urlscan.io logo urlscan.io
SecurityTrails logo

www.express.de Open in urlscan Pro
104.111.250.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://express.de/
Effective URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmV...
Submission: On April 10 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 45 HTTP transactions. The main IP is 104.111.250.159, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.express.de.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 12th 2020. Valid for: a year.
This is the only time www.express.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.190.48.80 15169 (GOOGLE)
18 104.111.250.159 16625 (AKAMAI-AS)
3 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 91.215.100.39 43407 (INFONLINE-AS)
7 54.192.210.32 16509 (AMAZON-02)
1 2 91.215.103.65 43407 (INFONLINE-AS)
2 52.208.139.62 16509 (AMAZON-02)
1 52.212.101.97 16509 (AMAZON-02)
2 15.237.76.117 16509 (AMAZON-02)
1 1 34.253.145.149 16509 (AMAZON-02)
1 18.203.205.32 16509 (AMAZON-02)
45 10
1    35.190.48.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.48.190.35.bc.googleusercontent.com
express.de
18    104.111.250.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-159.deploy.static.akamaitechnologies.com
www.express.de
3    2a02:26f0:7100:491::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de
script.ioam.de
7    54.192.210.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-210-32.ham50.r.cloudfront.net
consent2.express.de
2    91.215.103.65 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de
de.ioam.de
2    52.208.139.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-139-62.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.212.101.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
dumontnet.demdex.net
2    15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
dumontnet.d3.sc.omtrdc.net
1    34.253.145.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-145-149.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    18.203.205.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-205-32.eu-west-1.compute.amazonaws.com
dumontnet.tt.omtrdc.net
Domain Requested by
18 www.express.de www.express.de
consent2.express.de
7 consent2.express.de www.express.de
consent2.express.de
3 assets.adobedtm.com www.express.de
assets.adobedtm.com
2 dumontnet.d3.sc.omtrdc.net assets.adobedtm.com
2 dpm.demdex.net assets.adobedtm.com
2 de.ioam.de 1 redirects www.express.de
1 dumontnet.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 dumontnet.demdex.net assets.adobedtm.com
1 script.ioam.de www.express.de
1 express.de 1 redirects
0 widgets.outbrain.com Failed www.express.de
0 cdn.stroeerdigitalgroup.de Failed www.express.de
0 track.express.de Failed www.express.de
0 trmads.eu Failed www.express.de
0 code.jquery.com Failed www.express.de
45 16

This site contains links to these domains. Also see Links.

Domain
dumont-newsnet.de
epages.express.de
service-express.dumont.de
Subject Issuer Validity Valid
www.dumontnet.de
DigiCert SHA2 Secure Server CA		 2020-12-12 -
2021-12-16		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-09-30		 9 months crt.sh
*.ioam.de
Thawte TLS RSA CA G1		 2019-09-18 -
2021-12-17		 2 years crt.sh
amp-consent.dumont.de
R3		 2021-03-11 -
2021-06-09		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA		 2020-11-02 -
2021-11-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Frame ID: 5798D1B08E359007871B572F909C8F56
Requests: 38 HTTP requests in this frame

Frame: https://dumontnet.demdex.net/dest5.html?d_nsid=0
Frame ID: BD4644DD74F2DB058EEA5F6CB066903A
Requests: 1 HTTP requests in this frame

Frame: https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
Frame ID: 4D478A420DEBC61430DF89102CF7F227
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Express.de - Aktuelle Nachrichten aus Köln, der Welt sowie Neues vom Sport und der Welt der Promis.

Page URL History Show full URLs

  1. http://express.de/ HTTP 301
    https://www.express.de/ Page URL
  2. https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Page Statistics

45
Requests

80 %
HTTPS

9 %
IPv6

10
Domains

16
Subdomains

10
IPs

4
Countries

513 kB
Transfer

1802 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://express.de/ HTTP 301
    https://www.express.de/ Page URL
  2. https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://express.de/ HTTP 301
  • https://www.express.de/
Request Chain 28
  • https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=0100000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2F&ur=www.express.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0013&i2=0013f2c4df40d64b6607122b3&ep=1643972299&vr=423&id=qn28vx&i3=nocookie&n1=2&dntt=0&lt=1618027187826&ev=&cs=87tgu&mo=1 HTTP 302
  • https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=0100000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2F&ur=www.express.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0013&i2=0013f2c4df40d64b6607122b3&ep=1643972299&vr=423&id=qn28vx&i3=nocookie&n1=2&dntt=0&lt=1618027187826&ev=&cs=87tgu&mo=1&sr=71
Request Chain 36
  • https://cm.everesttech.net/cm/dd?d_uuid=19861662251870639382735483042910668810 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YHEitAAAAHDmnCkN

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.express.de/
Redirect Chain
  • http://express.de/
  • https://www.express.de/
238 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.express.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
389a4390062ab10aa22272950a23727122bef2928a3056cc1d22cd8fd991a057
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src data: https: wss: blob: 'unsafe-inline' 'unsafe-eval';

Request headers

:method
GET
:authority
www.express.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
Apache
content-security-policy
block-all-mixed-content; default-src data: https: wss: blob: 'unsafe-inline' 'unsafe-eval';
x-dmncm8pur
false
x-document-type
channel
x-dmncm8page
1
content-type
text/html;charset=UTF-8
content-language
en-US
content-encoding
gzip
cneonction
close
content-length
40694
cache-control
max-age=47
date
Sat, 10 Apr 2021 03:59:47 GMT
vary
Accept-Encoding
x-pur-abo-validation
token_failure

Redirect headers

Server
shield
Date
Sat, 10 Apr 2021 03:59:47 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
231
Location
https://www.express.de/
Set-Cookie
NSC_eno_xxx.cfub.ltub.ef=ffffffffda4d4d2345525d5f4f58455e445a4a423660;path=/;httponly
X-Shield-Request-Id
b334f48669c2bc8cfb05a7636aef50ee
Via
1.1 google
dmn-head-start.js
www.express.de/assets/1615890996/KZ/common/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express.de/assets/1615890996/KZ/common/js/dmn-head-start.js
Requested by
Host: www.express.de
URL: https://www.express.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
345fa67e525d87c987f3020a59836b1735867af35f0aa8b563d5e25b348a211a

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
nncoection
close
cache-control
max-age=769952
content-length
8401
x-document-type
asset
expires
Mon, 19 Apr 2021 01:52:19 GMT
wrapperMessagingWithoutDetection.js
consent2.express.de/ 		0
0
express.css
www.express.de/assets/1615890996/KZ/desktop/styles/ 		374 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.express.de/assets/1615890996/KZ/desktop/styles/express.css
Requested by
Host: www.express.de
URL: https://www.express.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=545778
cneonction
close
content-length
52962
x-document-type
asset
expires
Fri, 16 Apr 2021 11:36:05 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		0
0
get
trmads.eu/ 		0
0
get
trmads.eu/ 		0
0
get
trmads.eu/ 		0
0
dmn-head-end.js
www.express.de/assets/1615890996/KZ/desktop/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express.de/assets/1615890996/KZ/desktop/js/dmn-head-end.js
Requested by
Host: www.express.de
URL: https://www.express.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
nncoection
close
cache-control
max-age=545687
content-length
6045
x-document-type
asset
expires
Fri, 16 Apr 2021 11:34:34 GMT
jssdk.js
track.express.de/cam-1.0/static/ 		0
0
iam.js
script.ioam.de/ 		0
0
metaTag.min.js
cdn.stroeerdigitalgroup.de/metatag/live/OMS_express/ 		0
0
dmn-gpt-util.js
www.express.de/assets/1615890996/KZ/desktop/js/ 		2 KB
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express.de/assets/1615890996/KZ/desktop/js/dmn-gpt-util.js
Requested by
Host: www.express.de
URL: https://www.express.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
nncoection
close
cache-control
max-age=545818
content-length
728
x-document-type
asset
expires
Fri, 16 Apr 2021 11:36:45 GMT
satelliteLib-ac721fa85d386407eee5078eda01f3c0de309df0.js
assets.adobedtm.com/d8109ac3d2f76151ca0f39163be0d8d6a7349f5c/ 		73 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/d8109ac3d2f76151ca0f39163be0d8d6a7349f5c/satelliteLib-ac721fa85d386407eee5078eda01f3c0de309df0.js
Requested by
Host: www.express.de
URL: https://www.express.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 08:35:53 GMT
server
AkamaiNetStorage
etag
"d8b34d3dc5042b73c404b123b2757e35:1617957353.883574"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.express.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
102113
expires
Sat, 10 Apr 2021 04:59:47 GMT
outbrain.js
widgets.outbrain.com/ 		0
0
Primary Request index.html
www.express.de/html/dumont-consent/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Requested by
Host: www.express.de
URL: https://www.express.de/assets/1615890996/KZ/common/js/dmn-head-start.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fda0279d956fb095f524cf9ec14fa604182b329b1c9dde7d52071a477be41d20

Request headers

:method
GET
:authority
www.express.de
:scheme
https
:path
/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.express.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dm_consent=; consentRedirectUrl=https://www.express.de/?cb=1618027187756
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.express.de/

Response headers

server
Apache
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
etag
"2070-5be4853e055a9-gzip"
accept-ranges
bytes
content-encoding
gzip
content-length
2784
cneonction
close
content-type
text/html
date
Sat, 10 Apr 2021 03:59:47 GMT
vary
Accept-Encoding
style.css
www.express.de/html/all/permanent/dumont-consent/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/all/permanent/dumont-consent/style.css
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
54429e8f0c132e7aacdd9ae59a89f685e80f10d934f33372e219711c6be54c9c

Request headers

Referer
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"240a-5be4853e01728-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=5
cneonction
close
accept-ranges
bytes
content-length
1962
expires
Sat, 10 Apr 2021 03:59:52 GMT
style.css
www.express.de/html/dumont-consent/ 		2 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/dumont-consent/style.css
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b903d5096d1253c0608b73b2fc8853e6485fff3e048c4092292d6eb93147d62

Request headers

Referer
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"947-5be4853e055a9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=52003
cneonction
close
accept-ranges
bytes
content-length
603
nncoection
close
expires
Sat, 10 Apr 2021 18:26:30 GMT
iam.js
script.ioam.de/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.ioam.de/iam.js
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script4.ioam.de
Software
nginx / BLACKBIRD-SRC v0.13 0013
Resource Hash
d9d4e79fc821c8c9903231a5255e3bdb7efb89f739e9945dc193f430da7f5a2c

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 03:59:47 GMT
Content-Encoding
gzip
Last-Modified
Sat, 10 Apr 2021 03:59:47 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.13 0013
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
private, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Sat, 10 Apr 2021 05:59:47 GMT
config.js
www.express.de/html/dumont-consent/ 		2 KB
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/dumont-consent/config.js
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5369090fa073741cf5cc278559866e5caec4dc3b7e90a5c24ea1726889296bcc

Request headers

Referer
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"622-5be4853e055a9"
vary
Accept-Encoding
content-type
application/javascript
nncoection
close
cache-control
max-age=52053
cneonction
close
accept-ranges
bytes
content-length
491
expires
Sat, 10 Apr 2021 18:27:20 GMT
polyfill.js
www.express.de/html/all/permanent/dumont-consent/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/all/permanent/dumont-consent/polyfill.js
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ce84fc3418d0c2fd06834b8e843180335164925920af7a7a64fc608b87773e25

Request headers

Referer
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"115d-5be4853e01728-gzip"
vary
Accept-Encoding
content-type
application/javascript
cneonction
close
cache-control
max-age=5
accept-ranges
bytes
content-length
1804
expires
Sat, 10 Apr 2021 03:59:52 GMT
sp_api.js
www.express.de/html/all/permanent/dumont-consent/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/all/permanent/dumont-consent/sp_api.js
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32244ef5f561cae4662f31925784178cade86b36263e334efc85276cf4f8dbdd

Request headers

Referer
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"f7d-5be4853e01728-gzip"
vary
Accept-Encoding
content-type
application/javascript
nncoection
close
cache-control
max-age=5
accept-ranges
bytes
content-length
1378
expires
Sat, 10 Apr 2021 03:59:52 GMT
script.js
www.express.de/html/all/permanent/dumont-consent/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/all/permanent/dumont-consent/script.js
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72289ff725166f5b88c57e828ea89c108c865ac9148e7e6a061a16b0a6ad4962

Request headers

Referer
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"55ee-5be4853e01728-gzip"
vary
Accept-Encoding
content-type
application/javascript
cneonction
close
cache-control
max-age=5
accept-ranges
bytes
content-length
5034
expires
Sat, 10 Apr 2021 03:59:52 GMT
logo.png
www.express.de/html/dumont-consent/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.express.de/html/dumont-consent/logo.png
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e91622f88a8a7ea451f79cd4390427120bdadd57d88a7a553f3d87f26e930e7

Request headers

Referer
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"15fa-5be4853e055a9"
content-type
image/png
nncoection
close
cache-control
max-age=1157628
accept-ranges
bytes
content-length
5626
expires
Fri, 23 Apr 2021 13:33:35 GMT
background.jpg
www.express.de/html/dumont-consent/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.express.de/html/dumont-consent/background.jpg
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f30164675abd0fb88788b294572e8758757f54c5c2c964407d0137b6180a5f29

Request headers

Referer
https://www.express.de/html/dumont-consent/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"1a924-5be4853e055a9"
content-type
image/jpeg
cneonction
close
cache-control
max-age=1157634
accept-ranges
bytes
content-length
108836
expires
Fri, 23 Apr 2021 13:33:41 GMT
dumont_newsnet.svg
www.express.de/html/all/permanent/dumont-consent/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.express.de/html/all/permanent/dumont-consent/dumont_newsnet.svg
Requested by
Host: www.express.de
URL: https://www.express.de/html/all/permanent/dumont-consent/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9971c3423a27c3fcbfee145c710afd3961e051e41667ce25cc53f3912269c2af

Request headers

Referer
https://www.express.de/html/all/permanent/dumont-consent/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"9f3-5be4853dfe847-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
1245
nncoection
close
signika-v10-latin-regular.woff2
www.express.de/html/all/permanent/dumont-consent/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/all/permanent/dumont-consent/fonts/signika-v10-latin-regular.woff2
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dcf33a5d57626e80ad28c3d3614e45fee90f256031608e081825187daf0669e4

Request headers

Origin
https://www.express.de
Referer
https://www.express.de/html/dumont-consent/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"8160-5be4853e01728-gzip"
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
32902
nncoection
close
anton-v11-latin-regular.woff2
www.express.de/html/all/permanent/dumont-consent/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/all/permanent/dumont-consent/fonts/anton-v11-latin-regular.woff2
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b95d1d28fcfc16ebe94d214918fb4feb8d245858972cdff44bac63e7163e38a6

Request headers

Origin
https://www.express.de
Referer
https://www.express.de/html/dumont-consent/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"378c-5be4853dff7e7-gzip"
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
14243
nncoection
close
wrapperMessagingWithoutDetection.js
consent2.express.de/ 		151 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent2.express.de/wrapperMessagingWithoutDetection.js
Requested by
Host: www.express.de
URL: https://www.express.de/html/all/permanent/dumont-consent/sp_api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.210.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-32.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b29256842f1c582cf89c93a91e439079b4813d484181540602aaf146d19b605

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 15:27:39 GMT
server
AmazonS3
age
2915
etag
W/"4035c3349448ccb677a86aa3eb6396e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 94a519c8a0bf381244e89215b16b0952.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Sat, 10 Apr 2021 03:11:13 GMT
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
-QAPM138xJepM_Iv4ZiurjFLFwiVK8xDvJr036ITRKonFSk1Nm5tXg==
tx.io
de.ioam.de/
Redirect Chain
  • https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=0100000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2F&ur=www.express.de&xy=1600x1200...
  • https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=0100000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2F&ur=www.express.de&xy=1600x1200...
0
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=0100000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2F&ur=www.express.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0013&i2=0013f2c4df40d64b6607122b3&ep=1643972299&vr=423&id=qn28vx&i3=nocookie&n1=2&dntt=0&lt=1618027187826&ev=&cs=87tgu&mo=1&sr=71
Requested by
Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii8/Y2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
de3.ioam.de
Software
nginx / BLACKBIRD-RCV v1.06.2 0042
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Apr 2021 03:59:47 GMT
Server
nginx
X-Powered-By
BLACKBIRD-RCV v1.06.2 0042
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Sat, 10 Apr 2021 03:59:47 GMT
Access-Control-Allow-Origin
*
X-Powered-By
BLACKBIRD-RCV v1.06.2 0042
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Sat, 10 Apr 2021 03:59:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=0100000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2F&ur=www.express.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0013&i2=0013f2c4df40d64b6607122b3&ep=1643972299&vr=423&id=qn28vx&i3=nocookie&n1=2&dntt=0&lt=1618027187826&ev=&cs=87tgu&mo=1&sr=71
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Fri, 10 Apr 2020 03:59:47 GMT
launch-06801460f26f.min.js
assets.adobedtm.com/00a733507f33/4153917cce75/ 		229 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js
Requested by
Host: www.express.de
URL: https://www.express.de/html/all/permanent/dumont-consent/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
25e9e4c2c19f0bf6ca8729937d3a35f3c6a8ea28b9f4359ffec3d708125c6d9f

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 08:49:43 GMT
server
AkamaiNetStorage
etag
"9bfd6674afa7ec479ffadc7bc4de705b:1617958183.936596"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.express.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
73576
expires
Sat, 10 Apr 2021 04:59:47 GMT
native-message
consent2.express.de/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent2.express.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A995%2C%22requestUUID%22%3A%22740acafe-4cd5-416f-b433-0f0b34d781fe%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.express.de%2Fhtml%2Fdumont-consent%2Findex.html%3Fparam%3DeyJyZWRpcmVjdFVybCI6Ii8%2FY2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0%3D%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent2.express.de%22%2C%22targetingParams%22%3A%22%7B%5C%22mode%5C%22%3A%5C%22dumont-consent-message%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Server
54.192.210.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-32.ham50.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.express.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
13
date
Sat, 10 Apr 2021 03:59:47 GMT
x-powered-by
Express
access-control-allow-origin
https://www.express.de
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
allow
POST,GET,HEAD
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
rWxRIeTyj2TCeGm5hd-FV2IFKxwFMqrGCkZcLC2fLR23XhF8XtSqRQ==
native-message
consent2.express.de/wrapper/tcfv2/v1/gdpr/ 		140 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent2.express.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A995%2C%22requestUUID%22%3A%22740acafe-4cd5-416f-b433-0f0b34d781fe%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.express.de%2Fhtml%2Fdumont-consent%2Findex.html%3Fparam%3DeyJyZWRpcmVjdFVybCI6Ii8%2FY2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0%3D%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent2.express.de%22%2C%22targetingParams%22%3A%22%7B%5C%22mode%5C%22%3A%5C%22dumont-consent-message%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: consent2.express.de
URL: https://consent2.express.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.210.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-32.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
076b151125c90a93688fe611d583a4a8ddaf33e0b586c0cae3960e3088767c38

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
x-amz-cf-pop
HAM50-C2
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.express.de
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
ofQKKh1wUtd4yOplLjJrDIJWGSVtQZUepjGM8hq_r7i1U7FU2xFYmg==
via
1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
id
dpm.demdex.net/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=13E4401053DAE44E0A490D4C%40AdobeOrg&d_nsid=0&ts=1618027187896
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.139.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-139-62.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8e42d3392dd24de5b6fae565d74f6d3f63dd18aa523152b962b106a6a200a84b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v090-0703020c7.edge-irl1.demdex.com 5.80.7.20210304103356 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
o4a3Lg9pTGY=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.express.de
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
304
Expires
Thu, 01 Jan 1970 00:00:00 GMT
EXb4493da6241e4431b93cd91f560547aa-libraryCode_source.min.js
assets.adobedtm.com/00a733507f33/4153917cce75/16df99255747/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/00a733507f33/4153917cce75/16df99255747/EXb4493da6241e4431b93cd91f560547aa-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89637dcb829e65325a0c444d40d4e88310027a9de6311fa814e5df4987cf1663

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:47 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 08:49:44 GMT
server
AkamaiNetStorage
etag
"43220d7a5590bf19ba4fe10c0512d416:1617958184.718275"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.express.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
18662
expires
Sat, 10 Apr 2021 04:59:47 GMT
Cookie set dest5.html
dumontnet.demdex.net/ Frame BD46 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dumontnet.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
dumontnet.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.express.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=19861662251870639382735483042910668810
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.express.de/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 24 Mar 2021 09:15:47 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=19861662251870639382735483042910668810;Path=/;Domain=.demdex.net;Expires=Thu, 07-Oct-2021 03:59:48 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
dRSc+cByRPs=
Content-Length
2785
Connection
keep-alive
id
dumontnet.d3.sc.omtrdc.net/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dumontnet.d3.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=13E4401053DAE44E0A490D4C%40AdobeOrg&mid=19888558859461497982738172188269943598&ts=1618027188037
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 10 Apr 2021 03:59:48 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-fd4497967-cd5s9
vary
Origin
x-c
main-1451.Ibee288.M0-486
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.express.de
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YHEitAAAAHDmnCkN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=19861662251870639382735483042910668810
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YHEitAAAAHDmnCkN
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YHEitAAAAHDmnCkN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.139.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-139-62.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-03e1cd43a.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
l0LY0X5VSq4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YHEitAAAAHDmnCkN
Date
Sat, 10 Apr 2021 03:59:48 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
dumontnet.tt.omtrdc.net/rest/v1/ 		282 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dumontnet.tt.omtrdc.net/rest/v1/delivery?client=dumontnet&sessionId=1193f9f118be4de59de699297ca8ed00&version=2.3.2
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.205.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-205-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c4cc31808f2be5226cb895a0d541d5474c9fc8e6878a2c94a3249b7d889fa485

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.express.de
date
Sat, 10 Apr 2021 03:59:48 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
2a8dc468986fa706d22e88c346d51fe6
content-type
application/json;charset=UTF-8
index.html
consent2.express.de/ Frame 4D47 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
Requested by
Host: consent2.express.de
URL: https://consent2.express.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.210.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-32.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c60effd373d81355362c0687756ba19e849ed437ebdff6ee60876f42fa5a8fbb

Request headers

:method
GET
:authority
consent2.express.de
:scheme
https
:path
/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.express.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dm_consent=; consentRedirectUrl=https://www.express.de/?cb=1618027187756; mbox=session#1193f9f118be4de59de699297ca8ed00#1618029048; at_check=true; consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0; iom_consent=0100000000&1618027188020; AMCVS_13E4401053DAE44E0A490D4C%40AdobeOrg=1; AMCV_13E4401053DAE44E0A490D4C%40AdobeOrg=-637568504%7CMCIDTS%7C18728%7CMCMID%7C19888558859461497982738172188269943598%7CMCAAMLH-1618631988%7C6%7CMCAAMB-1618631988%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1618034388s%7CNONE%7CvVersion%7C5.1.1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.express.de/

Response headers

content-type
text/html
last-modified
Thu, 08 Apr 2021 16:08:51 GMT
server
AmazonS3
content-encoding
gzip
date
Sat, 10 Apr 2021 03:11:50 GMT
etag
W/"4f1eae5345c39a34cb9bac5635394aaf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 94a519c8a0bf381244e89215b16b0952.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
dIs3xIlSZ3iURqAb3qX6qKW2LYy-ndD__-jmrGEKFumZJalE-L6qvw==
age
2879
Notice.37f30.css
consent2.express.de/ Frame 4D47 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent2.express.de/Notice.37f30.css
Requested by
Host: consent2.express.de
URL: https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.210.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-32.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa

Request headers

Referer
https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:12:22 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 16:08:51 GMT
server
AmazonS3
age
2869
etag
W/"227670f327655cdc0f6317b8d0f58d27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 94a519c8a0bf381244e89215b16b0952.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
acnJwrUqxL1l9SVTzbGFAzZWMJtYu4HQO2yqbx-ygdznKJ_B0V8Lww==
polyfills.65071.js
consent2.express.de/ Frame 4D47 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent2.express.de/polyfills.65071.js
Requested by
Host: consent2.express.de
URL: https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.210.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-32.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer
https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:12:22 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 16:08:51 GMT
server
AmazonS3
age
2869
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 94a519c8a0bf381244e89215b16b0952.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
moUFv13FeQBPJbgMSg2A72iXqiwzh3wP4rv3Yg1BPKmvkMJ5ZkJ76A==
Notice.edef1.js
consent2.express.de/ Frame 4D47 		171 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent2.express.de/Notice.edef1.js
Requested by
Host: consent2.express.de
URL: https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.210.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-32.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8318b36ea964a68959576876dd85fa417cb7784a31ae78acaa3c58720d62dc34

Request headers

Referer
https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:12:22 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 16:08:51 GMT
server
AmazonS3
age
2869
etag
W/"2a94f5880eb7b9fe653fe8a73017e764"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 94a519c8a0bf381244e89215b16b0952.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
u_CurGdQwGL9193oZ8dG2W3TPg009nT9jxPghXDq1qUiCax1vS9jZg==
anton-v11-latin-regular.woff2
www.express.de/html/all/permanent/dumont-consent/fonts/ Frame 4D47 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.express.de/html/all/permanent/dumont-consent/fonts/anton-v11-latin-regular.woff2
Requested by
Host: consent2.express.de
URL: https://consent2.express.de/index.html?message_id=411821&consentUUID=208e3c03-4d89-4af8-91fe-63bc1d5f4aa0&requestUUID=740acafe-4cd5-416f-b433-0f0b34d781fe&preload_message=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.250.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-250-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b95d1d28fcfc16ebe94d214918fb4feb8d245858972cdff44bac63e7163e38a6

Request headers

Origin
https://consent2.express.de
Referer
https://consent2.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:48 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 13:32:17 GMT
server
Apache
etag
"378c-5be4853dff7e7-gzip"
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
14243
nncoection
close
s71955840907898
dumontnet.d3.sc.omtrdc.net/b/ss/dmtexpressprod/1/JS-2.20.0-LBQ1/ 		43 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dumontnet.d3.sc.omtrdc.net/b/ss/dmtexpressprod/1/JS-2.20.0-LBQ1/s71955840907898?AQB=1&ndh=1&pf=1&t=10%2F3%2F2021%205%3A59%3A48%206%20-120&sdid=38E587F9B0E143E9-367FC61B97B05F73&mid=19888558859461497982738172188269943598&aamlh=6&ce=UTF-8&ns=dumontnet&pageName=PUR&g=https%3A%2F%2Fwww.express.de%2Fhtml%2Fdumont-consent%2Findex.html%3Fparam%3DeyJyZWRpcmVjdFVybCI6Ii8%2FY2I9MTYxODAyNzE4Nzc1NiIsInJlZmVycmVyIjoiIiwic3ViZG9tYWluIjoid3d3In0%3D&r=https%3A%2F%2Fwww.express.de%2F&cc=EUR&server=www.express.de&events=event1%2Cevent268&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=https%3A%2F%2Fwww.express.de&c2=D%3Dv2&v2=PUR&c3=D%3Dv3&v3=PUR&c4=D%3Dv8&c5=D%3Dv11&c6=D%3Dv14&c7=Typed%2FBookmarked&c8=D%3Dv17&c9=D%3Dv18&v9=PUR_Vorschaltseite&c10=D%3Dv19&v10=PUR&c11=D%3Dv33&v11=D%3Dg&c12=D%3Dv10&v12=NaN-NaN-NaN&c13=D%3Dv41&v13=D%3Dv12&v14=Online&c15=D%3Dv45&v15=Typed%2FBookmarked&c16=D%3Dv9&v18=Weekend%7CSaturday%7C4%3A30AM&v19=1618027187827&c29=D%3Dv61&v34=D%3Dr&c55=D%3Dv53&c56=D%3Dv95&c57=D%3Dv54&v66=Typed%2FBookmarked&c73=D%3Dv103&c74=D%3Dv102&v90=UftwpMr924ERE9L6SftEq5pHeUPvAksHGraziF&v103=unknown&v112=Akzeptieren_Status&v114=https%3A%2F%2Fwww.express.de%2F&v115=https%3A%2F%2Fwww.express.de%2F&v199=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&v200=Bot%20detected&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=13E4401053DAE44E0A490D4C%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.express.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:59:48 GMT
x-content-type-options
nosniff
x-c
main-1451.Ibee288.M0-486
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 11 Apr 2021 03:59:48 GMT
server
jag
xserver
anedge-fd4497967-54svf
etag
3474686930155929600-4621791216402546866
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Fri, 09 Apr 2021 03:59:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
consent2.express.de
URL
https://consent2.express.de/wrapperMessagingWithoutDetection.js
Domain
code.jquery.com
URL
https://code.jquery.com/jquery-3.3.1.min.js
Domain
trmads.eu
URL
https://trmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=include&versions=ad-layer-lib,smart-native-2-slider-lib,smart_native_ad_layer_v2.2&block-name=RPAWIDGETTROOT&channel=RPA
Domain
trmads.eu
URL
https://trmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=includeBodyBottom&versions=lazy-load-lib&block-name=RPAWIDGETTROOT&channel=RPA
Domain
trmads.eu
URL
https://trmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=includeCss&versions=smart-native-2-slider-lib,smart_native_ad_layer_v2,smart_native_ad_layer_v2.2&block-name=RPAWIDGETTROOT&channel=RPA
Domain
track.express.de
URL
https://track.express.de/cam-1.0/static/jssdk.js?lang=de&service=expressde
Domain
script.ioam.de
URL
https://script.ioam.de/iam.js
Domain
cdn.stroeerdigitalgroup.de
URL
https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_express/metaTag.min.js
Domain
widgets.outbrain.com
URL
https://widgets.outbrain.com/outbrain.js

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| szmvars object| iom function| initProduction function| initStage function| SourcePointApiV2 function| Helper function| ConsentHelper function| UiActions function| UiLayoutHelper function| TrackingHelper function| C1Helper object| s_config object| _satellite object| uiLayoutHelper object| helper object| consentHelper object| sourcePointApiV2 object| c1Helper object| uiActions object| trackingHelper string| aboshop_url string| login_portal_url string| login_service string| dtm_account_id string| dtm_linkInternalFilters string| dtm_script_url string| ivw_site string| ivw_code string| pur_entitlement number| sp_accountId string| sp_cockieDomain number| sp_privacyManagerId string| sp_cName string| sp_scriptUrl boolean| production function| __tcfapi object| _sp_ object| iam_data object| dataLayer boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| pageNameResetter object| pageNameResetter2 function| s_doPlugins function| s_getLoadTime function| C1_trackingcall function| global_trackingcall function| ivw_videotracking function| C1_getsessiondata function| C1_getalldata function| C1_getalldata2 function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s object| valiton boolean| websiteBot number| s_objectID number| s_giq object| dc object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd string| x string| y object| s_i_dmtexpressprod

6 Cookies

Domain/Path Name / Value
www.express.de/ Name: DDC_userID
Value: UftwpMr924ERE9L6SftEq5pHeUPvAksHGraziF
.express.de/ Name: mbox
Value: session#1193f9f118be4de59de699297ca8ed00#1618029048
.express.de/ Name: at_check
Value: true
.express.de/ Name: AMCV_13E4401053DAE44E0A490D4C%40AdobeOrg
Value: -637568504%7CMCIDTS%7C18728%7CvVersion%7C5.1.1
.express.de/ Name: consentRedirectUrl
Value: https://www.express.de/?cb=1618027187756
.express.de/ Name: dm_consent
Value:

7 Console Messages

Source Level URL
Text
console-api log (Line 5)
Message:
[object Object]
console-api warning URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js(Line 8)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("DDC_userID").
console-api log URL: https://www.express.de/html/all/permanent/dumont-consent/sp_api.js(Line 48)
Message:
onMessageReceiveData [object Object]
console-api log URL: https://consent2.express.de/wrapperMessagingWithoutDetection.js(Line 1)
Message:
Messaging without detection successfully executed.
console-api log URL: https://www.express.de/html/all/permanent/dumont-consent/sp_api.js(Line 36)
Message:
onMessageReady
console-api log URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/16df99255747/EXb4493da6241e4431b93cd91f560547aa-libraryCode_source.min.js(Line 3)
Message:
REFERRER: Typed/Bookmarked
console-api log URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/16df99255747/EXb4493da6241e4431b93cd91f560547aa-libraryCode_source.min.js(Line 3)
Message:
REFERRER: Typed/Bookmarked

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src data: https: wss: blob: 'unsafe-inline' 'unsafe-eval';

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.stroeerdigitalgroup.de
cm.everesttech.net
code.jquery.com
consent2.express.de
de.ioam.de
dpm.demdex.net
dumontnet.d3.sc.omtrdc.net
dumontnet.demdex.net
dumontnet.tt.omtrdc.net
express.de
script.ioam.de
track.express.de
trmads.eu
widgets.outbrain.com
www.express.de
cdn.stroeerdigitalgroup.de
code.jquery.com
consent2.express.de
script.ioam.de
track.express.de
trmads.eu
widgets.outbrain.com
104.111.250.159
15.237.76.117
18.203.205.32
2a02:26f0:7100:491::1e80
34.253.145.149
35.190.48.80
52.208.139.62
52.212.101.97
54.192.210.32
91.215.100.39
91.215.103.65
076b151125c90a93688fe611d583a4a8ddaf33e0b586c0cae3960e3088767c38
25e9e4c2c19f0bf6ca8729937d3a35f3c6a8ea28b9f4359ffec3d708125c6d9f
2b903d5096d1253c0608b73b2fc8853e6485fff3e048c4092292d6eb93147d62
2e91622f88a8a7ea451f79cd4390427120bdadd57d88a7a553f3d87f26e930e7
32244ef5f561cae4662f31925784178cade86b36263e334efc85276cf4f8dbdd
345fa67e525d87c987f3020a59836b1735867af35f0aa8b563d5e25b348a211a
389a4390062ab10aa22272950a23727122bef2928a3056cc1d22cd8fd991a057
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5369090fa073741cf5cc278559866e5caec4dc3b7e90a5c24ea1726889296bcc
54429e8f0c132e7aacdd9ae59a89f685e80f10d934f33372e219711c6be54c9c
72289ff725166f5b88c57e828ea89c108c865ac9148e7e6a061a16b0a6ad4962
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8318b36ea964a68959576876dd85fa417cb7784a31ae78acaa3c58720d62dc34
89637dcb829e65325a0c444d40d4e88310027a9de6311fa814e5df4987cf1663
8e42d3392dd24de5b6fae565d74f6d3f63dd18aa523152b962b106a6a200a84b
9971c3423a27c3fcbfee145c710afd3961e051e41667ce25cc53f3912269c2af
9b29256842f1c582cf89c93a91e439079b4813d484181540602aaf146d19b605
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b95d1d28fcfc16ebe94d214918fb4feb8d245858972cdff44bac63e7163e38a6
c4cc31808f2be5226cb895a0d541d5474c9fc8e6878a2c94a3249b7d889fa485
c60effd373d81355362c0687756ba19e849ed437ebdff6ee60876f42fa5a8fbb
ce84fc3418d0c2fd06834b8e843180335164925920af7a7a64fc608b87773e25
d9d4e79fc821c8c9903231a5255e3bdb7efb89f739e9945dc193f430da7f5a2c
dcf33a5d57626e80ad28c3d3614e45fee90f256031608e081825187daf0669e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30164675abd0fb88788b294572e8758757f54c5c2c964407d0137b6180a5f29
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa
fda0279d956fb095f524cf9ec14fa604182b329b1c9dde7d52071a477be41d20