www.thueringen-spion.de Open in urlscan Pro
138.201.57.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thueringen-spion.de/
Submission Tags: @phishunt_io
Submission: On February 12 via api (February 12th 2021, 11:31:18 am UTC) from ES

Summary HTTP 63 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 63 HTTP transactions. The main IP is 138.201.57.79, located in Heppenheim an der Bergstrasse, Germany and belongs to HETZNER-AS, DE. The main domain is www.thueringen-spion.de.
TLS certificate: Issued by R3 on February 12th 2021. Valid for: 3 months.

This is the only time www.thueringen-spion.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	138.201.57.79 138.201.57.79	24940 (HETZNER-AS) (HETZNER-AS)
40	88.99.105.139 88.99.105.139	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:26f0:710... 2a02:26f0:7100::687e:2409	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
8	143.204.97.38 143.204.97.38	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	143.204.209.55 143.204.209.55	16509 (AMAZON-02) (AMAZON-02)
1	23.218.208.133 23.218.208.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	136.243.33.84 136.243.33.84	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:21f... 2600:9000:21f3:a400:13:7ad6:7840:21	16509 (AMAZON-02) (AMAZON-02)
1	89.163.159.102 89.163.159.102	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
63	13

1 138.201.57.79 (Heppenheim an der Bergstrasse, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.79.57.201.138.clients.your-server.de

www.thueringen-spion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 88.99.105.139 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.sokosys.eu

lb2.cdn.spion-media.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::687e:2409 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdn.stroeerdigitalgroup.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.97.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-38.fra50.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-55.fra53.r.cloudfront.net

cdn-a.yieldlove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.133 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-133.deploy.static.akamaitechnologies.com

s400.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.33.84 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h381.meetrics.de

lb17.s400.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a400:13:7ad6:7840:21 (United States)

ASN16509 (AMAZON-02, US)

d2p3zdq8vjvnxd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.102 (Cloppenburg, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	spion-media.eu lb2.cdn.spion-media.eu	421 KB
8	privacy-mgmt.com cdn.privacy-mgmt.com	106 KB
4	meetrics.net lb17.s400.meetrics.net	1 KB
2	google-analytics.com www.google-analytics.com	247 B
2	doubleclick.net securepubads.g.doubleclick.net	121 KB
1	theadex.com dmp.theadex.com	14 KB
1	cloudfront.net d2p3zdq8vjvnxd.cloudfront.net	364 B
1	mxcdn.net s400.mxcdn.net	54 KB
1	yieldlove.com cdn-a.yieldlove.com	95 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	stroeerdigitalgroup.de cdn.stroeerdigitalgroup.de	63 KB
1	thueringen-spion.de www.thueringen-spion.de	7 KB
63	12

	Domain	Requested by
40	lb2.cdn.spion-media.eu	www.thueringen-spion.de lb2.cdn.spion-media.eu
8	cdn.privacy-mgmt.com	cdn.stroeerdigitalgroup.de cdn.privacy-mgmt.com
4	lb17.s400.meetrics.net	www.thueringen-spion.de
2	www.google-analytics.com	www.googletagmanager.com
2	securepubads.g.doubleclick.net	cdn.stroeerdigitalgroup.de securepubads.g.doubleclick.net
1	dmp.theadex.com	cdn.stroeerdigitalgroup.de
1	d2p3zdq8vjvnxd.cloudfront.net
1	s400.mxcdn.net	cdn.stroeerdigitalgroup.de
1	cdn-a.yieldlove.com	cdn.stroeerdigitalgroup.de
1	www.googletagmanager.com	www.thueringen-spion.de
1	cdn.stroeerdigitalgroup.de	www.thueringen-spion.de
1	www.thueringen-spion.de
63	12

This site contains links to these domains. Also see Links.

Domain
www.bayern-spion.de
www.brandenburg-spion.de
www.bremen-spion.de
www.bw-spion.de
www.hamburg-spion.de
www.hauptstadt-spion.de
www.hessen-spion.de
www.mv-spion.de
www.niedersachsen-spion.de
www.nrw-spion.de
www.rlp-spion.de
www.saarland-spion.de
www.sachsen-anhalt-spion.de
www.sachsen-spion.de
www.sh-spion.de
www.austria-spion.at
www.kanton-spion.ch
www.flirtsofa.com

Subject Issuer	Validity	Valid
mein-spion.eu R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
lb2.cdn.spion-media.eu R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
cdn.stroeerdigitalgroup.de DigiCert Secure Site ECC CA-1	`2020-02-13` - `2021-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.privacy-mgmt.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
cdn-a.yieldlove.com Amazon	`2020-09-18` - `2021-10-20`	a year	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2020-12-07` - `2021-12-14`	a year	crt.sh
meetrics.net R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.thueringen-spion.de/
Frame ID: C9A6CB8499CBD773A6FB6AFE917CC8A6
Requests: 56 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
Frame ID: D9F59D754F9C3514182E8B38EC58A5BC
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

63
Requests

100 %
HTTPS

38 %
IPv6

12
Domains

12
Subdomains

13
IPs

3
Countries

935 kB
Transfer

2536 kB
Size

11
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bayern-spion.de/
Title: bayern-spion.de

Search URL Search Domain Scan URL

URL: https://www.brandenburg-spion.de/
Title: brandenburg-spion.de

Search URL Search Domain Scan URL

URL: https://www.bremen-spion.de/
Title: bremen-spion.de

Search URL Search Domain Scan URL

URL: https://www.bw-spion.de/
Title: bw-spion.de

Search URL Search Domain Scan URL

URL: https://www.hamburg-spion.de/
Title: hamburg-spion.de

Search URL Search Domain Scan URL

URL: https://www.hauptstadt-spion.de/
Title: hauptstadt-spion.de

Search URL Search Domain Scan URL

URL: https://www.hessen-spion.de/
Title: hessen-spion.de

Search URL Search Domain Scan URL

URL: https://www.mv-spion.de/
Title: mv-spion.de

Search URL Search Domain Scan URL

URL: https://www.niedersachsen-spion.de/
Title: niedersachsen-spion.de

Search URL Search Domain Scan URL

URL: https://www.nrw-spion.de/
Title: nrw-spion.de

Search URL Search Domain Scan URL

URL: https://www.rlp-spion.de/
Title: rlp-spion.de

Search URL Search Domain Scan URL

URL: https://www.saarland-spion.de/
Title: saarland-spion.de

Search URL Search Domain Scan URL

URL: https://www.sachsen-anhalt-spion.de/
Title: sachsen-anhalt-spion.de

Search URL Search Domain Scan URL

URL: https://www.sachsen-spion.de/
Title: sachsen-spion.de

Search URL Search Domain Scan URL

URL: https://www.sh-spion.de/
Title: sh-spion.de

Search URL Search Domain Scan URL

URL: https://www.austria-spion.at/
Title: austria-spion.at

Search URL Search Domain Scan URL

URL: https://www.kanton-spion.ch/
Title: kanton-spion.ch

Search URL Search Domain Scan URL

URL: https://www.flirtsofa.com/
Title: flirtsofa.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.thueringen-spion.de/ 34 KB
7 KB 134ms
74ms Document
text/html 138.201.57.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thueringen-spion.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.57.79 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.79.57.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1d3af0ae77229e6afb2041bd7f4b493ef8e90df1acd2b358fc1beececb518fd0

Request headers

Host: www.thueringen-spion.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:00 GMT
server: Apache
set-cookie: SESSIONNAME=30c1952b79f0ca6f2cf48f309bcc4514; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate no-cache,no-store,max-age=0,must-revalidate
pragma: no-cache no-cache
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
last-modified: Friday, 12-Feb-2021 11:46:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 6831
content-type: text/html; charset=UTF-8
connection: close

GET
H2 200 v2021010401_merged.css
lb2.cdn.spion-media.eu/gfx/ 83 KB
16 KB 89ms
28ms Stylesheet
text/css 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 36dcfb69dfbf9f056210e5721b006a7abb991956f116a06a1a428c2b2b09d1cc

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:00 GMT
content-encoding: gzip
last-modified: Sun, 07 Feb 2021 18:24:58 GMT
etag: "14b4f-5bac32bbddc8d-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 16012

GET
H2 200 v2021010401_merged.js Show response
lb2.cdn.spion-media.eu/scripts/ 462 KB
116 KB 110ms
48ms Script
application/javascript 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lb2.cdn.spion-media.eu/scripts/v2021010401_merged.js
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: d4b1b94e64c38f8145efe8fe4c46a191a50066a79fc53593c4ca0f4e39245e11

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:00 GMT
content-encoding: gzip
last-modified: Sun, 07 Feb 2021 18:25:01 GMT
etag: "737c0-5bac32bebb31b-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 metaTag.min.js Show response
cdn.stroeerdigitalgroup.de/metatag/live/mein-spion/ 263 KB
63 KB 30ms
10ms Script
application/javascript 2a02:26f0:7100::687e:2409
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stroeerdigitalgroup.de/metatag/live/mein-spion/metaTag.min.js
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:2409 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: KONICHIWA/1.0 /
Resource Hash: fc3a855bf1a87365b9c073594cc29f7033e354611c77b609ebb0796c9ba4619c

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: BDAEBF908A440176
content-length: 63957
x-amz-id-2: k3yqVND7p1aSox3NEdXN/8SdkcjIOXmkYamh58Vg90i+VopD9M/Ex2LMt9H8uGz/O6QcMuLL9m8=
last-modified: Thu, 11 Feb 2021 16:44:54 GMT
server: KONICHIWA/1.0
etag: "7cc75119f40a4e1c61fe8daf25fb5222"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=899
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
52 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RJ80VPQZ23

Requested by

Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13b80d11594d7d4750c43317ffa3b44509e4724b170088d2e5de5fcb84fb43b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53289
x-xss-protection: 0
expires: Fri, 12 Feb 2021 11:31:00 GMT

GET
H2 200 logo_thueringen_6.png
lb2.cdn.spion-media.eu/gfx/header/ 5 KB
5 KB 28ms
28ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/header/logo_thueringen_6.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 68baf25cae925aac4196dfc42f9ef10aaf540aeb7a1923f4f4c6c598afd188c9

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:00 GMT
last-modified: Mon, 20 Aug 2018 10:33:46 GMT
etag: "148d-573db71b0d680"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 5261

GET
H2 200 mobile.png
lb2.cdn.spion-media.eu/gfx/header/ 383 B
732 B 28ms
28ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/header/mobile.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: ba66566ed4166ac4897a189cf5fb6525be31bfd2831003fb1da3dac1c5550756

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:00 GMT
last-modified: Sat, 09 Feb 2019 09:49:06 GMT
etag: "17f-58172fc7fa90c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 383

GET
H2 200 onlineperson.png
lb2.cdn.spion-media.eu/gfx/header/ 414 B
763 B 38ms
30ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/header/onlineperson.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 5c97b5f68590ab44e1a29105fce1f6ba3e14ad12e6cf99c24fe18643800bfce5

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:45 GMT
etag: "19e-573db71a19440"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 414

GET
H2 200 menu-lupe-blue.png
lb2.cdn.spion-media.eu/gfx/header/ 343 B
692 B 39ms
31ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/header/menu-lupe-blue.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 93b3cb372f8f850cb21e52e8b23e14eb5cf6ae251a06009b8ba774490b665d3c

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:45 GMT
etag: "157-573db71a19440"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 343

GET
H2 200 schreiben.png
lb2.cdn.spion-media.eu/gfx/start/ 47 KB
47 KB 40ms
32ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/schreiben.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 0d9825e5d2a9f9b1af0ab4690fa6a7d4f149c62bb091108338ae47fd4ea4c279

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "baf8-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 47864

GET
H2 200 suchen.png
lb2.cdn.spion-media.eu/gfx/start/ 29 KB
29 KB 50ms
43ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/suchen.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 9fe6a1b37256dbaef55d07c9eacfbcdff14fc765a2edc3086afdee64686cd6db

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "7288-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 29320

GET
H2 200 fotoalben.png
lb2.cdn.spion-media.eu/gfx/start/ 13 KB
13 KB 51ms
43ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/fotoalben.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: b3b324e4e3672a100ed52005db1f4097b9faa78ecd60a8447831d7ee9feab6ae

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "3299-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12953

GET
H2 200 seite.png
lb2.cdn.spion-media.eu/gfx/start/ 11 KB
11 KB 51ms
44ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/seite.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 681844d7dd13d4c148495d7f4117b9739e7ec0ff20d83cbd0eccb46df8502feb

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "2aac-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 10924

GET
H2 200 blogs.png
lb2.cdn.spion-media.eu/gfx/start/ 8 KB
9 KB 51ms
44ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/blogs.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 389f5269ef2272a720cf60e002c019ec2519eb6d1a35aa408ba93ef57d3b64ea

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "2181-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 8577

GET
H2 200 forum.png
lb2.cdn.spion-media.eu/gfx/start/ 8 KB
8 KB 51ms
44ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/forum.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: eb272e5abe586ce3396683924bb8d3f71c8b2e89e64f4c24d54edcbba00084cd

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "2026-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 8230

GET
H2 200 datenschutz@2.png
lb2.cdn.spion-media.eu/gfx/start/ 26 KB
26 KB 52ms
45ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/datenschutz@2.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 486bb261f4188e3af820abe7323dae009f2004b5358754ae6e51efe498d18a12

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:46:31 GMT
etag: "6698-58219c0136cdd"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 26264

GET
H2 200 madeingermany@2.png
lb2.cdn.spion-media.eu/gfx/start/ 15 KB
15 KB 53ms
46ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/madeingermany@2.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: d2886a3a92d20bc4fa101ee1e6c07125c5fb19175c13f01981f9f0b7164613a9

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:44:22 GMT
etag: "3b75-58219b85a8394"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 15221

GET
H2 200 oekologisch@2.png
lb2.cdn.spion-media.eu/gfx/start/ 16 KB
16 KB 53ms
47ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/oekologisch@2.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 34fb4c792ce92da9a186f025bfd04a16d6228e55507e9edf76e6f59eca2a5b6d

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:40:37 GMT
etag: "4075-58219aaefeba2"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 16501

GET
H2 200 vorteile@2.png
lb2.cdn.spion-media.eu/gfx/start/ 18 KB
18 KB 55ms
49ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/vorteile@2.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 6468a1d765f15bf8887c3af85f93ffd45c94098873421e5daeb1842757e550c3

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:38:59 GMT
etag: "47a5-58219a524204e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 18341

GET
H2 200 energy@2.png
lb2.cdn.spion-media.eu/gfx/icons/ 4 KB
5 KB 55ms
49ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/icons/energy@2.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 96fc3ade0dd948c34eb7b5105913e725de738d904386ee00cd16fe0cd2007921

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:31:57 GMT
etag: "1134-582198bf6e1d0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 4404

GET
H2 200 privacy_footer@2.png
lb2.cdn.spion-media.eu/gfx/icons/ 4 KB
4 KB 56ms
50ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/icons/privacy_footer@2.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 761cca93427a680d03c288aa0930ccb271ce3191e82c4ef0e798a9fd25585e5a

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:34:02 GMT
etag: "fcd-5821993680cf3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 4045

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/ 149 KB
43 KB 97ms
33ms Script
application/javascript 143.204.97.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/mein-spion/metaTag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-38.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a59069d842fc70e07dddaa0184c9f62ac950f5fb66b4dd0e9f516b20756d97c7

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:27:35 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 21:27:26 GMT
server: AmazonS3
age: 207
etag: W/"a4f076c6663c59bdd617e07c8c108846"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: R_4cFlMh0NuKSzB-qw89gFBkBXdlotREtpyAS7PiWLL-vWSK3871zA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
19 KB 121ms
58ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/mein-spion/metaTag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8e22c87bb77dd443c144e972e09e0f3eb27971b950dcf78512c439edde000875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "781 / 389 of 1000 / last-modified: 1613126312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19522
x-xss-protection: 0
expires: Fri, 12 Feb 2021 11:31:01 GMT

GET
H2 200 yieldlove-bidder-stroeer.js Show response
cdn-a.yieldlove.com/ 319 KB
95 KB 119ms
55ms Script
application/javascript 143.204.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-a.yieldlove.com/yieldlove-bidder-stroeer.js?mv-spion.de
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/mein-spion/metaTag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-55.fra53.r.cloudfront.net
Software: / Express
Resource Hash: 09f659c161898dcc1ab2575d8af3ad0b9cb698c3cca457ab757340ae41ce8271

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
content-encoding: gzip
etag: "4fbd5-pRzAVefr2YR8jqgYQtzNNXymK7I"
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-id: fZRHg-XZLH5MtzLHPaWuJqGGPbvMgGKlYF8YmovsVYHrLQJaAudQUA==
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)

GET
H/1.1 200
OK mtrcs_679600.js Show response
s400.mxcdn.net/bb-mx/serve/ 138 KB
54 KB 99ms
36ms Script
text/javascript 23.218.208.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s400.mxcdn.net/bb-mx/serve/mtrcs_679600.js
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/mein-spion/metaTag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.133 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 76b5fd195412940f5af135cee20afcbfe75e272768f71dad10993665dcbb23c8

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 11:31:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 21:17:14 GMT
Server: nginx
ETag: "\W00000546461610486234776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=9801
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 54646
Expires: Fri, 12 Feb 2021 14:14:22 GMT

GET
H2 200 thueringen-spion@2.png
lb2.cdn.spion-media.eu/gfx/header/bg/ 30 KB
30 KB 56ms
51ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/header/bg/thueringen-spion@2.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 94a1e6b20f07ab894481ddfa18003daa4d1d3c7cd6b23df86724e43259334ae0

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:03:00 GMT
etag: "7817-58219246f10d3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 30743

GET
H2 200 onlineanzeige.png
lb2.cdn.spion-media.eu/gfx/header/ 466 B
815 B 56ms
52ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/header/onlineanzeige.png
Requested by: Host: lb2.cdn.spion-media.eu
URL: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: aba46a9972e98dbc0eee8e9f07977fec96927eedde044e838d3abeea395c4275

Request headers

Referer: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:45 GMT
etag: "1d2-573db71a19440"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 466

GET
H2 200 ton-aus.png
lb2.cdn.spion-media.eu/gfx/icons/ 177 B
525 B 56ms
52ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/icons/ton-aus.png
Requested by: Host: lb2.cdn.spion-media.eu
URL: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 5e7078cde18930f61e469f92cf0e371243fc03b363dfd2637dd22bee10dea460

Request headers

Referer: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "b1-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 177

GET
H2 200 pfeilunten.png
lb2.cdn.spion-media.eu/gfx/icons/ 182 B
530 B 57ms
53ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/icons/pfeilunten.png
Requested by: Host: lb2.cdn.spion-media.eu
URL: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 88336a4fd6d2e7db8882daa864cad1a5acc60350607e00e5d3b5b26496554d4a

Request headers

Referer: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "b6-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 182

GET
H2 200 menu-normal@2.png
lb2.cdn.spion-media.eu/gfx/header/ 533 B
882 B 57ms
53ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/header/menu-normal@2.png
Requested by: Host: lb2.cdn.spion-media.eu
URL: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 329056453bc3309712d3469e7bc2f2295dd456833b3ae092f3dec62a4ecdecf9

Request headers

Referer: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:25:16 GMT
etag: "215-58219740f5b4b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 533

GET
H2 200 blurb.jpg
lb2.cdn.spion-media.eu/gfx/start/ 23 KB
23 KB 39ms
32ms Image
image/jpeg 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/blurb.jpg
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 907b3c0ce2fd4252221fb451ed92a9865ca489bf5a88f1f962aead2b53e5a9ed

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "5bf1-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 23537

GET
H2 200 vorteil.png
lb2.cdn.spion-media.eu/gfx/start/ 346 B
695 B 35ms
35ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/start/vorteil.png
Requested by: Host: lb2.cdn.spion-media.eu
URL: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 781715dac742208da7c6bf4f780c4406f09c4efe895c8c130d39aa1a941dce78

Request headers

Referer: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:43 GMT
etag: "15a-573db71830fc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 346

GET
H2 200 spion_network_2@2.png
lb2.cdn.spion-media.eu/gfx/ 7 KB
7 KB 34ms
32ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/spion_network_2@2.png
Requested by: Host: lb2.cdn.spion-media.eu
URL: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 71e3b85852a71dc6552efce057e7b76aa7c2da80fb88e874ae0f0f99a2dea9a9

Request headers

Referer: https://lb2.cdn.spion-media.eu/gfx/v2021010401_merged.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Sun, 17 Feb 2019 16:35:24 GMT
etag: "1bad-582199844fa7a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 7085

GET
H2 200 inner_prev.png
lb2.cdn.spion-media.eu/gfx/lightview/ 307 B
656 B 34ms
33ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/inner_prev.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 02bd68af3f4ad3048664e2f4ae039d615f36c84e60eb90c994e7b665d20d0f3b

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "133-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 307

GET
H2 200 inner_next.png
lb2.cdn.spion-media.eu/gfx/lightview/ 308 B
657 B 35ms
33ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/inner_next.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 1c3b5ad37d185b59eea35ea5c47cd2faa89579594b055b6d7960f4000cf745dc

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "134-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 308

GET
H2 200 inner_slideshow_play.png
lb2.cdn.spion-media.eu/gfx/lightview/ 478 B
827 B 35ms
33ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/inner_slideshow_play.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: e5c544172cdb1b27d96cc087cc307427fe6eb9645d2e015e8028556873ba9102

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "1de-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 478

GET
H2 200 loading.gif
lb2.cdn.spion-media.eu/gfx/lightview/ 2 KB
2 KB 35ms
34ms Image
image/gif 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/loading.gif
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: a0497b6efc2be46902ec80f58e27d3b63428ae3cbcfdea1ac02ba3c60e52349f

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "703-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 1795

GET
H2 200 prev.png
lb2.cdn.spion-media.eu/gfx/lightview/ 572 B
921 B 31ms
29ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/prev.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 948a20f10a1c038025d149d8a47f29a654057c1e3d5200caa1fd9ba76bfcd958

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "23c-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 572

GET
H2 200 topclose.png
lb2.cdn.spion-media.eu/gfx/lightview/ 684 B
1 KB 32ms
29ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/topclose.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 9443240241c1fef5e8114d742e9f248dd3c365a197a52a90fd5db4d9e05b5c8e

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "2ac-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 684

GET
H2 200 close_large.png
lb2.cdn.spion-media.eu/gfx/lightview/ 1 KB
1 KB 32ms
30ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/close_large.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 9b37107f24e77054f38c8cb09894efb3b7a9d011ade34088d6622879556420a0

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "412-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 1042

GET
H2 200 close_small.png
lb2.cdn.spion-media.eu/gfx/lightview/ 599 B
948 B 32ms
30ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/close_small.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 64d9c7e713962e95bfe92da369782f20f014f35ab9210d2d637d33a98f6c7641

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "257-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 599

GET
H2 200 inner_slideshow_stop.png
lb2.cdn.spion-media.eu/gfx/lightview/ 506 B
855 B 32ms
31ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/inner_slideshow_stop.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 438cb41dfb32982de77e1eb71c44367b56c6871653970e2c9bbca4281316010d

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "1fa-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 506

GET
H2 200 controller_prev.png
lb2.cdn.spion-media.eu/gfx/lightview/ 743 B
1 KB 33ms
31ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/controller_prev.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: f65bcd46ba2f22afdd73f7b4bf9488dfe7a6f9e0e9d34a963b54556c90287d88

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "2e7-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 743

GET
H2 200 controller_slideshow_stop.png
lb2.cdn.spion-media.eu/gfx/lightview/ 682 B
1 KB 33ms
32ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/controller_slideshow_stop.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 9db98dd7f5aa1b4f4e9f0229a3d2e3d272afb3418f0aa1f165c31ee5d6423717

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "2aa-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 682

POST
H2 204 collect
www.google-analytics.com/g/ 0
177 B 20ms
19ms Other
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RJ80VPQZ23&gtm=2oe230&_p=596319257&sr=1600x1200&ul=en-us&cid=7186006.1613129461&_s=1&dl=https%3A%2F%2Fwww.thueringen-spion.de%2F&dr=&dt=thueringen-spion.de%20%7C%20Freunde%20und%20Singles%20in%20Th%C3%BCringen%2C%20100%25%20kostenlos&sid=1613129461&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RJ80VPQZ23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 11:31:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thueringen-spion.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 native-message Show response
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 89 KB
12 KB 125ms
125ms XHR
application/json 143.204.97.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A375%2C%22requestUUID%22%3A%22d05a5100-a0cc-447f-a5d0-c16d365ca309%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.thueringen-spion.de%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-38.fra50.r.cloudfront.net
Software: / Express
Resource Hash: 6e04df826b29c904e25ec09650b87e0f31c6a84d4444b1cfea28314731a30ae3

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thueringen-spion.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: A1oFtxkaXOc72udmnOPgYVpM5DL5AriMwnr5B1Jt6R4KOM3h8m0_FA==
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)

OPTIONS
H2 200 native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 0
0 79ms
30ms Other
text/html 143.204.97.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A375%2C%22requestUUID%22%3A%22d05a5100-a0cc-447f-a5d0-c16d365ca309%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.thueringen-spion.de%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 143.204.97.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-38.fra50.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.thueringen-spion.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 13
date: Fri, 12 Feb 2021 11:31:01 GMT
x-powered-by: Express
access-control-allow-origin: https://www.thueringen-spion.de
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
allow: POST,GET,HEAD
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7pDO6ExTlGh-USw0Id8_ezeOKFoUDQ5HsnFeMcr5NGzmKENSRm8Dgg==

GET
H/1.1 200
OK submit
lb17.s400.meetrics.net/bb-mx/ 43 B
291 B 98ms
27ms Image
image/gif 136.243.33.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb17.s400.meetrics.net/bb-mx/submit?/x9iSBcAAA+whFgo0F0wFz6BvvA33F3uB0oF1lFypFunFluFtzEwpFvuFukElvBfpyF+k2FoywAyxAtwAxtAxyAtyAx6Ax2At2A35A2wAwtAyuAxyAxuAztAljF2xA0iE1kEip6Ft2AwBEsp3Fx2AxzAxyA50A2wA24AyBEjwtFuvFulFkqnFluFtVETBFL2wFBLl1FCp2iFuvFfwFs1FnpFuzF/2xFfDylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0zF0vFyhFnlFpuFmvFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FylFx1FlzF0hFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FmpFslFz5Fz0FltFg3EpuFkvF3fF3lFirFp0FylFzvFs2FlsFvjFhsFmpFslFz5Fz0FltF1yFsgBjzFzfF3lFirFp0FgjEw1FfxB2gAyhFtfF4BEOprFw6lCOqwFw6lClqwF23A52AwwALkmFBTkzFsFAAAAAAAZwS1qAPAAAAAAAAAOAAAAGBAAAAAAZwS1qABRksFAQtjFsv7STA
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h381.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 11:31:01 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Fri, 12 Feb 2021 11:31:00 GMT

GET
H/1.1 200
OK data
lb17.s400.meetrics.net/ 43 B
308 B 97ms
26ms Image
image/gif 136.243.33.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb17.s400.meetrics.net/data?/x9iSCdAAATkzFARksFAQtjF6uJNSA
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h381.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 11:31:01 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Fri, 12-Feb-21 11:31:00 GMT

GET
H2 200 controller_next.png
lb2.cdn.spion-media.eu/gfx/lightview/ 752 B
1 KB 29ms
28ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/controller_next.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 6ef988d9c2149fde781104f57c2ff4df0e5a164e03d1cd5a1fbcf2f4e746ecf0

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "2f0-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 752

GET
H2 200 controller_slideshow_play.png
lb2.cdn.spion-media.eu/gfx/lightview/ 867 B
1 KB 29ms
29ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/controller_slideshow_play.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: 528b0be7dfa76aac0d3a1743f704e20ef8c6881628a3e35ba26db522337546f6

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "363-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 867

GET
H2 200 controller_close.png
lb2.cdn.spion-media.eu/gfx/lightview/ 832 B
1 KB 30ms
29ms Image
image/png 88.99.105.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb2.cdn.spion-media.eu/gfx/lightview/controller_close.png
Requested by: Host: www.thueringen-spion.de
URL: https://www.thueringen-spion.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.105.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mail.sokosys.eu
Software: /
Resource Hash: df8a569f82a4c126a869c5062cfa4883230ace5c1b3c429eece88ee1e3475f77

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
last-modified: Mon, 20 Aug 2018 10:33:42 GMT
etag: "340-573db7173cd80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age = 2592000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 832

GET
H3-Q050 200 pubads_impl_2021020901.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 109ms
73ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:41:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103372
x-xss-protection: 0
expires: Fri, 12 Feb 2021 11:31:01 GMT

GET
H2 200 index.html Show response
cdn.privacy-mgmt.com/ Frame D9F5 4 KB
2 KB 23ms
23ms Document
text/html 143.204.97.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-38.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52b338eaa5f6ce14323f54c6210d52778d69eedd9729107951a630d13047712e

Request headers

:method: GET
:authority: cdn.privacy-mgmt.com
:scheme: https
:path: /index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thueringen-spion.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.thueringen-spion.de/

Response headers

content-type: text/html
last-modified: Tue, 02 Feb 2021 23:35:19 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 12 Feb 2021 10:35:28 GMT
etag: W/"fea093f29bac3f6b2f469bf4a1b2cd0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OykR4us31vfu58azMUti6NRrbiQIdE0Y-yKyyZUIuqS28oZQo6yexg==
age: 3334

GET
H2 200 Notice.16489.css
cdn.privacy-mgmt.com/ Frame D9F5 28 KB
5 KB 24ms
23ms Stylesheet
text/css 143.204.97.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.16489.css
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-38.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fd413be818cadcb46c36f2bc05d65d5970a6b1b29bf01021a1609151b9810ee

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 10:35:27 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 23:35:19 GMT
server: AmazonS3
age: 3335
etag: W/"9483f9a765c613b1a84d99c0aebd209d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SGMz7pPiQtYNFam9DpZEEBPzW_X0fYrN8HTV4P_0gQgaii_KaRQT1w==

GET
H2 200 polyfills.ede70.js Show response
cdn.privacy-mgmt.com/ Frame D9F5 5 KB
2 KB 24ms
23ms Script
application/javascript 143.204.97.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/polyfills.ede70.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-38.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 10:35:57 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 23:35:19 GMT
server: AmazonS3
age: 3305
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4hZ_aTE6zlET_Xa6uftfDdf5E1hblqKKb6YAjrYdk00NdwPRIeVhCQ==

GET
H2 200 Notice.061aa.js Show response
cdn.privacy-mgmt.com/ Frame D9F5 163 KB
40 KB 24ms
24ms Script
application/javascript 143.204.97.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.061aa.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-38.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4239e087484b6318a13db1ee40046c5e0c8a8d497eb1c4c9244bfef153bf3de2

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 10:35:27 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 23:35:19 GMT
server: AmazonS3
age: 3335
etag: W/"9a69827a1bd3013b0454248526258b64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7sXD7CGGb61jnMoUBvzIGUn40suYICaalqauIisnQgUqhbdgRhayEw==

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame D9F5 2 KB
1 KB 38ms
38ms Fetch
application/json 143.204.97.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=10816&consentLanguage=de
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/Notice.061aa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-38.fra50.r.cloudfront.net
Software: /
Resource Hash: 3938c73872522b12526e4fd4647cd0fe68f128adc49511cd8f9d7889b3731002

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: _xTsXUdNvnjwYwb_qBkNspe5bPwpbmQlBjL1sKj1edeZMMJKR35nAw==
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)

GET
H2 200 /
d2p3zdq8vjvnxd.cloudfront.net/ Frame D9F5 26 B
364 B 94ms
46ms Image
image/gif 2600:9000:21f3:a400:13:7ad6:7840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2p3zdq8vjvnxd.cloudfront.net/?s_id=10816&m_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a400:13:7ad6:7840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=370217&consentUUID=93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4&requestUUID=d05a5100-a0cc-447f-a5d0-c16d365ca309&preload_message=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:02 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2019 18:39:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache,no-store
accept-ranges: bytes
content-length: 26
x-amz-cf-id: zjSkcUAkMhwnOlZ4yjkr1FX0hCWbkQjWsQkPeO1e0-qn2BSPlSVsmw==

GET
H2 200 adex.js Show response
dmp.theadex.com/d/285/5184/s/ 41 KB
14 KB 79ms
23ms Script
application/javascript 89.163.159.102
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.theadex.com/d/285/5184/s/adex.js?ts=60601631
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/mein-spion/metaTag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.163.159.102 Cloppenburg, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1279c1375f32902a63f9065f1eed8a51fb8f9dba60bd311bd881b7c7b227ba15

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 11:31:01 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 14:10:02 GMT
server: nginx
etag: W/"602297ba-a2e5"
content-type: application/javascript
cache-control: max-age=300
access-control-allow-credentials: true
expires: Fri, 12 Feb 2021 11:36:01 GMT

GET
H/1.1 200
OK data
lb17.s400.meetrics.net/ 43 B
308 B 27ms
27ms Image
image/gif 136.243.33.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb17.s400.meetrics.net/data?/x9iSDpLAAKktFLkqFFlqwF23A52AwwA/2yFpJDQFCnFBXFXQFCnFBXFXBFHBFCDFFOFCOFDnFBBFBBFBFFmBFBCFwZFBBFBPFDBFyBFGTFhHFvLFBvF2DFTrFjLFBFFSBFBqFRBFvBFNBFFFFDFFDCFFBFJBFBJFo3FRnFFKFvBFGZFBnFBBFBBFBBFnBFCSFDBFDBFBBFBBFBJFJBFBBFBBFBDFJBFBBFBBFBnFCBFBBFRBFBBFJJFDJFDBFBBFnBFCBFRBFBBFBBFBBFBBFBBFDBFBBFCJFBBFnBF35FFBFNBFBBFBCFnBFBBFBBFBBFDBFXJFnEFBBFxBFD0BBQF3CFEZFDMF3FF3CERDFZBFCnFBGFRBFuBFDnFBGFnBFNnFBoFRCFHBFFjFBLFRBFW3FB0FnDFMBFHpFBPFBBFlRFCDFBDFWnFKhFBVFlBF4rFNBFCBFOrFHnFEnFBxFBDF0BEQ3FCEFZDFM3FF3BBNFZHFBBFnEFaBFKPFHRFC3FBWFBCFNBFD1BBQFzBFfBFDPFBKFpBFYtFLnFEnFBxFBDFZBFG3FBmFnCFIBFF4FBMF6IFnHFRBFEBFBLFnCFPBFGBFBMFBBFaBFCDFnDFNBFJ0BBVFnBFynFCiFBFFXBFLRFBjFBBF4nEDNFnFFynFKhFBsF3CFPBFFrFBKFhBFVlFB2FZCFpZFEHFRHFPFFRCFnBFMBFBoFBCFYBFFXFBLFRBFjBFCHFRDFWnFF1FBKF3BFsvFClF4NFBrFBBFhBFF0BBVFBBFzBFDFFBFFjBFLRFBWFBBFynFC2FBGFJBFSrFBsFZCFMRFDfFBKFhBFVlFB2FZCFqKFVBFtBFBhFBFF0BEVBFBzFBCFrBFE0BBJFVBFSnFCIFBDFvBFGjFBOF0BEk3FCGFnDFrBFKXFBTFwCEKBFDXFnHFNnFOPFBBFuZEBBFBBFBBFBBFBBFBBFLl1FDLkqFKlkyB23A52AwwA2qoFx2AxzAxyA50A2wA24Ay1E2hEr3Bz4Au1FmBFLklFBTkzFePgFAAZAwSAcAAAAG+CAAAAAZwSzqACRksFAQtjF7d4zUA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h381.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 11:31:01 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Fri, 12-Feb-21 11:31:00 GMT

GET
H/1.1 200
OK data
lb17.s400.meetrics.net/ 43 B
308 B 27ms
27ms Image
image/gif 136.243.33.84
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb17.s400.meetrics.net/data?/x9iSEKOBATkzFPGELAAAAAZwSzqABRksFAQtjFAQSNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h381.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 11:31:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Fri, 12-Feb-21 11:31:05 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
70 B 13ms
13ms Other
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RJ80VPQZ23&gtm=2oe230&_p=596319257&sr=1600x1200&ul=en-us&cid=7186006.1613129461&_s=2&dl=https%3A%2F%2Fwww.thueringen-spion.de%2F&dr=&dt=thueringen-spion.de%20%7C%20Freunde%20und%20Singles%20in%20Th%C3%BCringen%2C%20100%25%20kostenlos&sid=1613129461&sct=1&seg=0&en=scroll&_et=472&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RJ80VPQZ23
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thueringen-spion.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 11:31:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thueringen-spion.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thueringen-spion.de/	1970-01-20 00:51:05	Name: consentUUID Value: 93c21aec-b6ed-4b52-ae2a-42f3f0c4c6a4
www.thueringen-spion.de/	1970-01-19 16:48:41	Name: _sp_v1_lt Value: 1:
www.thueringen-spion.de/	1970-01-19 16:48:41	Name: _sp_v1_opt Value: 1:
www.thueringen-spion.de/	1970-01-19 16:48:41	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKBjLyQAyD2lidGKVUEDOvNCcHyC4BK6iurVWKBQAW54XRMAAAAA%3D%3D
www.thueringen-spion.de/	1970-01-19 16:48:41	Name: _sp_v1_csv Value: null
www.thueringen-spion.de/	1970-01-19 16:48:41	Name: _sp_v1_data Value: 2:237790:1613129461:0:1:0:1:0:0:_:-1
www.thueringen-spion.de/	1970-01-19 16:48:41	Name: _sp_v1_uid Value: 1:721:ec7df6e4-444f-4052-9411-a480db982cf5
.thueringen-spion.de/	1970-01-20 09:36:41	Name: _ga Value: GA1.1.7186006.1613129461
.thueringen-spion.de/	1970-01-20 09:36:41	Name: _ga_RJ80VPQZ23 Value: GS1.1.1613129461.1.0.1613129461.0
www.thueringen-spion.de/	1970-01-19 16:48:41	Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1
www.thueringen-spion.de/	1969-12-31 23:59:59	Name: SESSIONNAME Value: 30c1952b79f0ca6f2cf48f309bcc4514

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.stroeerdigitalgroup.de/metatag/live/mein-spion/metaTag.min.js(Line 1) Message: Stroeer TagManager "MetaTag": An error occurred processing advertisements on your website. Please check the "Info-Tool" for detailed information. Documentation for the tool: https://stroeerdigitalgroup.atlassian.net/wiki/x/x2LNAQ
console-api	log	URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-a.yieldlove.com
cdn.privacy-mgmt.com
cdn.stroeerdigitalgroup.de
d2p3zdq8vjvnxd.cloudfront.net
dmp.theadex.com
lb17.s400.meetrics.net
lb2.cdn.spion-media.eu
s400.mxcdn.net
securepubads.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.thueringen-spion.de
136.243.33.84
138.201.57.79
142.250.186.66
143.204.209.55
143.204.97.38
23.218.208.133
2600:9000:21f3:a400:13:7ad6:7840:21
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:812::200e
2a02:26f0:7100::687e:2409
88.99.105.139
89.163.159.102
02bd68af3f4ad3048664e2f4ae039d615f36c84e60eb90c994e7b665d20d0f3b
09f659c161898dcc1ab2575d8af3ad0b9cb698c3cca457ab757340ae41ce8271
0d9825e5d2a9f9b1af0ab4690fa6a7d4f149c62bb091108338ae47fd4ea4c279
1279c1375f32902a63f9065f1eed8a51fb8f9dba60bd311bd881b7c7b227ba15
13b80d11594d7d4750c43317ffa3b44509e4724b170088d2e5de5fcb84fb43b3
1c3b5ad37d185b59eea35ea5c47cd2faa89579594b055b6d7960f4000cf745dc
1d3af0ae77229e6afb2041bd7f4b493ef8e90df1acd2b358fc1beececb518fd0
329056453bc3309712d3469e7bc2f2295dd456833b3ae092f3dec62a4ecdecf9
34fb4c792ce92da9a186f025bfd04a16d6228e55507e9edf76e6f59eca2a5b6d
36dcfb69dfbf9f056210e5721b006a7abb991956f116a06a1a428c2b2b09d1cc
389f5269ef2272a720cf60e002c019ec2519eb6d1a35aa408ba93ef57d3b64ea
3938c73872522b12526e4fd4647cd0fe68f128adc49511cd8f9d7889b3731002
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4239e087484b6318a13db1ee40046c5e0c8a8d497eb1c4c9244bfef153bf3de2
438cb41dfb32982de77e1eb71c44367b56c6871653970e2c9bbca4281316010d
486bb261f4188e3af820abe7323dae009f2004b5358754ae6e51efe498d18a12
4fd413be818cadcb46c36f2bc05d65d5970a6b1b29bf01021a1609151b9810ee
528b0be7dfa76aac0d3a1743f704e20ef8c6881628a3e35ba26db522337546f6
52b338eaa5f6ce14323f54c6210d52778d69eedd9729107951a630d13047712e
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c97b5f68590ab44e1a29105fce1f6ba3e14ad12e6cf99c24fe18643800bfce5
5e7078cde18930f61e469f92cf0e371243fc03b363dfd2637dd22bee10dea460
6468a1d765f15bf8887c3af85f93ffd45c94098873421e5daeb1842757e550c3
64d9c7e713962e95bfe92da369782f20f014f35ab9210d2d637d33a98f6c7641
681844d7dd13d4c148495d7f4117b9739e7ec0ff20d83cbd0eccb46df8502feb
68baf25cae925aac4196dfc42f9ef10aaf540aeb7a1923f4f4c6c598afd188c9
6e04df826b29c904e25ec09650b87e0f31c6a84d4444b1cfea28314731a30ae3
6ef988d9c2149fde781104f57c2ff4df0e5a164e03d1cd5a1fbcf2f4e746ecf0
71e3b85852a71dc6552efce057e7b76aa7c2da80fb88e874ae0f0f99a2dea9a9
761cca93427a680d03c288aa0930ccb271ce3191e82c4ef0e798a9fd25585e5a
76b5fd195412940f5af135cee20afcbfe75e272768f71dad10993665dcbb23c8
781715dac742208da7c6bf4f780c4406f09c4efe895c8c130d39aa1a941dce78
88336a4fd6d2e7db8882daa864cad1a5acc60350607e00e5d3b5b26496554d4a
8e22c87bb77dd443c144e972e09e0f3eb27971b950dcf78512c439edde000875
907b3c0ce2fd4252221fb451ed92a9865ca489bf5a88f1f962aead2b53e5a9ed
93b3cb372f8f850cb21e52e8b23e14eb5cf6ae251a06009b8ba774490b665d3c
9443240241c1fef5e8114d742e9f248dd3c365a197a52a90fd5db4d9e05b5c8e
948a20f10a1c038025d149d8a47f29a654057c1e3d5200caa1fd9ba76bfcd958
94a1e6b20f07ab894481ddfa18003daa4d1d3c7cd6b23df86724e43259334ae0
96fc3ade0dd948c34eb7b5105913e725de738d904386ee00cd16fe0cd2007921
9b37107f24e77054f38c8cb09894efb3b7a9d011ade34088d6622879556420a0
9db98dd7f5aa1b4f4e9f0229a3d2e3d272afb3418f0aa1f165c31ee5d6423717
9fe6a1b37256dbaef55d07c9eacfbcdff14fc765a2edc3086afdee64686cd6db
a0497b6efc2be46902ec80f58e27d3b63428ae3cbcfdea1ac02ba3c60e52349f
a59069d842fc70e07dddaa0184c9f62ac950f5fb66b4dd0e9f516b20756d97c7
aba46a9972e98dbc0eee8e9f07977fec96927eedde044e838d3abeea395c4275
b3b324e4e3672a100ed52005db1f4097b9faa78ecd60a8447831d7ee9feab6ae
ba66566ed4166ac4897a189cf5fb6525be31bfd2831003fb1da3dac1c5550756
d2886a3a92d20bc4fa101ee1e6c07125c5fb19175c13f01981f9f0b7164613a9
d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09
d4b1b94e64c38f8145efe8fe4c46a191a50066a79fc53593c4ca0f4e39245e11
df8a569f82a4c126a869c5062cfa4883230ace5c1b3c429eece88ee1e3475f77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c544172cdb1b27d96cc087cc307427fe6eb9645d2e015e8028556873ba9102
eb272e5abe586ce3396683924bb8d3f71c8b2e89e64f4c24d54edcbba00084cd
f65bcd46ba2f22afdd73f7b4bf9488dfe7a6f9e0e9d34a963b54556c90287d88
fc3a855bf1a87365b9c073594cc29f7033e354611c77b609ebb0796c9ba4619c

www.thueringen-spion.de Open in urlscan Pro 138.201.57.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

38 %IPv6

12 Domains

12 Subdomains

13 IPs

3 Countries

935 kBTransfer

2536 kBSize

11 Cookies

18 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thueringen-spion.de Open in urlscan Pro
138.201.57.79 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

38 %
IPv6

12
Domains

12
Subdomains

13
IPs

3
Countries

935 kB
Transfer

2536 kB
Size

11
Cookies

63 HTTP transactions
0 data transactions