www.express.de Open in urlscan Pro
184.31.94.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmann...
Effective URL:
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmV...
Submission: On November 23 via manual (November 23rd 2020, 8:39:40 pm UTC) from US

Summary HTTP 49 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 11 domains to perform 49 HTTP transactions. The main IP is 184.31.94.201, located in Netherlands and belongs to AKAMAI-ASN1, EU. The main domain is www.express.de.
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on August 14th 2020. Valid for: 5 months.

This is the only time www.express.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	184.31.94.201 184.31.94.201	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700:303... 2606:4700:3035::ac43:92ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:10c... 2a02:26f0:10c::5f64:c11b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:10c... 2a02:26f0:10c:59b::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
7	52.84.112.97 52.84.112.97	16509 (AMAZON-02) (AMAZON-02)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
2	34.242.67.216 34.242.67.216	16509 (AMAZON-02) (AMAZON-02)
1	63.32.152.233 63.32.152.233	16509 (AMAZON-02) (AMAZON-02)
3	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:3400:13:7ad6:7840:21	16509 (AMAZON-02) (AMAZON-02)
49	13

20 184.31.94.201 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-94-201.deploy.static.akamaitechnologies.com

www.express.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::ac43:92ed (United States)

ASN13335 (CLOUDFLARENET, US)

trmads.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c::5f64:c11b (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.stroeerdigitalgroup.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10c:59b::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.84.112.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-112-97.sof50.r.cloudfront.net

consent2.express.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.67.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-67-216.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.152.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-152-233.eu-west-1.compute.amazonaws.com

dumontnet.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

dumontnet.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:3400:13:7ad6:7840:21 (United States)

ASN16509 (AMAZON-02, US)

d2p3zdq8vjvnxd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	express.de 1 redirects www.express.de consent2.express.de Failed track.express.de Failed	413 KB
3	omtrdc.net dumontnet.d3.sc.omtrdc.net	677 B
3	demdex.net dpm.demdex.net dumontnet.demdex.net	2 KB
3	adobedtm.com assets.adobedtm.com	150 KB
3	ioam.de script.ioam.de Failed de.ioam.de	16 KB
3	trmads.eu trmads.eu	17 KB
1	cloudfront.net d2p3zdq8vjvnxd.cloudfront.net	364 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	stroeerdigitalgroup.de cdn.stroeerdigitalgroup.de	59 KB
1	jquery.com code.jquery.com	30 KB
0	vgwort.de Failed express.met.vgwort.de Failed
49	11

	Domain	Requested by
20	www.express.de	1 redirects www.express.de consent2.express.de
7	consent2.express.de	www.express.de consent2.express.de
3	dumontnet.d3.sc.omtrdc.net	assets.adobedtm.com
3	assets.adobedtm.com	www.express.de assets.adobedtm.com
3	trmads.eu	www.express.de
2	dpm.demdex.net	assets.adobedtm.com
2	de.ioam.de	1 redirects www.express.de
1	d2p3zdq8vjvnxd.cloudfront.net
1	cm.everesttech.net	1 redirects
1	dumontnet.demdex.net	assets.adobedtm.com
1	cdn.stroeerdigitalgroup.de	www.express.de
1	script.ioam.de	www.express.de
1	code.jquery.com	www.express.de
0	express.met.vgwort.de Failed	www.express.de
0	track.express.de Failed	www.express.de
49	15

This site contains links to these domains. Also see Links.

Domain
dumont-newsnet.de
epages.express.de
service-express.dumont.de

Subject Issuer	Validity	Valid
www.dumontnet.de DigiCert Secure Site ECC CA-1	`2020-08-14` - `2020-12-29`	5 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-11` - `2021-08-11`	a year	crt.sh
cdn.stroeerdigitalgroup.de DigiCert Secure Site ECC CA-1	`2020-02-13` - `2021-04-13`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
amp-consent.dumont.de Let's Encrypt Authority X3	`2020-10-16` - `2021-01-14`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Frame ID: 6AE0C24C728BE76AFA761892D63B5FAD
Requests: 41 HTTP requests in this frame

Frame: https://dumontnet.demdex.net/dest5.html?d_nsid=0
Frame ID: 6F18EB8948DF2E942552C79A87C534FB
Requests: 1 HTTP requests in this frame

Frame: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
Frame ID: A747A9AD9D2A76E2DC6A522A3DBC999B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-d... HTTP 301
https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-d... Page URL
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

49
Requests

88 %
HTTPS

38 %
IPv6

11
Domains

15
Subdomains

13
IPs

6
Countries

687 kB
Transfer

2613 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://dumont-newsnet.de/
Title:

Search URL Search Domain Scan URL

URL: https://epages.express.de/
Title: E-Paper

Search URL Search Domain Scan URL

URL: https://service-express.dumont.de/
Title: Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564 HTTP 301
https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564 Page URL
https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564 HTTP 301
https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564

Request Chain 31

https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2Fsport%2Fsportmix%2Fist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564&ur=www.express.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=000e&i2=000e5b7af155a1eeb5fbc1dfb&ep=1632161685&vr=418&id=b3ypd5&i3=nocookie&n1=2&dntt=0&lt=1606163963656&ev=&cs=vri25v&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2Fsport%2Fsportmix%2Fist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564&ur=www.express.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=000e&i2=000e5b7af155a1eeb5fbc1dfb&ep=1632161685&vr=418&id=b3ypd5&i3=nocookie&n1=2&dntt=0&lt=1606163963656&ev=&cs=vri25v&mo=1&sr=71

Request Chain 39

https://cm.everesttech.net/cm/dd?d_uuid=02748553648657045600883648322500237068 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X7wd-AAAAGyUqxz6

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564 Show response
www.express.de/sport/sportmix/
Redirect Chain

http://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564

123 KB
28 KB

377ms
299ms

Document
text/html

184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-31-94-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1a3c9cff5e2fb9b0eef4369f97a900acf64b0ae80854b8594ec9baf8c2c380c7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; default-src data: https: wss: blob: 'unsafe-inline' 'unsafe-eval';

Request headers

:method: GET
:authority: www.express.de
:scheme: https
:path: /sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: Apache
content-security-policy: block-all-mixed-content; default-src data: https: wss: blob: 'unsafe-inline' 'unsafe-eval';
x-dmncm8pur: false
x-document-type: article
x-dmncm8page: 1
content-type: text/html;charset=UTF-8
content-language: de-DE
content-encoding: gzip
nncoection: close
content-length: 28430
cache-control: max-age=108
date: Mon, 23 Nov 2020 20:39:23 GMT
vary: Accept-Encoding
set-cookie: guid=c5577d7f-8532-416d-b4e8-e14d31560253+383a29f5fb20a99a543c28f6664f32182ebb0b7e34e231604117fca4de634bc90f8b1368353b593dc4374a11c13436cb0803d0429e3097de2a3f299a06cf65cf; Path=/ NSC_eno_xxx.cfub.ltub.ef=ffffffffda4d4d2245525d5f4f58455e445a4a423660;path=/;secure;httponly
x-pur-abo-validation: token_failure

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Date: Mon, 23 Nov 2020 20:39:22 GMT
Connection: keep-alive
X-PUR-ABO-VALIDATION: token_failure

GET
H2 200 dmn-head-start.js
www.express.de/assets/1605702800/qQ/common/js/ 8 KB
4 KB 68ms
65ms Script
text/javascript 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/assets/1605702800/qQ/common/js/dmn-head-start.js
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
nncoection: close
cache-control: max-age=2140806
content-length: 3980
x-document-type: asset
expires: Fri, 18 Dec 2020 15:19:29 GMT

GET wrapperMessagingWithoutDetection.js
consent2.express.de/ 0
0

GET
H2 200 express.css
www.express.de/assets/1605702800/qQ/desktop/styles/ 363 KB
51 KB 46ms
43ms Stylesheet
text/css 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/assets/1605702800/qQ/desktop/styles/express.css
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2140594
cneonction: close
content-length: 51479
x-document-type: asset
expires: Fri, 18 Dec 2020 15:15:57 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 26ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.express.de
Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1606163963.dop236.fr8.t,1606163963.cds226.fr8.hc,1606163963.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 get Show response
trmads.eu/ 30 KB
9 KB 47ms
23ms Script
application/javascript 2606:4700:3035::ac43:92ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=include&versions=ad-layer-lib,smart-native-2-slider-lib,smart_native_ad_layer_v2.2&block-name=RPAWIDGETTROOT&channel=RPA
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:92ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4706ec669ea00d7dd903925277a44994d55c5875939eddb065692b86dd8762

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-status-webserver: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IjBAWBVsHAMsEoPEYrdwe1KOhkmvSU1B3eHVuwWTiu7od440KC5yahMC%2B38nbLza7Xq7Wo1p%2BVG0rykn74Z8k7E7YAtIC4PyTIVI2TWOle%2BaF%2BOq118%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset: UTF-8
cache-control: private
x-nginx-cache-key: httpGETtrmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=include&versions=ad-layer-lib,smart-native-2-slider-lib,smart_native_ad_layer_v2.2&block-name=RPAWIDGETTROOT&channel=RPA fullversion fullversion0
cf-ray: 5f6db30319622bb9-FRA
cf-request-id: 06986e35f200002bb9a69ae000000001
x-proxy-cache: HIT

GET
H2 200 get Show response
trmads.eu/ 9 KB
3 KB 54ms
30ms Script
application/javascript 2606:4700:3035::ac43:92ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=includeBodyBottom&versions=lazy-load-lib&block-name=RPAWIDGETTROOT&channel=RPA
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:92ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d889ae9677a851be80db562a911cdb81412152d8c4e4dbe1e69d0902845e9ab2

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-status-webserver: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ECJ2x%2Fo1Wd9jNyExX8kkUKklJrXn2YkrNDsHMsSUOEBwm8Y1qDaaWu4IQf%2BG9C5UHF%2BTpA1fP6y%2B0On54BZe1o6lOW2nqr%2BnQ5PUdl277sp6L%2FagFKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset: UTF-8
cache-control: private
x-nginx-cache-key: httpGETtrmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=includeBodyBottom&versions=lazy-load-lib&block-name=RPAWIDGETTROOT&channel=RPA fullversion fullversion0
cf-ray: 5f6db30319632bb9-FRA
cf-request-id: 06986e35f200002bb981881000000001
x-proxy-cache: HIT

GET
H2 200 get
trmads.eu/ 30 KB
6 KB 46ms
22ms Stylesheet
text/css 2606:4700:3035::ac43:92ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=includeCss&versions=smart-native-2-slider-lib,smart_native_ad_layer_v2,smart_native_ad_layer_v2.2&block-name=RPAWIDGETTROOT&channel=RPA
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:92ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6735db5896da37a17fe433e540642a5f5782b2d21393415f6f3b399f605adee

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-status-webserver: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RDANIsbT1x%2F1lnwcHSU3zcQzoE%2ByRf2qGb6h3fwZ7I2JPUtik8EA1k3OO3HfznZt0fo61nOlcsZ6sjzaZAvS3v3trM0K%2FVZG51%2FuZ7LNKJMWJOJn3qU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset: UTF-8;charset=UTF-8
cache-control: private
x-nginx-cache-key: httpGETtrmads.eu/get?token=4rU8aLsLBoax41KAqkmY5MCsowM4hQ&service=lib&type=includeCss&versions=smart-native-2-slider-lib,smart_native_ad_layer_v2,smart_native_ad_layer_v2.2&block-name=RPAWIDGETTROOT&channel=RPA fullversion fullversion0
cf-ray: 5f6db303195d2bb9-FRA
cf-request-id: 06986e35f100002bb95da6c000000001
x-proxy-cache: HIT

GET
H2 200 dmn-head-end.js
www.express.de/assets/1605702800/qQ/desktop/js/ 17 KB
6 KB 69ms
67ms Script
text/javascript 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/assets/1605702800/qQ/desktop/js/dmn-head-end.js
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
nncoection: close
cache-control: max-age=2140535
content-length: 6045
x-document-type: asset
expires: Fri, 18 Dec 2020 15:14:58 GMT

GET jssdk.js
track.express.de/cam-1.0/static/ 0
0

GET iam.js
script.ioam.de/ 0
0

GET
H2 200 metaTag.min.js Show response
cdn.stroeerdigitalgroup.de/metatag/live/OMS_express/ 251 KB
59 KB 36ms
9ms Script
application/javascript 2a02:26f0:10c::5f64:c11b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_express/metaTag.min.js
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c::5f64:c11b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: KONICHIWA/1.0 /
Resource Hash: dd52b0d69f3517fba3c14fd06ef1c5f1c092c50d4b731735ecf18f92254292b5

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 23F5E3B7B6633C63
content-length: 60136
x-amz-id-2: D2hiBy5AH7Jv3BhmrACRh4wgdxan+f+GLoR8mW9WMq3w7Iyhf7WsvzFzhhGL5QqfI1AxTXIT3fI=
last-modified: Mon, 23 Nov 2020 15:15:38 GMT
server: KONICHIWA/1.0
etag: "e2237860681bebaf3c088e0b3b8e94c2"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=362
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 dmn-gpt-util.js
www.express.de/assets/1605702800/qQ/desktop/js/ 2 KB
913 B 68ms
67ms Script
text/javascript 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/assets/1605702800/qQ/desktop/js/dmn-gpt-util.js
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
nncoection: close
cache-control: max-age=2140654
content-length: 728
x-document-type: asset
expires: Fri, 18 Dec 2020 15:16:57 GMT

GET
H2 200 satelliteLib-ac721fa85d386407eee5078eda01f3c0de309df0.js
assets.adobedtm.com/d8109ac3d2f76151ca0f39163be0d8d6a7349f5c/ 392 KB
99 KB 41ms
18ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d8109ac3d2f76151ca0f39163be0d8d6a7349f5c/satelliteLib-ac721fa85d386407eee5078eda01f3c0de309df0.js
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 14:57:17 GMT
server: AkamaiNetStorage
etag: "3a8c113541549b805ed5790becf906a4:1605884237.282798"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.express.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 21:39:23 GMT

GET
H2 200 dmn-main.js
www.express.de/assets/1605702800/qQ/desktop/js/ 162 KB
38 KB 52ms
52ms Script
text/javascript 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/assets/1605702800/qQ/desktop/js/dmn-main.js
Requested by: Host: www.express.de
URL: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
nncoection: close
cache-control: max-age=2140904
content-length: 38929
x-document-type: asset
expires: Fri, 18 Dec 2020 15:21:07 GMT

GET templateclient.js
track.express.de/cre-1.0/api/tracking/service/express/ 0
0

GET tracking.js
track.express.de/cre-1.0/tracking/ 0
0

GET vgzm.2780602-CM8-00000000000037652564
express.met.vgwort.de/na/ 0
0

GET
H2 200 Primary Request index.html Show response
www.express.de/html/dumont-consent/ 7 KB
2 KB 40ms
40ms Document
text/html 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Requested by: Host: www.express.de
URL: https://www.express.de/assets/1605702800/qQ/common/js/dmn-head-start.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5fdfeb515c6caa09ed92916fa4f995001531e564ca66d183b416b02690f118f1

Request headers

:method: GET
:authority: www.express.de
:scheme: https
:path: /html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: guid=c5577d7f-8532-416d-b4e8-e14d31560253+383a29f5fb20a99a543c28f6664f32182ebb0b7e34e231604117fca4de634bc90f8b1368353b593dc4374a11c13436cb0803d0429e3097de2a3f299a06cf65cf; NSC_eno_xxx.cfub.ltub.ef=ffffffffda4d4d2245525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.express.de/sport/sportmix/ist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564

Response headers

server: Apache
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
etag: "1b35-5b4c66e3f712e-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 2308
cneonction: close
content-type: text/html
date: Mon, 23 Nov 2020 20:39:23 GMT
vary: Accept-Encoding

GET
H2 200 style.css
www.express.de/html/all/permanent/dumont-consent/ 9 KB
2 KB 41ms
39ms Stylesheet
text/css 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/all/permanent/dumont-consent/style.css
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e279dc262da6cb07845fae2c3c59767942b2b43f1b06b93a16228c3083425af2

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "2391-5b4c66e3f51ee-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3
cneonction: close
accept-ranges: bytes
content-length: 1924
expires: Mon, 23 Nov 2020 20:39:26 GMT

GET
H2 200 style.css
www.express.de/html/dumont-consent/ 2 KB
801 B 41ms
40ms Stylesheet
text/css 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/dumont-consent/style.css
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a12b69dfc4106112810a9682a12511b28b7bd66e969f34434c23cda0a02338b0

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "936-5b4c66e3f712e-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=61744
cneonction: close
accept-ranges: bytes
content-length: 592
expires: Tue, 24 Nov 2020 13:48:27 GMT

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 47 KB
14 KB 166ms
72ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.13 000e
Resource Hash: c5010d8a56ab9e451017bc722c522d9a36b68dee77074b45f68db4d131bb43b4

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 20:39:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Nov 2020 20:39:23 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 000e
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 23 Nov 2020 22:39:23 GMT

GET
H2 200 config.js Show response
www.express.de/html/dumont-consent/ 2 KB
706 B 48ms
46ms Script
application/javascript 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/dumont-consent/config.js
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5369090fa073741cf5cc278559866e5caec4dc3b7e90a5c24ea1726889296bcc

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "622-5b4c66e3f712e-gzip"
vary: Accept-Encoding
content-type: application/javascript
cneonction: close
cache-control: max-age=61705
accept-ranges: bytes
content-length: 491
expires: Tue, 24 Nov 2020 13:47:48 GMT

GET
H2 200 polyfill.js Show response
www.express.de/html/all/permanent/dumont-consent/ 4 KB
2 KB 48ms
47ms Script
application/javascript 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/all/permanent/dumont-consent/polyfill.js
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ce84fc3418d0c2fd06834b8e843180335164925920af7a7a64fc608b87773e25

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "115d-5b4c66e3f51ee-gzip"
vary: Accept-Encoding
content-type: application/javascript
cneonction: close
cache-control: max-age=3
accept-ranges: bytes
content-length: 1804
expires: Mon, 23 Nov 2020 20:39:26 GMT

GET
H2 200 sp_api.js Show response
www.express.de/html/all/permanent/dumont-consent/ 4 KB
2 KB 48ms
47ms Script
application/javascript 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/all/permanent/dumont-consent/sp_api.js
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 32244ef5f561cae4662f31925784178cade86b36263e334efc85276cf4f8dbdd

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "f7d-5b4c66e3f51ee-gzip"
vary: Accept-Encoding
content-type: application/javascript
nncoection: close
cache-control: max-age=3
accept-ranges: bytes
content-length: 1378
expires: Mon, 23 Nov 2020 20:39:26 GMT

GET
H2 200 script.js Show response
www.express.de/html/all/permanent/dumont-consent/ 17 KB
4 KB 38ms
38ms Script
application/javascript 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/all/permanent/dumont-consent/script.js
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dccf098ee34b9584a8fe7c4050d6a7f871ebe8881b3e103e55ba4486f17a8753

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "45bc-5b4c66e3f51ee-gzip"
vary: Accept-Encoding
content-type: application/javascript
cneonction: close
cache-control: max-age=3
accept-ranges: bytes
content-length: 4212
expires: Mon, 23 Nov 2020 20:39:26 GMT

GET
H2 200 logo.png
www.express.de/html/dumont-consent/ 5 KB
6 KB 41ms
41ms Image
image/png 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.express.de/html/dumont-consent/logo.png
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2e91622f88a8a7ea451f79cd4390427120bdadd57d88a7a553f3d87f26e930e7

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "15fa-5b4c66e3f712e"
content-type: image/png
nncoection: close
cache-control: max-age=2567293
accept-ranges: bytes
content-length: 5626
expires: Wed, 23 Dec 2020 13:47:36 GMT

GET
H2 200 background.jpg
www.express.de/html/dumont-consent/ 106 KB
107 KB 41ms
41ms Image
image/jpeg 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.express.de/html/dumont-consent/background.jpg
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f30164675abd0fb88788b294572e8758757f54c5c2c964407d0137b6180a5f29

Request headers

Referer: https://www.express.de/html/dumont-consent/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "1a924-5b4c66e3f712e"
content-type: image/jpeg
cneonction: close
cache-control: max-age=2567344
accept-ranges: bytes
content-length: 108836
expires: Wed, 23 Dec 2020 13:48:27 GMT

GET
H2 200 dumont_newsnet.svg
www.express.de/html/all/permanent/dumont-consent/ 2 KB
1 KB 53ms
52ms Image
image/svg+xml 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.express.de/html/all/permanent/dumont-consent/dumont_newsnet.svg
Requested by: Host: www.express.de
URL: https://www.express.de/html/all/permanent/dumont-consent/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9971c3423a27c3fcbfee145c710afd3961e051e41667ce25cc53f3912269c2af

Request headers

Referer: https://www.express.de/html/all/permanent/dumont-consent/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "9f3-5b4c66e3f424d-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1245
nncoection: close

GET
H2 200 signika-v10-latin-regular.woff2
www.express.de/html/all/permanent/dumont-consent/fonts/ 32 KB
32 KB 53ms
53ms Font
application/octet-stream 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/all/permanent/dumont-consent/fonts/signika-v10-latin-regular.woff2
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dcf33a5d57626e80ad28c3d3614e45fee90f256031608e081825187daf0669e4

Request headers

Origin: https://www.express.de
Referer: https://www.express.de/html/dumont-consent/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "8160-5b4c66e3f51ee-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-length: 32902
nncoection: close

GET
H2 200 anton-v11-latin-regular.woff2
www.express.de/html/all/permanent/dumont-consent/fonts/ 14 KB
14 KB 54ms
54ms Font
application/octet-stream 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/all/permanent/dumont-consent/fonts/anton-v11-latin-regular.woff2
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b95d1d28fcfc16ebe94d214918fb4feb8d245858972cdff44bac63e7163e38a6

Request headers

Origin: https://www.express.de
Referer: https://www.express.de/html/dumont-consent/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "378c-5b4c66e3f424d-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14243
nncoection: close

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
consent2.express.de/ 144 KB
42 KB 88ms
88ms Script
application/javascript 52.84.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent2.express.de/wrapperMessagingWithoutDetection.js
Requested by: Host: www.express.de
URL: https://www.express.de/html/all/permanent/dumont-consent/sp_api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-97.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38a38552a2faf7b5a523c8025addf0a5ef617d13860f4bf259b7698a91f14b4e

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:38:28 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 21:53:12 GMT
server: AmazonS3
age: 55
etag: W/"613585ae2b0a196a42f8ff78dcac4466"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 737cc0360b2df6a9db7576a460128378.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: v2HchUo9MG2EeQ8z_YGyRPm51wR4d7zEijWGvfgOCtOghaZc3TSSiw==

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2Fsport%2Fsportmix%2Fist-das-...
https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2Fsport%2Fsportmix%2Fist-das-...

0
717 B

53ms
53ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2Fsport%2Fsportmix%2Fist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564&ur=www.express.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=000e&i2=000e5b7af155a1eeb5fbc1dfb&ep=1632161685&vr=418&id=b3ypd5&i3=nocookie&n1=2&dntt=0&lt=1606163963656&ev=&cs=vri25v&mo=1&sr=71
Requested by: Host: www.express.de
URL: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 0033
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 20:39:23 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 0033
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Mon, 23 Nov 2020 20:39:23 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 0033
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 23 Nov 2020 20:39:23 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=express&cp=express_pur&mg=yes&sv=ke&co=IVW%20Aufruf&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=www.express.de&r2=https%3A%2F%2Fwww.express.de%2Fsport%2Fsportmix%2Fist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564&ur=www.express.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=000e&i2=000e5b7af155a1eeb5fbc1dfb&ep=1632161685&vr=418&id=b3ypd5&i3=nocookie&n1=2&dntt=0&lt=1606163963656&ev=&cs=vri25v&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sat, 23 Nov 2019 20:39:23 GMT

GET
H2 200 launch-06801460f26f.min.js Show response
assets.adobedtm.com/00a733507f33/4153917cce75/ 107 KB
34 KB 14ms
14ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js
Requested by: Host: www.express.de
URL: https://www.express.de/html/all/permanent/dumont-consent/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dbfdf5ad20d2330ba2e935c9801b6e63abf81b79265992f17e14d4fb30432cdf

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 14:00:48 GMT
server: AkamaiNetStorage
etag: "ec0ca453e99d16e73d271641a19a2f0f:1605880848.702699"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.express.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 34071
expires: Mon, 23 Nov 2020 21:39:23 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 368 B
1 KB 252ms
66ms XHR
application/json 34.242.67.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=13E4401053DAE44E0A490D4C%40AdobeOrg&d_nsid=0&ts=1606163963694

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.67.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-67-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d54af58cd695f6dfef9063daf72d984da895de4176e54e62331d1821676cbd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v086-0cb9453bc.edge-irl1.demdex.com 5.80.1.20201111130852 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: Af7gRyOxS98=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.express.de
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 301
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 EX46a6e718272f4aceb09042f060554152-libraryCode_source.min.js Show response
assets.adobedtm.com/00a733507f33/4153917cce75/a4af3955b2a7/ 58 KB
17 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/a4af3955b2a7/EX46a6e718272f4aceb09042f060554152-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 74d92691f53fa2ccd375974e66bf7701b6187e8974aa6ad5147505ad74e186ee

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:23 GMT
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 14:00:49 GMT
server: AkamaiNetStorage
etag: "d329f283c69a07b14697624d812457db:1605880849.33843"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.express.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 17096
expires: Mon, 23 Nov 2020 21:39:23 GMT

OPTIONS
H2 200 native-message
consent2.express.de/wrapper/tcfv2/v1/gdpr/ Frame 0
0 295ms
155ms Other
text/html 52.84.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent2.express.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A995%2C%22requestUUID%22%3A%22ad09ea41-3890-4fca-950c-94e1382e1f37%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.express.de%2Fhtml%2Fdumont-consent%2Findex.html%3Fparam%3DeyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ%2FY2I9MTYwNjE2Mzk2MzQyOCJ9%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent2.express.de%22%2C%22targetingParams%22%3A%22%7B%5C%22mode%5C%22%3A%5C%22dumont-consent-message%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 52.84.112.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-97.sof50.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.express.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 13
date: Mon, 23 Nov 2020 20:39:24 GMT
x-powered-by: Express
access-control-allow-origin: https://www.express.de
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: public, max-age=86400
allow: POST,GET,HEAD
x-cache: Miss from cloudfront
via: 1.1 a2b82f226309f86866c9e0db9c57ded2.cloudfront.net (CloudFront)
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: nCrkMRIe2dss8V8r4UCD2ECGfiU7eNiu68uwP-hJjVd6licHsBJpQw==

GET
H2 200 native-message Show response
consent2.express.de/wrapper/tcfv2/v1/gdpr/ 385 KB
13 KB 218ms
218ms XHR
application/json 52.84.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent2.express.de/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A995%2C%22requestUUID%22%3A%22ad09ea41-3890-4fca-950c-94e1382e1f37%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.express.de%2Fhtml%2Fdumont-consent%2Findex.html%3Fparam%3DeyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ%2FY2I9MTYwNjE2Mzk2MzQyOCJ9%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent2.express.de%22%2C%22targetingParams%22%3A%22%7B%5C%22mode%5C%22%3A%5C%22dumont-consent-message%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: consent2.express.de
URL: https://consent2.express.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-97.sof50.r.cloudfront.net
Software: / Express
Resource Hash: 2061d1342a000fabb2a54b9990cbe628ed568cc56228e5e1639633cdf3019780

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 Nov 2020 20:39:24 GMT
content-encoding: gzip
x-amz-cf-pop: SOF50-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.express.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: S9YrlVUbH4CWeXw4F5qMdx92544Px7LXV0CSUdTPAponPVaJLiCUHQ==
via: 1.1 a2b82f226309f86866c9e0db9c57ded2.cloudfront.net (CloudFront)

GET
H/1.1 200
OK Cookie set dest5.html
dumontnet.demdex.net/ Frame 6F18 0
0 269ms
67ms Document
text/html 63.32.152.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dumontnet.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.152.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-152-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: dumontnet.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=02748553648657045600883648322500237068
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 19 Nov 2020 14:52:08 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=02748553648657045600883648322500237068;Path=/;Domain=.demdex.net;Expires=Sat, 22-May-2021 20:39:24 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 2E92Fhi5RV8=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
dumontnet.d3.sc.omtrdc.net/ 2 B
317 B 189ms
55ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dumontnet.d3.sc.omtrdc.net/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=13E4401053DAE44E0A490D4C%40AdobeOrg&mid=02775092575985216840885743731575850024&ts=1606163963953

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/00a733507f33/4153917cce75/launch-06801460f26f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 Nov 2020 20:39:24 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-f7bfdfcfd-ptl5j
vary: Origin
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.express.de
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X7wd-AAAAGyUqxz6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=02748553648657045600883648322500237068
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X7wd-AAAAGyUqxz6

42 B
915 B

63ms
63ms

Image
image/gif

34.242.67.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X7wd-AAAAGyUqxz6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.67.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-67-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v086-09cf6c718.edge-irl1.demdex.com 5.80.1.20201111130852 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: n5oVCwm1QXk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X7wd-AAAAGyUqxz6
Date: Mon, 23 Nov 2020 20:39:24 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s85255881920597
dumontnet.d3.sc.omtrdc.net/b/ss/dmtexpressprod/1/JS-2.20.0-LAWA/ 43 B
220 B 56ms
55ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dumontnet.d3.sc.omtrdc.net/b/ss/dmtexpressprod/1/JS-2.20.0-LAWA/s85255881920597?AQB=1&ndh=1&pf=1&t=23%2F10%2F2020%2021%3A39%3A24%201%20-60&mid=02775092575985216840885743731575850024&aamlh=6&ce=UTF-8&ns=dumontnet&pageName=PUR&g=https%3A%2F%2Fwww.express.de%2Fhtml%2Fdumont-consent%2Findex.html%3Fparam%3DeyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ%2FY2I9MTYwNjE2Mzk2MzQyOCJ&r=https%3A%2F%2Fwww.express.de%2Fsport%2Fsportmix%2Fist-das-ueberhaupt-sport--zoff--zwoelf-spieler-boykottieren-deutsche-nationalmannschaft-37652564&cc=EUR&server=www.express.de&events=event1%2Cevent268&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=https%3A%2F%2Fwww.express.de&c2=D%3Dv2&v2=PUR&c3=D%3Dv3&v3=PUR&c4=D%3Dv8&c5=D%3Dv11&c6=D%3Dv14&c8=D%3Dv17&c9=D%3Dv18&v9=PUR_Vorschaltseite&c10=D%3Dv19&v10=PUR&c11=D%3Dv33&v11=D%3Dg&c12=D%3Dv10&v12=NaN-NaN-NaN&c13=D%3Dv41&v13=D%3Dv12&v14=Online&c15=D%3Dv45&c16=D%3Dv9&v18=Weekday%7CMonday%7C9%3A30PM&v19=1606163963657&c29=D%3Dv61&v34=D%3Dr&c55=D%3Dv53&c56=D%3Dv95&c57=D%3Dv54&v66=D%3Dv15&c73=D%3Dv103&c74=D%3Dv102&v103=unknown&v112=Akzeptieren_Status&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=9&mcorgid=13E4401053DAE44E0A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:24 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 24 Nov 2020 20:39:24 GMT
server: jag
xserver: anedge-f7bfdfcfd-brkc9
etag: 3449210848782155776-4621512686805388288
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 22 Nov 2020 20:39:24 GMT

GET
H2 200 s88005257656430
dumontnet.d3.sc.omtrdc.net/b/ss/dmtexpressprod/1/JS-2.20.0-LAWA/ 43 B
140 B 56ms
55ms Image
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dumontnet.d3.sc.omtrdc.net/b/ss/dmtexpressprod/1/JS-2.20.0-LAWA/s88005257656430?AQB=1&ndh=1&pf=1&t=23%2F10%2F2020%2021%3A39%3A24%201%20-60&mid=02775092575985216840885743731575850024&aamlh=6&ce=UTF-8&ns=dumontnet&pageName=PUR&g=https%3A%2F%2Fwww.express.de%2Fhtml%2Fdumont-consent%2Findex.html%3Fparam%3DeyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ%2FY2I9MTYwNjE2Mzk2MzQyOCJ&cc=EUR&events=event9&v11=D%3Dg&v12=NaN-NaN-NaN&v18=Weekday%7CMonday%7C9%3A30PM&v55=385482&v56=PUR%20Notice&pe=lnk_o&pev2=SP%20Layer%20shown&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=9&mcorgid=13E4401053DAE44E0A490D4C%40AdobeOrg&lrt=59&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:24 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 24 Nov 2020 20:39:24 GMT
server: jag
xserver: anedge-f7bfdfcfd-ksf8z
etag: 3449210848782155776-4621441051041612498
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 22 Nov 2020 20:39:24 GMT

GET
H2 200 index.html Show response
consent2.express.de/ Frame A747 4 KB
2 KB 69ms
69ms Document
text/html 52.84.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
Requested by: Host: consent2.express.de
URL: https://consent2.express.de/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-97.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90ff978f755cc4d9dfe64097729d5e9b8a992e0e9587e03eefa708719f20db14

Request headers

:method: GET
:authority: consent2.express.de
:scheme: https
:path: /index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AMCVS_13E4401053DAE44E0A490D4C%40AdobeOrg=1; gpv_pn=PUR; gpv_r=PUR; s_cc=true; AMCV_13E4401053DAE44E0A490D4C%40AdobeOrg=870038026%7CMCIDTS%7C18590%7CMCMID%7C02775092575985216840885743731575850024%7CMCAAMLH-1606768763%7C6%7CMCAAMB-1606768763%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1606171164s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18597%7CvVersion%7C5.0.0; consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc; iom_consent=01000000000000&1606163964400
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.express.de/html/dumont-consent/index.html?param=eyJyZWRpcmVjdFVybCI6Ii9zcG9ydC9zcG9ydG1peC9pc3QtZGFzLXVlYmVyaGF1cHQtc3BvcnQtLXpvZmYtLXp3b2VsZi1zcGllbGVyLWJveWtvdHRpZXJlbi1kZXV0c2NoZS1uYXRpb25hbG1hbm5zY2hhZnQtMzc2NTI1NjQ/Y2I9MTYwNjE2Mzk2MzQyOCJ9

Response headers

content-type: text/html
last-modified: Fri, 20 Nov 2020 13:38:07 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 23 Nov 2020 20:16:31 GMT
etag: "80403b5e14db015ee88a4a4daff1bfb7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 737cc0360b2df6a9db7576a460128378.cloudfront.net (CloudFront)
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: MLEzUKF1zZ5tN9iszaedJdiJc0XilwTTvJ3s50pjCiQpihp2lX2vgw==
age: 4842

GET
H2 200 Notice.7f9f7.css
consent2.express.de/ Frame A747 27 KB
5 KB 70ms
69ms Stylesheet
text/css 52.84.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent2.express.de/Notice.7f9f7.css
Requested by: Host: consent2.express.de
URL: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-97.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ae5db3739ab7117213fc81312987373f78ea0b7006e644b2fa00b99ca04c0ad

Request headers

Referer: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:16:31 GMT
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 13:38:07 GMT
server: AmazonS3
age: 3899
etag: "3394c9d864848c4034878955cbc138ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 737cc0360b2df6a9db7576a460128378.cloudfront.net (CloudFront)
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: UfhiUDBnlDpvsTsffj9SMlsBALbw4qLI71-Ip7nmND9YRmJmNRJXdQ==

GET
H2 200 polyfills.ede70.js Show response
consent2.express.de/ Frame A747 5 KB
2 KB 71ms
70ms Script
application/javascript 52.84.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent2.express.de/polyfills.ede70.js
Requested by: Host: consent2.express.de
URL: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-97.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: feffa10be7222692f7cf76470564dbe7c0a3d76d5f4da8c12006b879f1cd21ec

Request headers

Referer: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:16:31 GMT
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 13:38:07 GMT
server: AmazonS3
age: 4796
etag: "3b8e7686c01cb06333d0575ac700a9a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 737cc0360b2df6a9db7576a460128378.cloudfront.net (CloudFront)
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: G2eBWlKquhqZ9K8JPwRjU_RdyxSsIeNPBgp66s67M9NFT2tivcVt8w==

GET
H2 200 Notice.c21eb.js Show response
consent2.express.de/ Frame A747 143 KB
33 KB 77ms
77ms Script
application/javascript 52.84.112.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent2.express.de/Notice.c21eb.js
Requested by: Host: consent2.express.de
URL: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-97.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5826ba53a5103fc319e139127327647b55b6b5e717e8db7d3209dbdc0ba850e7

Request headers

Referer: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:16:31 GMT
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 13:38:07 GMT
server: AmazonS3
age: 4520
etag: "7276354b5a861592441473623ece77fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 737cc0360b2df6a9db7576a460128378.cloudfront.net (CloudFront)
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: CsdFMlhsjmd3blEoDXqUpyTF9LS6Zyk8CBfe-r3eTPZAwDc6zrlWCA==

GET
H2 200 /
d2p3zdq8vjvnxd.cloudfront.net/ Frame A747 26 B
364 B 98ms
56ms Image
image/gif 2600:9000:2104:3400:13:7ad6:7840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2p3zdq8vjvnxd.cloudfront.net/?s_id=4379&m_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3400:13:7ad6:7840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:25 GMT
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2019 18:39:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache,no-store
accept-ranges: bytes
content-length: 26
x-amz-cf-id: 011tKqTzBpuQIx2t8fbNP3G-cI5wfiNNek-3xSDu2xE0p7ydafjyGA==

GET
H2 200 anton-v11-latin-regular.woff2
www.express.de/html/all/permanent/dumont-consent/fonts/ Frame A747 14 KB
14 KB 135ms
51ms Font
application/octet-stream 184.31.94.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.express.de/html/all/permanent/dumont-consent/fonts/anton-v11-latin-regular.woff2
Requested by: Host: consent2.express.de
URL: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.31.94.201 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-94-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b95d1d28fcfc16ebe94d214918fb4feb8d245858972cdff44bac63e7163e38a6

Request headers

Origin: https://consent2.express.de
Referer: https://consent2.express.de/index.html?message_id=385482&consentUUID=911b1ef1-a986-4c4a-a16c-dc881f3fc2fc&requestUUID=ad09ea41-3890-4fca-950c-94e1382e1f37&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 20:39:24 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:47:09 GMT
server: Apache
etag: "378c-5b4c66e3f424d-gzip"
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14243
nncoection: close

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: consent2.express.de
URL: https://consent2.express.de/wrapperMessagingWithoutDetection.js

Domain: track.express.de
URL: https://track.express.de/cam-1.0/static/jssdk.js?lang=de&service=expressde

Domain: script.ioam.de
URL: https://script.ioam.de/iam.js

Domain: track.express.de
URL: https://track.express.de/cre-1.0/api/tracking/service/express/templateclient.js

Domain: track.express.de
URL: https://track.express.de/cre-1.0/tracking/tracking.js

Domain: express.met.vgwort.de
URL: https://express.met.vgwort.de/na/vgzm.2780602-CM8-00000000000037652564

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.express.de/	1970-01-25 20:31:23	Name: iom_consent Value: 00000000000000&1606163963645
.express.de/	1970-01-20 07:40:35	Name: AMCV_13E4401053DAE44E0A490D4C%40AdobeOrg Value: 870038026%7CMCIDTS%7C18590%7CvVersion%7C5.0.0
www.express.de/	1969-12-31 23:59:59	Name: NSC_eno_xxx.cfub.ltub.ef Value: ffffffffda4d4d2245525d5f4f58455e445a4a423660
www.express.de/	1969-12-31 23:59:59	Name: guid Value: c5577d7f-8532-416d-b4e8-e14d31560253+383a29f5fb20a99a543c28f6664f32182ebb0b7e34e231604117fca4de634bc90f8b1368353b593dc4374a11c13436cb0803d0429e3097de2a3f299a06cf65cf

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 5) Message: [object Object]
console-api	log	URL: https://www.express.de/html/all/permanent/dumont-consent/sp_api.js(Line 48) Message: onMessageReceiveData [object Object]
console-api	log	URL: https://consent2.express.de/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.
console-api	log	URL: https://www.express.de/html/all/permanent/dumont-consent/sp_api.js(Line 36) Message: onMessageReady

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; default-src data: https: wss: blob: 'unsafe-inline' 'unsafe-eval';

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.stroeerdigitalgroup.de
cm.everesttech.net
code.jquery.com
consent2.express.de
d2p3zdq8vjvnxd.cloudfront.net
de.ioam.de
dpm.demdex.net
dumontnet.d3.sc.omtrdc.net
dumontnet.demdex.net
express.met.vgwort.de
script.ioam.de
track.express.de
trmads.eu
www.express.de
consent2.express.de
express.met.vgwort.de
script.ioam.de
track.express.de
15.237.76.117
184.31.94.201
2001:4de0:ac19::1:b:1a
2600:9000:2104:3400:13:7ad6:7840:21
2606:4700:3035::ac43:92ed
2a02:26f0:10c:59b::1e80
2a02:26f0:10c::5f64:c11b
34.242.67.216
52.84.112.97
54.194.191.134
63.32.152.233
91.215.100.40
91.215.103.64
0ae5db3739ab7117213fc81312987373f78ea0b7006e644b2fa00b99ca04c0ad
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a3c9cff5e2fb9b0eef4369f97a900acf64b0ae80854b8594ec9baf8c2c380c7
2061d1342a000fabb2a54b9990cbe628ed568cc56228e5e1639633cdf3019780
2a4706ec669ea00d7dd903925277a44994d55c5875939eddb065692b86dd8762
2e91622f88a8a7ea451f79cd4390427120bdadd57d88a7a553f3d87f26e930e7
32244ef5f561cae4662f31925784178cade86b36263e334efc85276cf4f8dbdd
38a38552a2faf7b5a523c8025addf0a5ef617d13860f4bf259b7698a91f14b4e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5369090fa073741cf5cc278559866e5caec4dc3b7e90a5c24ea1726889296bcc
5826ba53a5103fc319e139127327647b55b6b5e717e8db7d3209dbdc0ba850e7
5fdfeb515c6caa09ed92916fa4f995001531e564ca66d183b416b02690f118f1
74d92691f53fa2ccd375974e66bf7701b6187e8974aa6ad5147505ad74e186ee
90ff978f755cc4d9dfe64097729d5e9b8a992e0e9587e03eefa708719f20db14
9971c3423a27c3fcbfee145c710afd3961e051e41667ce25cc53f3912269c2af
a12b69dfc4106112810a9682a12511b28b7bd66e969f34434c23cda0a02338b0
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b95d1d28fcfc16ebe94d214918fb4feb8d245858972cdff44bac63e7163e38a6
c5010d8a56ab9e451017bc722c522d9a36b68dee77074b45f68db4d131bb43b4
ce84fc3418d0c2fd06834b8e843180335164925920af7a7a64fc608b87773e25
d54af58cd695f6dfef9063daf72d984da895de4176e54e62331d1821676cbd15
d889ae9677a851be80db562a911cdb81412152d8c4e4dbe1e69d0902845e9ab2
dbfdf5ad20d2330ba2e935c9801b6e63abf81b79265992f17e14d4fb30432cdf
dccf098ee34b9584a8fe7c4050d6a7f871ebe8881b3e103e55ba4486f17a8753
dcf33a5d57626e80ad28c3d3614e45fee90f256031608e081825187daf0669e4
dd52b0d69f3517fba3c14fd06ef1c5f1c092c50d4b731735ecf18f92254292b5
e279dc262da6cb07845fae2c3c59767942b2b43f1b06b93a16228c3083425af2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6735db5896da37a17fe433e540642a5f5782b2d21393415f6f3b399f605adee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30164675abd0fb88788b294572e8758757f54c5c2c964407d0137b6180a5f29
feffa10be7222692f7cf76470564dbe7c0a3d76d5f4da8c12006b879f1cd21ec

www.express.de Open in urlscan Pro 184.31.94.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

88 %HTTPS

38 %IPv6

11 Domains

15 Subdomains

13 IPs

6 Countries

687 kBTransfer

2613 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.express.de Open in urlscan Pro
184.31.94.201 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

88 %
HTTPS

38 %
IPv6

11
Domains

15
Subdomains

13
IPs

6
Countries

687 kB
Transfer

2613 kB
Size

4
Cookies

49 HTTP transactions
0 data transactions