
server: Fastly

GET
H2 200 sdk-eRVT3CPIUXQudvX2
cdn.growthbook.io/sub/ 22 B
0 9ms
9ms EventSource
text/event-stream 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-eRVT3CPIUXQudvX2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Cache-Control: no-cache
Referer: https://social.lewin.digital/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

cache-control: private, no-store
x-timer: S1735902579.259323,VS0,VE1
age: 16
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT
date: Fri, 03 Jan 2025 11:09:39 GMT
content-type: text/event-stream
x-powered-by: Express
x-served-by: cache-iad-kcgs7200093-IAD, cache-fra-etou8220073-FRA
x-cache-hits: 3, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: social.lewin.digital
URL: blob:https://social.lewin.digital/1dcbb6f6-610e-4286-979a-0670aeff7d89

Domain: social.lewin.digital
URL: blob:https://social.lewin.digital/a6bbf1d1-0986-4961-bd65-6126429496dd

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lewin.digital/	1970-01-21 04:21:18	Name: _gcl_au Value: 1.1.1740695327.1735902567
.tiktok.com/	1970-01-21 11:33:18	Name: _ttp Value: 2r7GBk70s1zq62VM5VcQYduLOdZ
.lewin.digital/	1970-01-21 11:47:42	Name: _ga Value: GA1.1.2062878962.1735902567
.lewin.digital/	1970-01-21 11:33:18	Name: _tt_enable_cookie Value: 1
.lewin.digital/	1970-01-21 11:33:18	Name: _ttp Value: MQ8Gij5D58VfGcTjITGwO1X61XQ.tt.1
.lewin.digital/	1970-01-21 04:21:18	Name: _fbp Value: fb.1.1735902567637.852003169133373639
.lewin.digital/	1970-01-21 06:34:30	Name: crisp-client%2Fsession%2F160ed2ac-c152-4a21-8db6-1fe8d859cfb7 Value: session_e56681e3-adb4-4d2f-b662-3b959773bf37
.lewin.digital/	1970-01-21 11:47:42	Name: _ga_ZXC39SX45K Value: GS1.1.1735902567.1.1.1735902575.52.0.0
m.stripe.com/	1970-01-21 11:47:42	Name: m Value: d9b980a3-927f-4310-93eb-05f9d0da9f65ed76e4
.social.lewin.digital/	1970-01-21 10:57:18	Name: __stripe_mid Value: 101243f4-6125-4924-9332-1377435b2f5a1e7d11
.social.lewin.digital/	1970-01-21 02:11:44	Name: __stripe_sid Value: 64ce7478-1bfc-45ed-9084-5a7fb374fa9b81c08c

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://social.lewin.digital/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://o4505598825136128.ingest.sentry.io/api/4506503370637312/envelope/?sentry_key=5ce4d628f05749c54a23f5bb574562ae&sentry_version=7&sentry_client=sentry.javascript.react%2F8.33.1 Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.tiktok.com
api.refiner.io
cdn.firstpromoter.com
cdn.growthbook.io
cdn.lr-intake.com
client.crisp.chat
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.refiner.io
js.stripe.com
marky-image-posts.s3.amazonaws.com
marky-image-posts.s3.us-east-2.amazonaws.com
o4505598825136128.ingest.sentry.io
region1.analytics.google.com
social.lewin.digital
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
x5x7v0gecd.execute-api.us-east-1.amazonaws.com
social.lewin.digital
104.126.37.177
104.18.28.104
142.250.185.227
142.250.185.99
142.250.186.36
151.101.129.91
151.101.64.176
157.240.0.35
157.240.0.6
16.12.64.52
172.67.135.7
2001:4860:4802:34::36
2600:9000:2240:600:1e:b6b6:9ac0:93a1
2600:9000:2251:1400:1e:14d2:6dc0:93a1
2600:9000:2251:400:1e:14d2:6dc0:93a1
2600:9000:26e8:4a00:9:dd7b:bf80:93a1
2a00:1450:4001:801::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c00::54
2a00:1450:400c:c0b::9c
3.167.227.96
3.5.128.175
34.120.195.249
54.77.63.179
06884c8c333e45723cf6f7e4df7ff163490a1ad5ee0f51bf3e12211920f7ca11
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0b940f5bcce4457cf5ba264544a2d709280a6d9f0ae603910acb32f5170a6daf
0c2d556fb00bb27b0d0ad38d5daa1f0a46f550c0376a9d9a4ec8a0713acb5bc1
1c3385d3a30b641633f972734728b425395ab4f03fdaacb68bb7dc54a8d148e6
1c3a94721a6f632c4e652a6476dc6bc9ed8970d11c70a591caeab39153833d06
24fd8db668073c1ef8bee7ea0b2a80933b0c94054de371a560d9b9b7a764b1c5
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2be80a0e4cf0a6dab670848de97975cc63dd706ef98e5acbcf6ceb5a11e12d6f
302221b684cb81ddba81c6dd9796d80f47cda6ca2b23773669f286ef8299d359
30e886b70676194954301398d351bc8753623cde68c7bbc4f14c23b7b2ce4e00
347107357db4ff16b73a3d90e5ea6228d107c6b9c28c6318893da8c1b30a8055
3d7f1fc0e96aa5fb53677956d358984910da0b4fd7884a6f76c49974c7cd8053
3e351c8f6cc082a8bbde344256622333ff121d65804237f0644c715206c69f53
428fefa036de5a227b40945c94be22b37a89516bc6b8a5c0dd09b88e17fd9ddf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444b58f8f0cf2c56c53fada3c5e27a87b713a0855c8b84d93caa2316604b3c07
49eb91ccb014544e86ffd670d8f1f1c2048d59e663c41655ad02651b0a1e302f
4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3
5a64a0ec112eb4f19a3ca3262de932b1b1d1c488405d45617985aba3589a4719
5d8f6c0b9507aa07382bef64fd665e63b71d6a32e4ecdce0b711a1bee947c690
7adffed15ab4d26694b41dc81328ec0641dc758f5bf66511eb4e0d888ed0ed67
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9587ee57917976740505a97eee5a30c79d020185a3561d41a424d50ae64c6c98
98292ab3833d7faf164e5b6191f869789770c39e7c4d3f7383c1f2462dc200f1
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9e5521f0454c60416956e77e484896ad6a6390f4106bc3c10a1e790a85783c89
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ada5faeab0ddad466623705895d4a8eb5432921c44c95534962f5a9db861da3a
b375d5fd4b1911b413d4f8e556ce55dfc890a6ea5de8dca80a816119e9c4144f
ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bd89f7821a9e21100af9586c1583d5d0de8dedfb047e33529236a33781d6c724
bf56cf73d4c82f5b90ad08504d2129453409fe987646b40b00f42eab36989eea
c4ea85d984b3a54471a31b849568ea4bfcc3f3523e98318cf70f3119ad4fc222
cde2081451e2cbed947ccc4aebcd294d7a96224084e26a167fabb67fd0d55917
dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1b972f7325bdcf8f463917500aa7665c7a73b93fa7a60d7e57accea616ce7f
ed47babcdfca4f506a15afce02631af2cc3e9335558090ea9d5328bd5d5bc7af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

social.lewin.digital Open in urlscan Pro 2600:9000:26e8:4a00:9:dd7b:bf80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

38 %IPv6

18 Domains

23 Subdomains

25 IPs

5 Countries

4010 kBTransfer

13136 kBSize

11 Cookies

0 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

social.lewin.digital Open in urlscan Pro
2600:9000:26e8:4a00:9:dd7b:bf80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

38 %
IPv6

18
Domains

23
Subdomains

25
IPs

5
Countries

4010 kB
Transfer

13136 kB
Size

11
Cookies

64 HTTP transactions
3 data transactions