urlscan.io logo urlscan.io
SecurityTrails logo

newsletter.egmont.de Open in urlscan Pro
54.77.167.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://marketing.egmont-shop.de/web/namedservice/?ext=https%3A%2F%2Fnewsletter.egmont.de%2Fconfirmation%3FagillicId%3D.TIES%26ne...
Effective URL: https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Submission: On September 19 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 6 domains to perform 17 HTTP transactions. The main IP is 54.77.167.158, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is newsletter.egmont.de.
TLS certificate: Issued by R3 on September 4th 2022. Valid for: 3 months.
This is the only time newsletter.egmont.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 92.62.195.236 31027 (GLOBALCON...)
1 6 54.77.167.158 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.53 16509 (AMAZON-02)
2 13.32.27.54 16509 (AMAZON-02)
1 143.204.215.95 16509 (AMAZON-02)
1 99.80.161.153 16509 (AMAZON-02)
17 10
1    92.62.195.236 (Copenhagen, Denmark)

ASN31027 (GLOBALCONNECT-AS31027, DK)
marketing.egmont-shop.de
6    54.77.167.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-167-158.eu-west-1.compute.amazonaws.com
newsletter.egmont.de
1    2a00:1450:400a:801::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:26f0:dc::217:61f3 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
2    2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
2    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
1    143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net
vars.hotjar.com
1    99.80.161.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
in.hotjar.com
Apex Domain
Subdomains		 Transfer
6 egmont.de
newsletter.egmont.de
641 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 591
script.hotjar.com — Cisco Umbrella Rank: 779
vars.hotjar.com — Cisco Umbrella Rank: 852 Failed
in.hotjar.com — Cisco Umbrella Rank: 1671
133 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4622
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5429
78 KB
1 gstatic.com
fonts.gstatic.com
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
960 B
1 egmont-shop.de
marketing.egmont-shop.de
667 B
17 6
Domain Requested by
6 newsletter.egmont.de 1 redirects newsletter.egmont.de
2 script.hotjar.com static.hotjar.com
consent.cookiebot.com
2 consentcdn.cookiebot.com consent.cookiebot.com
2 consent.cookiebot.com newsletter.egmont.de
consent.cookiebot.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
consent.cookiebot.com
1 static.hotjar.com newsletter.egmont.de
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com newsletter.egmont.de
1 marketing.egmont-shop.de 1 redirects
17 10

This site contains links to these domains. Also see Links.

Domain
www.egmont-shop.de
www.cookiebot.com
www.hotjar.com
policies.google.com
Subject Issuer Validity Valid
newsletter.egmont.de
R3		 2022-09-04 -
2022-12-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-04 -
2023-06-06		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-15 -
2023-06-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh

This page contains 3 frames:

Primary Page: https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Frame ID: E0EF48FC2ECCE1C98E1AA75D9E10D12E
Requests: 15 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 406778B0DE627C7E27D8B45B510A9B02
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 849F8349237CFD28162E25C0DE8E5C90
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://marketing.egmont-shop.de/web/namedservice/?ext=https%3A%2F%2Fnewsletter.egmont.de%2Fconfirmation%3Fag... HTTP 302
    https://newsletter.egmont.de/confirmation?agillicId=.TIES&newsletterKey=DE_LTB&source=lustiges-taschenbuc... HTTP 302
    https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

17
Requests

94 %
HTTPS

40 %
IPv6

6
Domains

10
Subdomains

10
IPs

6
Countries

877 kB
Transfer

1662 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://marketing.egmont-shop.de/web/namedservice/?ext=https%3A%2F%2Fnewsletter.egmont.de%2Fconfirmation%3FagillicId%3D.TIES%26newsletterKey%3DDE_LTB%26source%3Dlustiges-taschenbuch.de%7Cnewsletter%26utm_source%3Dep%26utm_medium%3Demail%26utm_campaign%3Dep_crm_confirmation_single_NEWSLETTER%26utm_content%3Dep_crm_confirmation_single_DE_LTB&evt=.RNf-dEWGzQ&cs=rKRxKB1amrWjRWOf1YuaQQ!!&resourcename=ep_crm_confirmation_single_NEWSLETTER&channel=email&stageId=%23KAkD&scenarioExecutionId=1602154&promotion=ep_crm_confirmation_single&proposition=DE_LTB&lgn_uid=LlRJRVM6MTY5NDkwOTU5N0WptzTGFVfo2Dnai1tqZIc!&ea=7oIU8hNpUuavMumthlrgR0zMchnvoyww8A8xMR0wRk83MZs2UKprygIQoB6lFmmIi27Mv7%2FFznB1z9NQThDQis1OgDiwLRN5MN1h%2B%2FeOGck%3D%3Ad2nLwGpO6ixbBKW6XRau4w%3D%3D HTTP 302
    https://newsletter.egmont.de/confirmation?agillicId=.TIES&newsletterKey=DE_LTB&source=lustiges-taschenbuch.de|newsletter&utm_source=ep&utm_medium=email&utm_campaign=ep_crm_confirmation_single_NEWSLETTER&utm_content=ep_crm_confirmation_single_DE_LTB HTTP 302
    https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request alreadysubscribed
newsletter.egmont.de/confirmation/
Redirect Chain
  • https://marketing.egmont-shop.de/web/namedservice/?ext=https%3A%2F%2Fnewsletter.egmont.de%2Fconfirmation%3FagillicId%3D.TIES%26newsletterKey%3DDE_LTB%26source%3Dlustiges-taschenbuch.de%7Cnewsletter...
  • https://newsletter.egmont.de/confirmation?agillicId=.TIES&newsletterKey=DE_LTB&source=lustiges-taschenbuch.de|newsletter&utm_source=ep&utm_medium=email&utm_campaign=ep_crm_confirmation_single_NEWSL...
  • https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.77.167.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-167-158.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6dbc1b6e52c26396aa6e66588172caba54a87ab2806a6eaa1b5eb2c68261f5cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
2056
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 11:54:20 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Clacks-Overhead
GNU Terry Pratchett
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Content-Length
168
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 11:54:20 GMT
Location
/confirmation/alreadysubscribed?NewsletterTypeID=45
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Clacks-Overhead
GNU Terry Pratchett
X-Powered-By
ASP.NET
css
newsletter.egmont.de/Content/ 		150 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsletter.egmont.de/Content/css?v=-sOy_c_g5fG2w1Ga43Ose_qTmNFThRtLgk_VpnwifdY1
Requested by
Host: newsletter.egmont.de
URL: https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.77.167.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-167-158.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bcf3e29e2ef984e54fdc9cd5a080eb1840e6df649a6cba6effd8725c94d19511

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 11:54:20 GMT
Content-Encoding
gzip
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Mon, 19 Sep 2022 11:54:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
36740
Expires
Tue, 19 Sep 2023 11:54:21 GMT
css
fonts.googleapis.com/ 		1 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Istok+Web
Requested by
Host: newsletter.egmont.de
URL: https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4713af1b2ec7481b6d6671cbb5a771eadba0e11c7541e95c7badbb20935c3c4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 11:50:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 11:54:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 11:54:25 GMT
uc.js
consent.cookiebot.com/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: newsletter.egmont.de
URL: https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:61f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ec0e78ba3786d620f16943844c3da6aac1f029dc4ec6fb35456d019508679ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 11:54:25 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 07:31:36 GMT
etag
"aeea9f60c2b6d81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=140
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
31207
expires
Mon, 19 Sep 2022 11:56:45 GMT
website-logo2.png
newsletter.egmont.de/content/images/germany/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsletter.egmont.de/content/images/germany/website-logo2.png
Requested by
Host: newsletter.egmont.de
URL: https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.77.167.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-167-158.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
15758a5850c6f0bbbd62d46dd5b400a28b03e70b11a9eae3846525e3282c3d0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 11:54:20 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Mon, 22 Mar 2021 11:40:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
124763
ETag
"779f92a101fd71:0"
ltb_logo.png
newsletter.egmont.de/content/images/germany/ 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsletter.egmont.de/content/images/germany/ltb_logo.png
Requested by
Host: newsletter.egmont.de
URL: https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.77.167.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-167-158.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a04f81b6515b3d2938a9512f393b04c41d225e92ef4dd4e44c9219ae0a3fda11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 11:54:20 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Mon, 22 Mar 2021 11:40:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
437994
ETag
"9194f82a101fd71:0"
scripts
newsletter.egmont.de/bundles/ 		122 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.egmont.de/bundles/scripts?v=EuveJJUYxdNgIFhGHSfN-NRcFjZqq8N7AzdIkddDDO81
Requested by
Host: newsletter.egmont.de
URL: https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.77.167.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-167-158.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6c52a05ed2d5ea3955280f4bd26d4db46de12d0cb25033e05a83b34f52b039f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/confirmation/alreadysubscribed?NewsletterTypeID=45
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 11:54:20 GMT
Content-Encoding
gzip
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Mon, 19 Sep 2022 11:54:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
52691
Expires
Tue, 19 Sep 2023 11:54:21 GMT
configuration.js
consentcdn.cookiebot.com/consentconfig/59983d5d-fe79-44ea-b537-43d3c14fdb98/newsletter.egmont.de/ 		556 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/59983d5d-fe79-44ea-b537-43d3c14fdb98/newsletter.egmont.de/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
099abee85da22fc75066a8910d0364c5ccc51e54d5f6d5ab8a2e54078bc0bc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 11:54:25 GMT
last-modified
Tue, 13 Sep 2022 09:45:38 GMT
server
AkamaiNetStorage
etag
"a01df0770e69a211a16ba1a7347f1d01:1663062338.659858"
content-type
application/x-javascript
cache-control
max-age=58543
server-timing
cdn-cache; desc=HIT, edge; dur=4
accept-ranges
bytes
content-length
556
expires
Tue, 20 Sep 2022 04:10:08 GMT
cc.js
consent.cookiebot.com/59983d5d-fe79-44ea-b537-43d3c14fdb98/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/59983d5d-fe79-44ea-b537-43d3c14fdb98/cc.js?renew=false&referer=newsletter.egmont.de&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:61f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c1d7cc00e4a256c2556374f6457b9785853e160895b7eda15726882feee2291c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 11:54:25 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 11:54:25 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
content-length
46596
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
3qTvojGmgSyUukBzKslpBmt_.woff2
fonts.gstatic.com/s/istokweb/v20/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/istokweb/v20/3qTvojGmgSyUukBzKslpBmt_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Istok+Web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a13c9efb15d11e0d7c3d34f3a31391310c22aedff9d364add903ad6a6285e81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsletter.egmont.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 17:42:20 GMT
x-content-type-options
nosniff
age
497525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24300
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:27:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 17:42:20 GMT
hotjar-150660.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-150660.js?sv=6
Requested by
Host: newsletter.egmont.de
URL: https://newsletter.egmont.de/bundles/scripts?v=EuveJJUYxdNgIFhGHSfN-NRcFjZqq8N7AzdIkddDDO81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
16ce2de9988e2200d0042a17c61a1a8ad7d7bba66d209e02874bc65f1b5d6a7e
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
age
20
x-cache
Hit from cloudfront
date
Mon, 19 Sep 2022 11:54:25 GMT
cross-origin-resource-policy
cross-origin
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
cache-control
max-age=60
etag
W/1eda158c129dd056fbac637be6eba5a3
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
PfkJNEP9p1-9yUZdD6nBu86ZD-fHXVSJ2DBgFQi-q_u6QHFn1-U_vg==
modules.d00377d3a043900eb4ef.js
script.hotjar.com/ 		252 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-150660.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 13:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
427518
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800; includeSubDomains
content-length
65532
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 13:08:33 GMT
etag
"74e062f975f5935c93ae5aff80efbd87"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
yyzYTRJy6seu9TX29DErTZGXuKyZSDECplgcNjD9P6MFeah6kI55Ew==
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 4067 		627 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://newsletter.egmont.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31535935
content-encoding
gzip
content-length
392
content-type
text/html
date
Mon, 19 Sep 2022 11:54:25 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Tue, 19 Sep 2023 11:53:20 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 849F 		0
0
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 849F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://newsletter.egmont.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1046238
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Sep 2022 09:17:07 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security
max-age=604800; includeSubDomains
vary
Accept-Encoding
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-id
3DFQIdXWzRWI6hocn9ElIwabfU2gzdiK9mrxYrLv7a25XLDho1uKng==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
truncated
/ 		973 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
visit-data
in.hotjar.com/api/v2/client/sites/150660/ 		148 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/150660/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.161.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2

Request headers

Referer
https://newsletter.egmont.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 11:54:25 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
modules.d00377d3a043900eb4ef.js
script.hotjar.com/ 		252 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.egmont.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 13:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
427518
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800; includeSubDomains
content-length
65532
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 13:08:33 GMT
etag
"74e062f975f5935c93ae5aff80efbd87"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
BtjH9A7ST21biUtxVBMSngKnTbZ3TLVrmlBHsD19xytfAR7OxMIdrQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vars.hotjar.com
URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| dataLayer object| CookieConsent function| $ function| jQuery function| hj object| _hjSettings number| CB_jQueryHoldReadyStarted object| CookiebotDialog object| CookieConsentDialog object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules number| CB_OnTagsExecuted_Processed function| addEventListenerBase

10 Cookies

Domain/Path Name / Value
marketing.egmont-shop.de/web Name: JSESSIONID
Value: 5C80FEE28847C1DFBBE8D491C0704E7D
marketing.egmont-shop.de/ Name: ag-uid
Value: LlRJRVM987-o0ImfLmw8d7VGPAUp
marketing.egmont-shop.de/ Name: ag-visitorid
Value: 1663588464279102050
newsletter.egmont.de/ Name: ASP.NET_SessionId
Value: a5up3o3pjv4oexd02rqqgy40
.egmont.de/ Name: _hjSessionUser_150660
Value: eyJpZCI6ImZhZGQyOGVhLWIzMDItNWY1Yy05ZmY4LWUxNjI5NWE1YjE3OCIsImNyZWF0ZWQiOjE2NjM1ODg0NjU1NTgsImV4aXN0aW5nIjpmYWxzZX0=
.egmont.de/ Name: _hjFirstSeen
Value: 1
newsletter.egmont.de/ Name: _hjIncludedInSessionSample
Value: 1
.egmont.de/ Name: _hjSession_150660
Value: eyJpZCI6ImEzMjU0ODUyLTMxY2YtNGJjZi04YTc5LTk2MmEzODE0MGU5YiIsImNyZWF0ZWQiOjE2NjM1ODg0NjU2MjcsImluU2FtcGxlIjp0cnVlfQ==
newsletter.egmont.de/ Name: _hjIncludedInPageviewSample
Value: 1
.egmont.de/ Name: _hjAbsoluteSessionInProgress
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
marketing.egmont-shop.de
newsletter.egmont.de
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vars.hotjar.com
13.32.27.54
143.204.215.95
18.66.97.53
2a00:1450:4001:82a::2003
2a00:1450:400a:801::200a
2a02:26f0:3500:886::f09
2a02:26f0:dc::217:61f3
54.77.167.158
92.62.195.236
99.80.161.153
099abee85da22fc75066a8910d0364c5ccc51e54d5f6d5ab8a2e54078bc0bc01
15758a5850c6f0bbbd62d46dd5b400a28b03e70b11a9eae3846525e3282c3d0e
16ce2de9988e2200d0042a17c61a1a8ad7d7bba66d209e02874bc65f1b5d6a7e
46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2
4713af1b2ec7481b6d6671cbb5a771eadba0e11c7541e95c7badbb20935c3c4f
6c52a05ed2d5ea3955280f4bd26d4db46de12d0cb25033e05a83b34f52b039f3
6dbc1b6e52c26396aa6e66588172caba54a87ab2806a6eaa1b5eb2c68261f5cd
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
a04f81b6515b3d2938a9512f393b04c41d225e92ef4dd4e44c9219ae0a3fda11
a13c9efb15d11e0d7c3d34f3a31391310c22aedff9d364add903ad6a6285e81a
bcf3e29e2ef984e54fdc9cd5a080eb1840e6df649a6cba6effd8725c94d19511
c1d7cc00e4a256c2556374f6457b9785853e160895b7eda15726882feee2291c
ec0e78ba3786d620f16943844c3da6aac1f029dc4ec6fb35456d019508679ff1
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9