www.lftrading.magix.net Open in urlscan Pro
195.214.216.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.lftrading.magix.net/
Submission: On January 14 via api (January 14th 2024, 12:14:07 am UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 18 HTTP transactions. The main IP is 195.214.216.139, located in Germany and belongs to GTT-BACKBONE GTT, US. The main domain is www.lftrading.magix.net.

This is the only time www.lftrading.magix.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	195.214.216.139 195.214.216.139	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	209.97.172.199 209.97.172.199	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	2a02:26f0:210... 2a02:26f0:2100::215:6d50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:20:... 2606:4700:20::681a:d36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:55c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::6812:2aef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	51.89.225.143 51.89.225.143	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3033::ac43:d18f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	11

4 195.214.216.139 (Germany)

ASN3257 (GTT-BACKBONE GTT, US)
PTR: www.magix-photos.com

www.lftrading.magix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.97.172.199 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: agea.com

www.agea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:2100::215:6d50 (Munich, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:d36 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.time.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:55c2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.compteur-visite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2aef (United States)

ASN13335 (CLOUDFLARENET, US)

fxrates.forexpros.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.225.143 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)

www.rcpm.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d18f (United States)

ASN13335 (CLOUDFLARENET, US)

static.compteur-visite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	magix.net www.lftrading.magix.net	14 KB
3	time.is widget.time.is — Cisco Umbrella Rank: 131508	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	2 KB
2	rcpm.ovh 1 redirects www.rcpm.ovh	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	87 KB
2	compteur-visite.com www.compteur-visite.com static.compteur-visite.com	5 KB
2	adobe.com 1 redirects www.adobe.com — Cisco Umbrella Rank: 1812	2 KB
2	agea.com 1 redirects www.agea.com	100 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	32 KB
1	forexpros.fr fxrates.forexpros.fr
18	10

	Domain	Requested by
4	www.lftrading.magix.net	www.lftrading.magix.net client
3	widget.time.is	www.lftrading.magix.net widget.time.is
2	www.facebook.com	connect.facebook.net
2	www.rcpm.ovh	1 redirects www.lftrading.magix.net
2	connect.facebook.net	www.lftrading.magix.net connect.facebook.net
2	www.adobe.com	1 redirects www.lftrading.magix.net
2	www.agea.com	1 redirects www.lftrading.magix.net
1	static.compteur-visite.com
1	ajax.googleapis.com	www.compteur-visite.com
1	fxrates.forexpros.fr	www.lftrading.magix.net
1	www.compteur-visite.com	www.lftrading.magix.net
18	11

This site contains links to these domains. Also see Links.

Domain
www.adobe.com
time.is
www.forexticket.fr
www.agea.com
my.roboforex.com
emploi.educarriere.ci
www.forexpros.fr

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-23` - `2024-01-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://www.lftrading.magix.net/
Frame ID: AC05FC9949A36DEDAD56E656D98DC18D
Requests: 15 HTTP requests in this frame

Frame: http://fxrates.forexpros.fr/index.php?pairs_ids=1;3;2;4;7;9;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change_in_percents=hide&last_update=hide
Frame ID: 50808D13C7060D5F296D7FCED598888D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29429206567e4c%26domain%3Dwww.lftrading.magix.net%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.lftrading.magix.net%252Ff16ee5c1a013cc%26relation%3Dparent.parent&container_width=150&font=verdana&href=http%3A%2F%2Fwww.lftrading.magix.net%2F&layout=box_count&locale=fr_FR&sdk=joey&send=true&show_faces=true&width=450
Frame ID: 7802805A66D8708E7F54AA0838B342A2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13f16dc9e97de4%26domain%3Dwww.lftrading.magix.net%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.lftrading.magix.net%252Ff16ee5c1a013cc%26relation%3Dparent.parent&container_width=527&font=verdana&href=http%3A%2F%2Fwww.lftrading.magix.net%2F&layout=box_count&locale=fr_FR&sdk=joey&send=true&show_faces=true&width=450
Frame ID: A91B1B2604C6BB7F2BE8C96C1E507DB2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Informations et investissement forex

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

22 %
HTTPS

73 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

150 kB
Transfer

442 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.adobe.com/go/getflashplayer

Search URL Search Domain Scan URL

URL: http://time.is/Abidjan

Search URL Search Domain Scan URL

URL: http://www.forexticket.fr/fr/forex/eurusd
Title: Informations Forex

Search URL Search Domain Scan URL

URL: http://www.agea.com/?gid=49902
Title: AGEA

Search URL Search Domain Scan URL

URL: https://my.roboforex.com/en/register/?a=ubn
Title: ROBOFOREX

Search URL Search Domain Scan URL

URL: http://emploi.educarriere.ci/index.php?page=offres
Title: Offre d'emploi

Search URL Search Domain Scan URL

URL: http://www.forexpros.fr/
Title: Forex

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.agea.com/?gid=49902.css HTTP 302
https://www.agea.com/

Request Chain 2

http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif HTTP 301
https://www.adobe.com/images/shared/download_buttons/get_flash_player.gif

Request Chain 7

http://connect.facebook.net/fr_FR/all.js HTTP 307
https://connect.facebook.net/fr_FR/all.js

Request Chain 11

http://www.rcpm.ovh/public/getReseauWebmaster.php?idSite=23&sid=91788 HTTP 302
http://www.rcpm.ovh/public/getReseauWebmaster.php?idSite=23&sid=91788&forceudid=1

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.lftrading.magix.net/ 10 KB
5 KB 161ms
78ms Document
text/html 195.214.216.139
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.lftrading.magix.net/
Protocol: HTTP/1.1
Server: 195.214.216.139 , Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS: www.magix-photos.com
Software: nginx /
Resource Hash: a8499aa13179e7a5322aa72c75af032d79fb4616d39ef5916c100b5b0561d172

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 14 Jan 2024 00:14:01 GMT
Last-Modified: Wed, 17 Apr 2013 23:45:40 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1

200
OK

/
www.agea.com/
Redirect Chain

http://www.agea.com/?gid=49902.css
https://www.agea.com/

0
0

861ms
287ms

Stylesheet
text/html

209.97.172.199
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.agea.com/
Requested by: Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/
Protocol: HTTP/1.1
Server: 209.97.172.199 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: agea.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

Location: https://www.agea.com
Content-Length: 158
Content-Type: text/html

GET
H/1.1 200
OK swfobject_modified.js Show response
www.lftrading.magix.net/Scripts/ 21 KB
7 KB 79ms
79ms Script
application/x-javascript 195.214.216.139
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.lftrading.magix.net/Scripts/swfobject_modified.js
Requested by: Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/
Protocol: HTTP/1.1
Server: 195.214.216.139 , Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS: www.magix-photos.com
Software: nginx /
Resource Hash: c10a5edd40ac49a8ab7c1c485da5b7c29eda00772e7ed4849d094d56201ef2e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 00:14:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Apr 2013 17:17:50 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive

GET
H2

200

get_flash_player.gif
www.adobe.com/images/shared/download_buttons/
Redirect Chain

http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif
https://www.adobe.com/images/shared/download_buttons/get_flash_player.gif

2 KB
2 KB

73ms
21ms

Image
image/gif

2a02:26f0:2100::215:6d50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adobe.com/images/shared/download_buttons/get_flash_player.gif

Requested by

Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/

Protocol

Server

2a02:26f0:2100::215:6d50 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

b26af9f56cff4a8ea0a3c06eaa442962ac51317bec73931122df1d9c95f6388b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-x-true-ttl: -1, 900
date: Sun, 14 Jan 2024 00:14:01 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
x-adobe-source: 128.17
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705191241205_34958668_183420722_30_8166_12_33_182";dur=1
alt-svc: h3=":443"; ma=93600
content-length: 1720
x-adobe-cache: MISS
last-modified: Tue, 29 Nov 2016 07:30:56 GMT
server: Apache
x-adobe-loc: ew1
content-type: image/gif
cache-control: max-age=324
accept-ranges: bytes
expires: Sun, 14 Jan 2024 00:19:25 GMT

Redirect headers

Location: https://www.adobe.com/images/shared/download_buttons/get_flash_player.gif
Akamai-X-True-TTL: -1
Date: Sun, 14 Jan 2024 00:14:01 GMT
Server: AkamaiGHost
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705191241164_34958668_183420710_12_8145_10_0_-";dur=1
Content-Length: 0

GET
H/1.1 200
OK t.js Show response
widget.time.is/ 2 KB
2 KB 39ms
20ms Script
application/javascript 2606:4700:20::681a:d36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.time.is/t.js
Requested by: Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d06b84aed185ec658d4eede7823fd6ca89a9ca4f0d1b94c4d60584161797d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 00:14:01 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4038023
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2016 13:29:14 GMT
Server: cloudflare
ETag: W/"583599aa-9a8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOudAtraNNcwWGOsZ9f9LZbmF%2FfrYpNiuZ6ejXh6DOgTCig6hCtpZP7ekSeah%2Fv4gSpPRGoBy5jh5fmcbpIE64NBdHo7MS2ciUx%2Fko%2BfG7WRr3W4hnGGNG8B2SkHwFS661SJiSlJe1CKQDUp"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=7776000
CF-RAY: 8451ad293ea037fe-FRA
Expires: Mon, 26 Feb 2024 06:33:38 GMT

GET
H/1.1 200
OK stylesheet.css
www.lftrading.magix.net/ 4 KB
1 KB 70ms
45ms Stylesheet
text/css 195.214.216.139
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.lftrading.magix.net/stylesheet.css
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Server: 195.214.216.139 , Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS: www.magix-photos.com
Software: nginx /
Resource Hash: e7a984ea06085edc805abda361ed202cbb90c776991ae3d24e26121e12efb340

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 00:14:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Apr 2013 23:45:47 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK / Show response
widget.time.is/ 68 B
762 B 195ms
194ms Script
application/javascript 2606:4700:20::681a:d36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.time.is/?Abidjan_z000&t=1705191242478
Requested by: Host: widget.time.is
URL: http://widget.time.is/t.js
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89e281a2d2d9b48c12757935ea1af9b1d5c48212fa48797f6975dfb2cf307ffb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Jan 2024 00:14:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuT7ur3jdaGc4wB792ags8wH35kDbcz3bg3ktNMP7q1TgLKKB3kaL1PYE4TG8qynQa4X0RiIE7DlEPpFjAlKoMDQse4UNnSRC%2BmSvhJye2iwzIYLuHXz%2FpXjguVGiNOgI46To2NMYnS1OOTN"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-control: no-cache
Connection: keep-alive
CF-RAY: 8451ad318cc137fe-FRA
Expires: Sun, 14 Jan 2024 00:14:02 +0000

GET
H/1.1 200
OK service.php Show response
www.compteur-visite.com/ 4 KB
2 KB 154ms
99ms Script
text/html 2606:4700:3033::6815:55c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.compteur-visite.com/service.php?v=1.1&id=91788&k=e61abc1326c32cb9884968faad4e9e03&c=
Requested by: Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:55c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42530c7c76dd6ffb0182f3445239a8c2656edcb3c2e53765a068058a7e81dd04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Jan 2024 00:14:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Host,Accept-Encoding
Content-Type: text/html;charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B68vtcPukJvZrtSSSH%2B%2F2PQegMNChBOwM1Bruxrvmb8%2BaQBvWZzbAwAj6EVfYw1I%2BWvltySFjcKy04c37ldM8UpqB%2BuH84jjy78TuoMyeyX4eZOwZhVoGSxwHaFp%2BBfD8oGanCjF9EiStcoluM%2FgX3p9VwTgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 8451ad31eb446eb3-CDG
alt-svc: h3=":443"; ma=86400
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

all.js Show response
connect.facebook.net/fr_FR/
Redirect Chain

http://connect.facebook.net/fr_FR/all.js
https://connect.facebook.net/fr_FR/all.js

3 KB
3 KB

61ms
19ms

Script
application/x-javascript

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/all.js

Requested by

Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/

Protocol

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4a05f1d113c8fe8500ad16fbc6ec4979386361f9dd3c2114718e13bf33319ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 00:14:02 GMT
content-md5: fjL1b5pKne/BmxXiPFfjdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: UhB2KG++ZBiqmJjKnMppw6HZSdJCo8kNSuVSfQlHKq+rqNwjo6oAI5ua3WtBBhzMnMg1xPIJ4yAIzeDYSp68MA==
x-fb-content-md5: 857a1851c089d640613c02083556ce21
cross-origin-opener-policy: same-origin-allow-popups
etag: "d9ad75d7d9eb5b0502d77da8eb9259d2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 14 Jan 2024 00:28:20 GMT

Redirect headers

Location: https://connect.facebook.net/fr_FR/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 409
Conflict index.php
fxrates.forexpros.fr/ Frame 5080 0
0 85ms
23ms Document
text/html 2606:4700:4400::6812:2aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://fxrates.forexpros.fr/index.php?pairs_ids=1;3;2;4;7;9;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change_in_percents=hide&last_update=hide

Requested by

Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/

Protocol

HTTP/1.1

Server

2606:4700:4400::6812:2aef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.lftrading.magix.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-RAY: 8451ad31ee5665b1-FRA
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 6131
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Jan 2024 00:14:02 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy: same-origin
Server: cloudflare
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK bg.jpg
www.lftrading.magix.net/images/ 423 B
633 B 70ms
70ms Image
image/jpeg 195.214.216.139
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.lftrading.magix.net/images/bg.jpg
Requested by: Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/stylesheet.css
Protocol: HTTP/1.1
Server: 195.214.216.139 , Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS: www.magix-photos.com
Software: nginx /
Resource Hash: b0759150126c6464bf82b820e4425aa28746cd655ed211090f3edc5f3c9ec966

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/stylesheet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 00:14:02 GMT
Last-Modified: Sat, 06 Apr 2013 20:13:26 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 423
Content-Type: image/jpeg

GET
H3 200 all.js Show response
connect.facebook.net/fr_FR/ 299 KB
85 KB 44ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/all.js?hash=8dd1769a7dab6d04a5be9a86ac65f458

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/fr_FR/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

278c49014d9ccc9d4ba5702039523d60e6951be18a7822fa58f2a1c4f5837ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.lftrading.magix.net/
Origin: http://www.lftrading.magix.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 00:14:02 GMT
content-md5: eSLatlg5kwe8kvKjtwfXIQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86427
reporting-endpoints
x-fb-debug: 3kdaxYcRe1BgYKncXEng+Y508Ecyfpevart+SdYMsfpY+YvKOXm+QbQdba4pK1nUBjhM4sO31ETxJrTfj4NgWQ==
x-fb-content-md5: cdf18228a67732fde92c3e18b3f04045
cross-origin-opener-policy: same-origin-allow-popups
etag: "cf39ad7883e8fd97482ec39446f47df7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 12 Jan 2025 23:47:31 GMT

GET
H/1.1

200
OK

getReseauWebmaster.php Show response
www.rcpm.ovh/public/
Redirect Chain

http://www.rcpm.ovh/public/getReseauWebmaster.php?idSite=23&sid=91788
http://www.rcpm.ovh/public/getReseauWebmaster.php?idSite=23&sid=91788&forceudid=1

4 KB
4 KB

52ms
52ms

Script
text/javascript

51.89.225.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.rcpm.ovh/public/getReseauWebmaster.php?idSite=23&sid=91788&forceudid=1
Requested by: Host: www.lftrading.magix.net
URL: http://www.lftrading.magix.net/
Protocol: HTTP/1.1
Server: 51.89.225.143 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: b38c1613f29982c7dee874834fe44694bfc1ab88f8f8653504b62b7c49dc0444

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 00:14:02 GMT
Server: Apache/2.4.25 (Debian)
Vary: Host
Content-Type: text/javascript; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 3793

Redirect headers

Date: Sun, 14 Jan 2024 00:14:02 GMT
Server: Apache/2.4.25 (Debian)
Vary: Host
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: /public/getReseauWebmaster.php?idSite=23&sid=91788&forceudid=1
Content-Type: text/javascript; charset=utf-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ 89 KB
32 KB 145ms
16ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: www.compteur-visite.com
URL: http://www.compteur-visite.com/service.php?v=1.1&id=91788&k=e61abc1326c32cb9884968faad4e9e03&c=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 16:32:16 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 7802 0
2 KB 80ms
40ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29429206567e4c%26domain%3Dwww.lftrading.magix.net%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.lftrading.magix.net%252Ff16ee5c1a013cc%26relation%3Dparent.parent&container_width=150&font=verdana&href=http%3A%2F%2Fwww.lftrading.magix.net%2F&layout=box_count&locale=fr_FR&sdk=joey&send=true&show_faces=true&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js?hash=8dd1769a7dab6d04a5be9a86ac65f458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lftrading.magix.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 14 Jan 2024 00:14:02 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: kokckVDnLMIYzPsffCsyRVn/CPrYrRj7YcqzYRoZDZE5sTUS8haMVY7hMSNBZTrRgBQT6/mH4TQEb0E2YGX+kw==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame A91B 0
119 B 80ms
41ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13f16dc9e97de4%26domain%3Dwww.lftrading.magix.net%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.lftrading.magix.net%252Ff16ee5c1a013cc%26relation%3Dparent.parent&container_width=527&font=verdana&href=http%3A%2F%2Fwww.lftrading.magix.net%2F&layout=box_count&locale=fr_FR&sdk=joey&send=true&show_faces=true&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js?hash=8dd1769a7dab6d04a5be9a86ac65f458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.lftrading.magix.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 14 Jan 2024 00:14:02 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: XR5kMJWDEjwWBb9RXoGZi9874BDuS9H7ZubyKOaKhXDVm59DPWXn8xVaZMnTWKls90I0KAiGXEkffz2MKu9xjQ==
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
widget.time.is/r/ 1 B
728 B 110ms
108ms Script
text/html 2606:4700:20::681a:d36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.time.is/r/?.w0.h11.
Requested by: Host: widget.time.is
URL: http://widget.time.is/t.js
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:d36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 00:14:03 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Wed, 23 Nov 2016 10:23:52 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQyLD3%2B94Vv42uLY7inaAsnbr%2FsXsh5pLBeyF6A1ST907aXCCiGTx%2BgsL68ac3UZo8aW70dwnvM95gQVUDd6I7Ls4%2FFAINkJKJ8cekVbyzQ10gjqNgRwjBtPeXZU6c1NvThE0m9%2F6jGizDbf"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: max-age=7776000
Connection: keep-alive
CF-RAY: 8451ad349f7c37fe-FRA
Expires: Sat, 13 Apr 2024 00:14:03 GMT

GET
H/1.1 200
OK img.php
static.compteur-visite.com/ 2 KB
3 KB 114ms
69ms Image
image/png 2606:4700:3033::ac43:d18f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.compteur-visite.com/img.php?service=servicewb_compteur&type=both&style=31328&length=4&value=1234&value_live=1&
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d18f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be3145c28f5051ae480af1868a2d6e133681b604a6eb968ca4d08c7db99a9f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.lftrading.magix.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Jan 2024 00:14:03 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Host
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e30%2F3O8hu6oUwK32wMxYiO1qOTyxfMZID2IsU72OGd53tG%2F8SR2Iszz177%2Fwndd1YurJXAaHW2iTxAj%2Fk%2BJB8Z%2FCv0Lq8C21AyRdqz%2BQE0qnSdfjvmJwU6b5pV%2BsZwz%2BqHRo9E6sB9NvcQ%2FaxpnOLTbsM7UCCWi4kg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 8451ad350ca1040b-CDG
alt-svc: h3=":443"; ma=86400
Content-Length: 2398
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.lftrading.magix.net/	1970-01-20 17:41:17	Name: servicewb[91788] Value: 1705191243
.wargaming.net/	1970-01-20 18:23:03	Name: STIDREFERRAL Value: SIDS7KEgOojAEmqt4jXAGnY63PeHF2kCbeMVk_s-6IghHJ0XS4qb1YfHty9-2PrQ_BdzOcXzy6ErcsWnxMg5T4-nJzARw_Cegh355bv-p1xAJ_wT4iqVpe_1USchrBEKZmL9Hjqd8CMpDhwFg
.wargaming.net/	1970-01-20 18:23:03	Name: enctid Value: cydzujfiriu5
.wargaming.net/	1970-01-21 03:15:51	Name: teclient Value: 1705191244575137014
.worldoftanks.eu/	1970-01-20 17:41:17	Name: _uetsid Value: d3de6a00b27111ee8ae1635bc9c44ea0
.worldoftanks.eu/	1970-01-21 03:01:27	Name: _uetvid Value: d3de7810b27111ee9c41c3de67a016cb
.doubleclick.net/	1970-01-21 03:01:27	Name: IDE Value: AHWqTUkeBQjMG8fHu5e8mNPOakPA9H9rSeiC3ikiTy9wSeYXAAth_SPunjDGciLmHdA
.join.worldoftanks.eu/	1970-01-20 21:59:03	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Jan+14+2024+01%3A14%3A05+GMT%2B0100+(Central+European+Standard+Time)&version=202301.1.0&isIABGlobal=false&hosts=&consentId=e18b6845-d4fd-480d-a1ab-c0adee3dc729&interactionCount=0&landingPath=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fde%2F%3Fpub_id%3D1440775%26xid%3D170519124310000TDETV413651817384Vac%26sid%3DSIDS7KEgOojAEmqt4jXAGnY63PeHF2kCbeMVk_s-6IghHJ0XS4qb1YfHty9-2PrQ_BdzOcXzy6ErcsWnxMg5T4-nJzARw_Cegh355bv-p1xAJ_wT4iqVpe_1USchrBEKZmL9Hjqd8CMpDhwFg%26enctid%3Dcydzujfiriu5%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1705191244575137014%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dc7pffjar%26utm_content%3D1440775&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0%2CC0005%3A0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 409 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'http://fxrates.forexpros.fr/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
fxrates.forexpros.fr
static.compteur-visite.com
widget.time.is
www.adobe.com
www.agea.com
www.compteur-visite.com
www.facebook.com
www.lftrading.magix.net
www.rcpm.ovh
195.214.216.139
209.97.172.199
2606:4700:20::681a:d36
2606:4700:3033::6815:55c2
2606:4700:3033::ac43:d18f
2606:4700:4400::6812:2aef
2a00:1450:4001:80f::200a
2a02:26f0:2100::215:6d50
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
51.89.225.143
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03d06b84aed185ec658d4eede7823fd6ca89a9ca4f0d1b94c4d60584161797d1
278c49014d9ccc9d4ba5702039523d60e6951be18a7822fa58f2a1c4f5837ca2
42530c7c76dd6ffb0182f3445239a8c2656edcb3c2e53765a068058a7e81dd04
89e281a2d2d9b48c12757935ea1af9b1d5c48212fa48797f6975dfb2cf307ffb
a8499aa13179e7a5322aa72c75af032d79fb4616d39ef5916c100b5b0561d172
b0759150126c6464bf82b820e4425aa28746cd655ed211090f3edc5f3c9ec966
b26af9f56cff4a8ea0a3c06eaa442962ac51317bec73931122df1d9c95f6388b
b38c1613f29982c7dee874834fe44694bfc1ab88f8f8653504b62b7c49dc0444
be3145c28f5051ae480af1868a2d6e133681b604a6eb968ca4d08c7db99a9f52
c10a5edd40ac49a8ab7c1c485da5b7c29eda00772e7ed4849d094d56201ef2e4
c4a05f1d113c8fe8500ad16fbc6ec4979386361f9dd3c2114718e13bf33319ef
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a984ea06085edc805abda361ed202cbb90c776991ae3d24e26121e12efb340

www.lftrading.magix.net Open in urlscan Pro 195.214.216.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

22 %HTTPS

73 %IPv6

10 Domains

11 Subdomains

11 IPs

4 Countries

150 kBTransfer

442 kBSize

8 Cookies

7 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

8 Cookies

2 Console Messages

Indicators

www.lftrading.magix.net Open in urlscan Pro
195.214.216.139 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

22 %
HTTPS

73 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

150 kB
Transfer

442 kB
Size

8
Cookies

18 HTTP transactions
0 data transactions