URL: https://lohrasp.tak028.top/
Submission: On December 02 via api from US — Scanned from US

Summary

This website contacted 30 IPs in 4 countries across 20 domains to perform 97 HTTP transactions. The main IP is 62.204.58.112, located in Turkey and belongs to DIGITURUNC, TR. The main domain is lohrasp.tak028.top.
TLS certificate: Issued by R3 on November 29th 2023. Valid for: 3 months.
This is the only time lohrasp.tak028.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 62.204.58.112 48011 (DIGITURUNC)
27 2600:1408:c40... 20940 (AKAMAI-ASN1)
2 2600:1408:c40... 20940 (AKAMAI-ASN1)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
13 18.67.65.94 16509 (AMAZON-02)
3 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 63.140.62.160 15224 (OMNITURE)
1 23.222.5.85 20940 (AKAMAI-ASN1)
1 3.74.134.96 16509 (AMAZON-02)
1 52.85.132.2 16509 (AMAZON-02)
3 18.185.78.145 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
1 5.9.114.33 24940 (HETZNER-AS)
7 23.220.125.152 16625 (AKAMAI-AS)
3 13.249.42.27 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
4 23.212.249.205 20940 (AKAMAI-ASN1)
1 18.67.76.101 16509 (AMAZON-02)
2 3 68.67.160.132 29990 (ASN-APPNEX)
5 7 52.57.216.183 16509 (AMAZON-02)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 142.251.163.155 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 18.160.10.80 16509 (AMAZON-02)
1 18.160.1.134 16509 (AMAZON-02)
1 3 52.215.116.161 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:20a... 16509 (AMAZON-02)
2 18.198.101.17 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
97 30
Apex Domain
Subdomains
Transfer
43 spiegel.de
cdn.prod.www.spiegel.de — Cisco Umbrella Rank: 44496
interactive.spiegel.de — Cisco Umbrella Rank: 875260
sp-spiegel-de.spiegel.de — Cisco Umbrella Rank: 61959
sams.spiegel.de — Cisco Umbrella Rank: 83173
1 MB
13 opecloud.com
cdn.opecloud.com — Cisco Umbrella Rank: 5764
adalliance.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 30827
adalliance.tagger.opecloud.com — Cisco Umbrella Rank: 42156
tagger.opecloud.com — Cisco Umbrella Rank: 4604
adalliance.dcapi.tagger.opecloud.com — Cisco Umbrella Rank: 42739
18 KB
8 googlesyndication.com
827c5654691d7b8307975fd424bbb8c3.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
42 KB
7 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4166
4 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
166 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
70 KB
4 emsservice.de
static.emsservice.de — Cisco Umbrella Rank: 40457
9 KB
4 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 610
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
19 KB
3 xplosion.de
ups.xplosion.de — Cisco Umbrella Rank: 20001
cdn.xplosion.de — Cisco Umbrella Rank: 30067
5 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 431
160 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
788 B
2 omny.fm
omny.fm — Cisco Umbrella Rank: 16413
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 emetriq.de
dyn.emetriq.de — Cisco Umbrella Rank: 38329
118 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
521 B
1 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4286
3 KB
1 adalliance.io
zipservice.adalliance.io — Cisco Umbrella Rank: 57176
319 B
1 technical-service.net
te.technical-service.net — Cisco Umbrella Rank: 30145
2 KB
1 akamaihd.net
bilder-a.akamaihd.net — Cisco Umbrella Rank: 39069
2 KB
1 tak028.top
lohrasp.tak028.top
228 KB
97 20
Domain Requested by
27 cdn.prod.www.spiegel.de lohrasp.tak028.top
cdn.prod.www.spiegel.de
13 sp-spiegel-de.spiegel.de lohrasp.tak028.top
sp-spiegel-de.spiegel.de
7 ad.yieldlab.net lohrasp.tak028.top
ad.yieldlab.net
6 securepubads.g.doubleclick.net lohrasp.tak028.top
4 pagead2.googlesyndication.com lohrasp.tak028.top
tpc.googlesyndication.com
4 adalliance.tagger.opecloud.com 3 redirects lohrasp.tak028.top
4 static.emsservice.de lohrasp.tak028.top
3 tpc.googlesyndication.com lohrasp.tak028.top
3 tagger.opecloud.com 2 redirects lohrasp.tak028.top
3 c.amazon-adsystem.com lohrasp.tak028.top
3 adalliance.profiles.tagger.opecloud.com lohrasp.tak028.top
3 assets.adobedtm.com cdn.prod.www.spiegel.de
lohrasp.tak028.top
2 adalliance.dcapi.tagger.opecloud.com lohrasp.tak028.top
2 ups.xplosion.de lohrasp.tak028.top
2 match.adsrvr.org 2 redirects
2 ib.adnxs.com 1 redirects lohrasp.tak028.top
2 omny.fm lohrasp.tak028.top
2 interactive.spiegel.de lohrasp.tak028.top
1 www.google.com lohrasp.tak028.top
1 cdn.xplosion.de lohrasp.tak028.top
1 827c5654691d7b8307975fd424bbb8c3.safeframe.googlesyndication.com lohrasp.tak028.top
1 dyn.emetriq.de 1 redirects
1 aax.amazon-adsystem.com lohrasp.tak028.top
1 config.aps.amazon-adsystem.com lohrasp.tak028.top
1 dsp.adfarm1.adition.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 secure.adnxs.com 1 redirects
1 cdn.privacy-mgmt.com sp-spiegel-de.spiegel.de
1 acdn.adnxs.com lohrasp.tak028.top
1 zipservice.adalliance.io lohrasp.tak028.top
1 cdn.opecloud.com lohrasp.tak028.top
1 te.technical-service.net lohrasp.tak028.top
1 bilder-a.akamaihd.net lohrasp.tak028.top
1 sams.spiegel.de lohrasp.tak028.top
1 lohrasp.tak028.top
97 35
Subject Issuer Validity Valid
lohrasp.tak028.top
R3
2023-11-29 -
2024-02-27
3 months crt.sh
cdn.prod.www.spiegel.de
R3
2023-10-23 -
2024-01-21
3 months crt.sh
interactive.spiegel.de
R3
2023-10-02 -
2023-12-31
3 months crt.sh
omny.fm
Cloudflare Inc ECC CA-3
2023-08-18 -
2024-08-17
a year crt.sh
amp-manager-magazin-de.manager-magazin.de
R3
2023-11-28 -
2024-02-26
3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2024-08-10
a year crt.sh
sams.spiegel.de
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-02 -
2024-11-01
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh
te.technical-service.net
Amazon RSA 2048 M01
2023-08-01 -
2024-08-29
a year crt.sh
cdn.opecloud.com
Amazon RSA 2048 M02
2023-02-23 -
2024-02-13
a year crt.sh
*.profiles.tagger.opecloud.com
Amazon RSA 2048 M02
2023-11-27 -
2024-12-25
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.adalliance.io
Thawte TLS RSA CA G1
2023-11-08 -
2024-11-07
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2023-09-17 -
2024-09-17
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
static.emsservice.de
R3
2023-11-14 -
2024-02-12
3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.xplosion.de
R3
2023-11-22 -
2024-02-20
3 months crt.sh
*.dcapi.tagger.opecloud.com
Amazon RSA 2048 M02
2023-08-21 -
2024-09-19
a year crt.sh
*.tagger.opecloud.com
Amazon RSA 2048 M01
2023-05-03 -
2024-05-31
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 7 frames:

Primary Page: https://lohrasp.tak028.top/
Frame ID: D2490AA850F292CCF308C27D4311635F
Requests: 106 HTTP requests in this frame

Frame: https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=5820c21b-5705-4dfc-8dd3-97413f8b8522&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Frame ID: F9ADD4AC4B73A427ECA249DB45CE65F2
Requests: 10 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.07006235078218537&type=h
Frame ID: 73448FA6B966BF6D58C955875277189A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3EFC4F2FF9F06B98B460CD1042914AC4
Requests: 2 HTTP requests in this frame

Frame: https://827c5654691d7b8307975fd424bbb8c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A50C0BAA9C16ADBF11275615E1D46584
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F556A121089956DC3E60382BFDF20DD9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74ABF29B61B5A4225F11101262A32EE8
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

DER SPIEGEL | Online-Nachrichten

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

97
Requests

97 %
HTTPS

31 %
IPv6

20
Domains

35
Subdomains

30
IPs

4
Countries

1947 kB
Transfer

5638 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 98
  • https://adalliance.tagger.opecloud.com/adalliance/v2/pixel.gif?url=https%3A%2F%2Flohrasp.tak028.top%2F&ref=&tref=&tz=10&screen=1600x1200x24&visiturl=https%3A%2F%2Flohrasp.tak028.top%2F&dcRegion=us-east-1&cmpstatus=gdprdoesnotapply&e=%5B%5D&fpid=c63e606c-cc03-4a84-9e29-7ad7b0588fc0 HTTP 302
  • https://adalliance.tagger.opecloud.com/adalliance/v2/pixel.gif?e=%5B%5D&tref=&url=https%3A%2F%2Flohrasp.tak028.top%2F&tz=10&trackability-redirect=true&visiturl=https%3A%2F%2Flohrasp.tak028.top%2F&ref=&fpid=c63e606c-cc03-4a84-9e29-7ad7b0588fc0&screen=1600x1200x24&cmpstatus=gdprdoesnotapply&dcRegion=us-east-1 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fadalliance.tagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dadalliance%26state%3D2-7vc3XAEbXvZ1ts%252FnWjtycXwI3ObtZDJiRWRgM2o%253D%26puid%3D%24UID HTTP 302
  • https://adalliance.tagger.opecloud.com/appnexus/pbfs.gif?source=adalliance&state=2-7vc3XAEbXvZ1ts%2FnWjtycXwI3ObtZDJiRWRgM2o%3D&puid=5331408649650564158 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-dboQHwV3wGTaQOu0GNX7pjpKHiiO19T0c7%252FtH6c%253D%26source%3Dadalliance&puid=%25%25TDID%25%25 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-dboQHwV3wGTaQOu0GNX7pjpKHiiO19T0c7%252FtH6c%253D%26source%3Dadalliance&puid=%25%25TDID%25%25 HTTP 302
  • https://tagger.opecloud.com/tradedesk/pbfs.gif?puid=ad3353fc-1e81-4fba-ba96-118a4a9c143a&state=2-dboQHwV3wGTaQOu0GNX7pjpKHiiO19T0c7%2FtH6c%3D&source=adalliance HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-YE4s2mfW7ZDBGfPl6Y4SDdUdIQ0WOPuYEJK7Ozs%3D&source=adalliance HTTP 302
  • https://tagger.opecloud.com/dbm/opecs.gif?state=2-YE4s2mfW7ZDBGfPl6Y4SDdUdIQ0WOPuYEJK7Ozs%3D&source=adalliance&google_gid=CAESEDItrUlstUKSPSRqirrPbes&google_cver=1 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Ftagger.opecloud.com%2Fadition%2Fpbfs.gif%3Fsource%3Dadalliance%26state%3D2-5rdlMlKsGaTc2%252BQpdb0kzFGFosUl1bX%252F%252B1tU4eA%253D%26puid%3D%25%25COOKIE%25%25 HTTP 302
  • https://tagger.opecloud.com/adition/pbfs.gif?source=adalliance&state=2-5rdlMlKsGaTc2%2BQpdb0kzFGFosUl1bX%2F%2B1tU4eA%3D&puid=7307967827176061083
Request Chain 107
  • https://dyn.emetriq.de/loader/86497/default.js?_&0.6914363634872771& HTTP 301
  • https://ups.xplosion.de/loader/86497/default.js?_&0.6914363634872771&

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lohrasp.tak028.top/
1 MB
228 KB
Document
General
Full URL
https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.58.112 , Turkey, ASN48011 (DIGITURUNC, TR),
Reverse DNS
62-204-58-112.digiturunc.com
Software
nginx/1.24.0 /
Resource Hash
24516e1dd04fb0f1af5e87bf0f6126fb28cc160134f693fb1193c0ff271662a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=2592000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=0,s-maxage=90
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 12:07:29 GMT
server
nginx/1.24.0
strict-transport-security
max-age=2592000;
vary
X-Forwarded-Proto, X-Authorized-Sppur, Accept-Encoding
via
1.1 google
x-cache
HIT
x-cache-grace
3600.000
styles.11a1912e8354e463715d.css
cdn.prod.www.spiegel.de/public/spon/generated/css/
90 KB
16 KB
Stylesheet
General
Full URL
https://cdn.prod.www.spiegel.de/public/spon/generated/css/styles.11a1912e8354e463715d.css
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ae2e8470977c2f977f5255093f2167fed30305361a29a1c9c229afef2aed6ac9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 14 Nov 2023 10:01:38 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1699865474
etag
W/"11a1912e8354e463715d778944339fdd"
vary
Accept-Encoding
content-type
text/css
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
15710
expires
Tue, 14 Nov 2023 11:04:07 GMT
commons.1fb192978176ab9c5ab9.js
cdn.prod.www.spiegel.de/public/shared/generated/js/
40 KB
12 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/generated/js/commons.1fb192978176ab9c5ab9.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
effea39115f8e678dcd549082abcbe0402c7729cee6591e8dec3ce27857fab27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701085247
etag
W/"401b8cd3c5445c9da7bb537a8532f044"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
11913
expires
Tue, 28 Nov 2023 11:04:29 GMT
header.656594cc00f32d1b2792.js
cdn.prod.www.spiegel.de/public/shared/generated/js/
9 KB
3 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/generated/js/header.656594cc00f32d1b2792.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
065a0f4caeadf4edd6516b5f852483cbe5c881370b4eececa4c01f02244b276a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701085247
etag
W/"671c781c45795085483f5182c004cade"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
2833
expires
Tue, 28 Nov 2023 11:04:29 GMT
vendors.097fb2eaf280092bab9a.js
cdn.prod.www.spiegel.de/public/shared/generated/js/
157 KB
48 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/generated/js/vendors.097fb2eaf280092bab9a.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b685658dd4cecaeab3aea68dede5fc08f0f8d8b199180f93006e20882b18082

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701085247
etag
W/"0aba066ad396f5c296c377873c5583b5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
49066
expires
Tue, 28 Nov 2023 11:04:29 GMT
index.b21a95b23d9a8107787e.js
cdn.prod.www.spiegel.de/public/shared/generated/js/
213 KB
50 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/generated/js/index.b21a95b23d9a8107787e.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
337b55f5dca7e0300948455aede7ca245935b0652c0e5cbec49d801599ba5ebf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701085247
etag
W/"e7e31323627bafa9c6ed5447c00c892a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
50436
expires
Tue, 28 Nov 2023 11:04:29 GMT
SpiegelSans4UI-Bold.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
39 KB
39 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSans4UI-Bold.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"b34cfff725375ac3000e39c300104028"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
39692
expires
Tue, 28 Nov 2023 23:10:02 GMT
SpiegelSans4UI-Regular.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
38 KB
38 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSans4UI-Regular.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Wed, 22 Nov 2023 10:26:53 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"334ab4d3ad92620872b3cd2bd46a8b73"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
38464
expires
Sun, 26 Nov 2023 12:12:00 GMT
SpiegelSlab4UICd-ExtraBold.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
32 KB
32 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSlab4UICd-ExtraBold.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701079984
etag
"04b23c9d0b8f65be2b6c59479763e822"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
32624
expires
Tue, 28 Nov 2023 14:38:58 GMT
SpiegelSans4-6SemiBold.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
11 KB
11 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSans4-6SemiBold.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4986cfef70f57a3c524b749439a2b5b35be0f0fd2b18280dabe09bb721ce3c43

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"97e433a12662ca84b78c6e4af5506135"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
11344
expires
Tue, 28 Nov 2023 14:51:26 GMT
SpiegelSerifTextUI-Regular.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
40 KB
40 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifTextUI-Regular.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8781a2a3d250e769c7264d57b2836a9e180d5452e9212d6d51d1ea4093ffd45

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Thu, 30 Nov 2023 10:38:26 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701172252
etag
"16b1c82353e002cc9a4b3c0551788559"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
40736
expires
Fri, 01 Dec 2023 06:21:52 GMT
SpiegelSerifTextUI-Italic.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
32 KB
33 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifTextUI-Italic.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f90a5f8301aeffcf946f92c5059191703f269d82bdd5be8302b8cc8be963cc6a

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Wed, 22 Nov 2023 10:26:54 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"dac9bba73ae7973662775fd59b233641"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
33168
expires
Sat, 25 Nov 2023 13:58:47 GMT
SpiegelSerifTextUI-Bold.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
31 KB
31 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifTextUI-Bold.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
813947ddc6405f4e35f985440cb938198a83d8d895a62ace5076b267b3120dc3

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Wed, 22 Nov 2023 10:26:54 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"18cc1fcfdac7ee4801b8491a2dd1da3c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
31412
expires
Sun, 26 Nov 2023 23:45:27 GMT
SpiegelSerifTextUI-BoldItalic.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
33 KB
33 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifTextUI-BoldItalic.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8021c17932ea41e5e8fd0db9af0202110f5156eab8f2473eb2eb3e650c5e2d0

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701079984
etag
"c1d259b6279a6ea9254d57aa92d9fb77"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
33816
expires
Wed, 29 Nov 2023 08:13:18 GMT
SpiegelSerifDisplayUI-BoldItalic.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
33 KB
34 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifDisplayUI-BoldItalic.woff2
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c931dec2166efa07832b7cdb52ff3e3f00ffe7a3c3563b4db8b762a1e096a08e

Request headers

Referer
https://lohrasp.tak028.top/
Origin
https://lohrasp.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Wed, 22 Nov 2023 10:26:53 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"882c0a05482c2c0eb186726fdab46113"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
34256
expires
Tue, 28 Nov 2023 05:59:30 GMT
094f03d2-9a4b-409f-9e25-4870a6651090_w720_r1.778_fpx52_fpy45.webp
cdn.prod.www.spiegel.de/images/
47 KB
47 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/094f03d2-9a4b-409f-9e25-4870a6651090_w720_r1.778_fpx52_fpy45.webp
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a03b7af602fa9d955c4954c02f4bb2fa03311083bf4e138f77eebb471b2fd935

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:17:50 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"4b1f9ebdc91802bcdd5c0f41654147d5"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
47928
expires
Fri, 01 Dec 2023 17:18:07 GMT
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
469690dfd142afa3744ab4911e65e2379d6add7844a25db8aaaf0e65f749db8e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6a94dbcbc21076862a94ff3b6411e14b2199db566e97ba427f0a84e570a4a95

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e259ff19f7a1d952eec7d0035c8d685ee6305fb56d17d697f5d9ec65b860484a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a05847c3f2f5a4c4931a1fbcfca2dcd37d5d60ba1090f20a8cc3e896bf92dea

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
92 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e623198d33f383cf5bc971100ea3596389d1c94d417841fd9fd3b90831e78612

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
ws.csv
interactive.spiegel.de/gra/apps/wissenschaft/2023/warming-stripes/v0/
1 KB
790 B
Fetch
General
Full URL
https://interactive.spiegel.de/gra/apps/wissenschaft/2023/warming-stripes/v0/ws.csv
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a56 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f9d890f6c6e525a34f5268ed07841bb790109871ff780db21cbfe8348be7f98d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Mon, 27 Nov 2023 10:54:12 GMT
x-ttl
1800.000
x-cache-grace
300.000
etag
W/"dc547c621448c5138cf80edf7cd26cab"
vary
Accept-Encoding
content-type
text/csv
access-control-allow-origin
*
cache-control
public, s-maxage=10800, max-age=10800
accept-ranges
bytes
content-length
531
expires
Tue, 28 Nov 2023 12:14:12 GMT
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
307c29ce6b7e955c2895c6f771e4bd221bbc8caed8acdbaa7d58598b25ce161b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db038ead1a7102425b895809d65ca3e6d9521ff4399229497ae9a575f3cfaf30

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4641263e04dff132a7f1e4d225ed41f609a718b875d9749c30cef4c81c17799e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
027ec9d50e541956f8be140fbc8c2b214ae44ae9405db409730311814eb9e9c9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01ad95c30ab8bafb85c61826be949d9625c509f0d6ccb4ca921cfac5d87509d6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c054a1f854b682947214e3245f5721f4e9dea0dc4669e3ec480521599beb1060

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cd21742d03ce8fdc56a66e00db3b7f360212099ab033e6b1d335b8d056f5de3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34e62b970ab1831e45441dd0711026f99216315b038935e1040b658bc8ed0a14

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b74ea72c4f6103c31606e7918ea026b8b14c4b4579910f08440a815f0620ec7b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dfd4b968aabfe1058b714f8c54de85cec9eb55cec9d51548b4c646cb4e3463b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d8281f67004dd29f3ee6ae1ec40489f79b4e6c6f98d6e2042ded26126148d2b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
ws.csv
interactive.spiegel.de/gra/apps/wissenschaft/2023/warming-stripes/v0/
1 KB
790 B
Fetch
General
Full URL
https://interactive.spiegel.de/gra/apps/wissenschaft/2023/warming-stripes/v0/ws.csv
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a56 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f9d890f6c6e525a34f5268ed07841bb790109871ff780db21cbfe8348be7f98d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:29 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Mon, 27 Nov 2023 10:54:12 GMT
x-ttl
1800.000
x-cache-grace
300.000
etag
W/"dc547c621448c5138cf80edf7cd26cab"
vary
Accept-Encoding
content-type
text/csv
access-control-allow-origin
*
cache-control
public, s-maxage=10800, max-age=10800
accept-ranges
bytes
content-length
531
expires
Tue, 28 Nov 2023 12:14:12 GMT
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b3b64353ca4f6878606cecdc4c99899031e956763ca27dade44f46f2db74893

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10ff0d60bfd122c6111c16a95dce08e3ac4c0c2625e9dc89df5fc1bfc20fffa3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
92 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e13911b55e63800e1fd4fd89ba3a333107c7b04d7906b385da4ee38d4a105588

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e34e3767438924f7a921fe6e947f831717a0f9905343f5941b2fb108fe8762d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c1caa3c9865973b486795b763065327d37f241e30f43064f7779c45560a814

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9f1dcff795fb3edeb001c9e566ccb85edfc7e174cd0cc0e4d05766bd534eb2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f27bf250b76a9086dab149430370668a431e1ec8dfc28d1e91662a24fc6e3d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff3e82c0365229a9f962f063a601da8eee495129132628a8a9c5a6e13eab98ce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
560264c04c8234afbce89f4b26d6009ee64d5d18cad14992f9a473fee1ec152c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
624aa195716c9815c3236f3fef49383dbced2596c7430bb4069ec4e323e30239

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
331d866a911b6978849e8239e720b1e82e43014aadb74978cab4e5d3b2b78671

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
96 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8743628c7b7732ffaa9cb69c3ed9f906f378a2710d43371f0a10c08b37fc52f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
96 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32f9db0a1a05fd7e7bdbc75f42c15a5beae9053150de7c005f02c7a8397daae4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
clips
omny.fm/api/orgs/5ac1e950-45c7-4eb7-87c0-aa0f018441b8/playlists/4c18e072-24d2-4d60-9a42-abc00102c97e/
5 KB
2 KB
Fetch
General
Full URL
https://omny.fm/api/orgs/5ac1e950-45c7-4eb7-87c0-aa0f018441b8/playlists/4c18e072-24d2-4d60-9a42-abc00102c97e/clips?pageSize=1
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d998fb5f5c9aff497598fcf5704f1c5f4731cdb9b0fdb4c930311baaa41e0aaf

Request headers

Referer
https://lohrasp.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 02 Dec 2023 11:23:12 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=120
cf-ray
82f3732e4d6409ce-MIA
alt-svc
h3=":443"; ma=86400
breakingnews.json
cdn.prod.www.spiegel.de/assets/news/
2 B
199 B
Fetch
General
Full URL
https://cdn.prod.www.spiegel.de/assets/news/breakingnews.json
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
content-encoding
gzip
akamai-cache-status
Miss from child, Hit from parent
x-cache-grace
10.000
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=30,s-maxage=30
accept-ranges
bytes
content-length
22
wrapperMessagingWithoutDetection.js
sp-spiegel-de.spiegel.de/unified/
123 KB
36 KB
Script
General
Full URL
https://sp-spiegel-de.spiegel.de/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:26:50 GMT
content-encoding
br
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:08:07 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P1
age
2441
x-amz-server-side-encryption
AES256
etag
W/"74fa9eeecc0f7ce308ddca60b7ef2b93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
RK1CVZba2DpNlE4A-70IUeKzB4j3pGMn7UpWYy15V66v7ViNrkwDUQ==
launch-1f27b0b1677f.min.js
assets.adobedtm.com/cc10f7b4369d/bc7780f78333/
574 KB
139 KB
Script
General
Full URL
https://assets.adobedtm.com/cc10f7b4369d/bc7780f78333/launch-1f27b0b1677f.min.js
Requested by
Host: cdn.prod.www.spiegel.de
URL: https://cdn.prod.www.spiegel.de/public/shared/generated/js/index.b21a95b23d9a8107787e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8f7eaea2c1460c5447d090193cec088be298fcc777cfd4ee6aa006dfa64d358a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 06:03:35 GMT
server
AkamaiNetStorage
etag
"cb400db5d1f044115d27651064b44eeb:1700633015.053634"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://lohrasp.tak028.top
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
141598
expires
Sat, 02 Dec 2023 13:07:30 GMT
ea93aa3e-e44f-44f3-9ef8-1bea08d43ef6_w168_r0.66_fpx50_fpy28.13.webp
cdn.prod.www.spiegel.de/images/
9 KB
9 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/ea93aa3e-e44f-44f3-9ef8-1bea08d43ef6_w168_r0.66_fpx50_fpy28.13.webp
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
be94a6295277a3ec39c70cdfba958062d07d07e1ad61d1e35e679ba9d1970b18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:37:54 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"ecfb55f32580973e41506ad55cf6ae91"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
9358
expires
Fri, 01 Dec 2023 17:49:06 GMT
e31e0abc-41e5-479d-b695-fa2a643b56a7_w168_r0.66_fpx45.22_fpy46.99.webp
cdn.prod.www.spiegel.de/images/
12 KB
13 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/e31e0abc-41e5-479d-b695-fa2a643b56a7_w168_r0.66_fpx45.22_fpy46.99.webp
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ccd368d2cc4e1eb0f3a2b0bb1be416ff3bd3e21c0900154c21eb9cbddbad472e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
akamai-cache-status
Hit from child
last-modified
Thu, 30 Nov 2023 15:59:24 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"4b2a01bb72285bbcb30a30c0b67cc703"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
12774
expires
Fri, 01 Dec 2023 05:52:34 GMT
f9217b0d-a384-4d33-a810-4c8030dc4944_w168_r0.66_fpx35.99_fpy49.99.webp
cdn.prod.www.spiegel.de/images/
17 KB
17 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/f9217b0d-a384-4d33-a810-4c8030dc4944_w168_r0.66_fpx35.99_fpy49.99.webp
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b82b44bf65db27b74faae64a4194920919d08f0fb311d56da55d5f9d27cb3e3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 09:22:39 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"b9e2134c58096820e4547cd43c76c36b"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
17336
expires
Fri, 01 Dec 2023 17:49:06 GMT
0558e30a-d401-490f-977d-7db8a9b9e448_w168_r0.66_fpx50_fpy40.47.webp
cdn.prod.www.spiegel.de/images/
10 KB
10 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/0558e30a-d401-490f-977d-7db8a9b9e448_w168_r0.66_fpx50_fpy40.47.webp
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
96027e0b03463d27e3c6f815149f5ce075dccfeb06b6f7935aa876b40b6664ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:37:12 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"64e58c108a2c73a25bcd4095c51ef8cd"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
9792
expires
Fri, 01 Dec 2023 17:54:40 GMT
094f03d2-9a4b-409f-9e25-4870a6651090_w168_r0.66_fpx51_fpy47.webp
cdn.prod.www.spiegel.de/images/
16 KB
16 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/094f03d2-9a4b-409f-9e25-4870a6651090_w168_r0.66_fpx51_fpy47.webp
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ed5ab0855b6eb557dc4fc3349c8e3201842db7cc0c006fef8186eff6d528289

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:37:13 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"a47487042f0bd042df26a32ec9e6228f"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
16558
expires
Fri, 01 Dec 2023 17:54:41 GMT
9112cb9b-029d-4dbf-be2a-3e3109508d15_w168_r0.66_fpx55.32_fpy54.95.webp
cdn.prod.www.spiegel.de/images/
10 KB
10 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/9112cb9b-029d-4dbf-be2a-3e3109508d15_w168_r0.66_fpx55.32_fpy54.95.webp
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
83d499d63224ad99634f9bbc0914f3a2393da23359a7e2dc950457ce13014d7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:37:13 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"c062954e460cc3c81e0da15e278bd51f"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
9874
expires
Fri, 01 Dec 2023 17:54:42 GMT
79cc9de2-118f-42a9-adf2-c17333b0bd4c_w720_r1.778_fpx57.48_fpy49.99.webp
cdn.prod.www.spiegel.de/images/
62 KB
62 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/79cc9de2-118f-42a9-adf2-c17333b0bd4c_w720_r1.778_fpx57.48_fpy49.99.webp
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
59ab45cac565b156740051d68e8b7148e861aa5374e62b45204a68a77316d41d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
akamai-cache-status
Miss from child, Hit from parent
last-modified
Sat, 02 Dec 2023 12:03:39 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"276081e3c8dfb15615ab3f37b528a9b3"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
63504
expires
Sat, 02 Dec 2023 13:04:50 GMT
3e7b32d14-eb594-6e85-8e49-13ccf53f399c_w910h_600_fpx29.95_fpy44.94.jpg
cdn.prod.www.spiegel.de/images/
68 B
312 B
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/3e7b32d14-eb594-6e85-8e49-13ccf53f399c_w910h_600_fpx29.95_fpy44.94.jpg
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:07:30 GMT
akamai-cache-status
Miss from child, Miss from parent
server
ADFCDN/5.2.3
x-powered-by
AdDefend GmbH
content-type
image/png
cache-control
max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges
bytes
content-length
68
expires
0
4c18e072-24d2-4d60-9a42-abc00102c97e
omny.fm/api/orgs/5ac1e950-45c7-4eb7-87c0-aa0f018441b8/playlists/
2 KB
963 B
Fetch
General
Full URL
https://omny.fm/api/orgs/5ac1e950-45c7-4eb7-87c0-aa0f018441b8/playlists/4c18e072-24d2-4d60-9a42-abc00102c97e
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb17b019e3f8dab490647d1727b304a04516859089e7562362eab3f8e765e00

Request headers

Referer
https://lohrasp.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 02 Dec 2023 11:23:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=120
cf-ray
82f3732f1dea09ce-MIA
alt-svc
h3=":443"; ma=86400
gdpr-tcf.29a1390ca5468e08c1ee.bundle.js
sp-spiegel-de.spiegel.de/unified/4.13.4/
134 KB
22 KB
Script
General
Full URL
https://sp-spiegel-de.spiegel.de/unified/4.13.4/gdpr-tcf.29a1390ca5468e08c1ee.bundle.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e461ec99a1d40286ccdb0e737880e244c8e6dbb509f2a62e117a74e8a2c03065

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 12:09:07 GMT
content-encoding
br
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 19:09:03 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P1
age
2159904
etag
W/"44467dde87d7b7afea5d9256b34c9523"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
TVPS96rcODjjKXZe7M9kvg1Xod8bLDjaT1Qk2OTtkjpwDs_EjRZEzA==
get_site_data
sp-spiegel-de.spiegel.de/mms/v2/
209 B
1 KB
XHR
General
Full URL
https://sp-spiegel-de.spiegel.de/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fspiegel-ads&account_id=331
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
/
Resource Hash
7f943470ac510b922aca5671c2f7629dd56daf7941e16724df80f0c3c8768c06
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:45:19 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-16-101
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
age
80531
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
Nz7ZKLfpph8T2507U6Lr-ZKo3ivJR0ACNy1ZROszY9vOxhIrmUyxzA==
id
sams.spiegel.de/
48 B
459 B
XHR
General
Full URL
https://sams.spiegel.de/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=79655FCF5C1D42160A495E15%40AdobeOrg&mid=11605881965860596529047013637562221843&d_coppa=true&ts=1701518850612
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
a403e92b80cb0b9d999f9a38ff33a86b7b832f15bdac0da35949db2938920bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lohrasp.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://lohrasp.tak028.top
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/
34 KB
13 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://lohrasp.tak028.top
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12687
expires
Sat, 02 Dec 2023 13:07:30 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:195::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
35e1ca516492f5d721502a1f38f387fb0459469d57573c7137f0dd9018cd1207

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:27 GMT
server
AkamaiNetStorage
etag
"308e7196ecac7be14c7ad5cb14630137:1694496807.005407"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://lohrasp.tak028.top
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8755
expires
Sat, 02 Dec 2023 13:07:30 GMT
meta-data
sp-spiegel-de.spiegel.de/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/meta-data?hasCsp=true&accountId=331&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=31256&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://lohrasp.tak028.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
49490
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 01 Dec 2023 22:22:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
x-amz-cf-id
mLAZ1Krt8-2dsn7YUIL_fGF28Zckhz3zfQMiwfc3FHjzADtoPnFo_Q==
x-amz-cf-pop
IAD89-P1
x-cache
Hit from cloudfront
x-powered-by
Express
meta-data
sp-spiegel-de.spiegel.de/wrapper/v2/
227 B
762 B
XHR
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/meta-data?hasCsp=true&accountId=331&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=31256&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
8109d7f45b41af473bc04a75c7875a2cdefc989d1fd201173dd173141bae95a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://lohrasp.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Dec 2023 11:20:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
age
2805
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
227
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
FcI6DvfUnEWhrau2PZ3oR2pkt6QgUtihe-Rqv-vObOVDg6FsuU77lQ==
messages
sp-spiegel-de.spiegel.de/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A331%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22platform%22%3A%22web%22%2C%22is_phone%22%3Afalse%2C%22is_tablet%22%3Afalse%2C%22is_mobile%22%3Afalse%2C%22route%22%3A%22homepage%22%2C%22is_loggedIn%22%3Afalse%2C%22has_paid_access%22%3Afalse%2C%22has_noAds_access%22%3Afalse%2C%22has_conditional_access%22%3Atrue%2C%22disable_consent%22%3Afalse%2C%22lang%22%3A%22en%22%2C%22requestMessage%22%3A%22consent-layer%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsp-spiegel-de.spiegel.de%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fspiegel-ads%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=437313036437313036c9e6&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://lohrasp.tak028.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
66269
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 01 Dec 2023 17:43:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
x-amz-cf-id
xZKdjqUHS7wj61xNkor5N0WTGOgbjxcCR-I8m48AjFyhmxyE_dVdIg==
x-amz-cf-pop
IAD89-P1
x-cache
Hit from cloudfront
x-powered-by
Express
messages
sp-spiegel-de.spiegel.de/wrapper/v2/
359 KB
251 KB
XHR
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A331%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22platform%22%3A%22web%22%2C%22is_phone%22%3Afalse%2C%22is_tablet%22%3Afalse%2C%22is_mobile%22%3Afalse%2C%22route%22%3A%22homepage%22%2C%22is_loggedIn%22%3Afalse%2C%22has_paid_access%22%3Afalse%2C%22has_noAds_access%22%3Afalse%2C%22has_conditional_access%22%3Atrue%2C%22disable_consent%22%3Afalse%2C%22lang%22%3A%22en%22%2C%22requestMessage%22%3A%22consent-layer%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsp-spiegel-de.spiegel.de%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fspiegel-ads%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=437313036437313036c9e6&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
db3441ba23a1a6907788e4263e988da2c39042abf28e46cea68f19d959610476
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://lohrasp.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Dec 2023 12:07:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
zAMmRWB2yQMCsZp0MOX0w1b2ggQ1Z1VikxgIDEBQkOxKcY5KRRM1Gw==
fd445dcb6-b7e23-2695-1e81-11d1cf3f399c_w910h_600_fpx29.95_fpy44.94.jpg.jpg
cdn.prod.www.spiegel.de/images/banners/
68 B
312 B
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/banners/fd445dcb6-b7e23-2695-1e81-11d1cf3f399c_w910h_600_fpx29.95_fpy44.94.jpg.jpg
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:07:31 GMT
akamai-cache-status
Miss from child, Miss from parent
server
ADFCDN/5.2.3
x-powered-by
AdDefend GmbH
content-type
image/png
cache-control
max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges
bytes
content-length
68
expires
0
live.top.js
cdn.prod.www.spiegel.de/public/cron/spon/js/guj/
189 KB
38 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/cron/spon/js/guj/live.top.js
Requested by
Host: cdn.prod.www.spiegel.de
URL: https://cdn.prod.www.spiegel.de/public/shared/generated/js/index.b21a95b23d9a8107787e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
db0133036797b0b58666bdd362d018ebcee660fc31e94e93659e03572bb77676

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
akamai-cache-status
Miss from child, Hit from parent
last-modified
Sat, 02 Dec 2023 12:06:28 GMT
x-ttl
30.000
x-cache-grace
30.000
etag
W/"2b3b47b091a8caccbd830a39ffb99598"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=30, max-age=120
accept-ranges
bytes
content-length
38543
expires
Sat, 02 Dec 2023 13:06:52 GMT
pv-data
sp-spiegel-de.spiegel.de/wrapper/v2/
195 B
736 B
XHR
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=437313036437313036c9e6&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
85ee1ac97ae6b32a5286dea08f65adf7a35694d48784b8fe9d762b0160bdff5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://lohrasp.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lohrasp.tak028.top
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
195
x-amz-cf-id
eZzYJRpoIcPzHO2l_pC1rfzuVZB31DGCg3y_-oGlQLC4dSlfKDXuPQ==
index.html
sp-spiegel-de.spiegel.de/ Frame F9AD
5 KB
2 KB
Document
General
Full URL
https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=5820c21b-5705-4dfc-8dd3-97413f8b8522&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701

Request headers

Referer
https://lohrasp.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2259
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Sat, 02 Dec 2023 11:29:53 GMT
etag
W/"5bd8512ba573dfffcca16bcba94d75a2"
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id
snWeW6R9d_ZUP4DhzYKo9tYSVYWnAC_Yxx0MoBY1J4E5V-EKg6vUZw==
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pv-data
sp-spiegel-de.spiegel.de/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=437313036437313036c9e6&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lohrasp.tak028.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://lohrasp.tak028.top
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 12:07:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
x-amz-cf-id
gy9-yr-swknWEcU1MMGBDmFjhCeLyi7g8-vAjnzxnc3xBqy38e_yFg==
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront
x-powered-by
Express
live.bottom.js
cdn.prod.www.spiegel.de/public/cron/spon/js/guj/
281 KB
71 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/cron/spon/js/guj/live.bottom.js
Requested by
Host: cdn.prod.www.spiegel.de
URL: https://cdn.prod.www.spiegel.de/public/shared/generated/js/index.b21a95b23d9a8107787e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a51 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
df73f4b9c8590be28d0b642b1b10b224f13fc1497089b57e78b829c7c78a3e75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
akamai-cache-status
Miss from child, Hit from parent
last-modified
Sat, 02 Dec 2023 12:06:28 GMT
x-ttl
30.000
x-cache-grace
30.000
etag
W/"e2ad3ba06392baf1224b26f8417b6ceb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=30, max-age=120
accept-ranges
bytes
content-length
72393
expires
Sat, 02 Dec 2023 13:06:34 GMT
blockadblock.min.js
bilder-a.akamaihd.net/ip/js/ipdvdc/
5 KB
2 KB
Script
General
Full URL
https://bilder-a.akamaihd.net/ip/js/ipdvdc/blockadblock.min.js?0.5051407492277102&
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-85.deploy.static.akamaitechnologies.com
Software
ATS/7.1.2 /
Resource Hash
4285ac395a438cdc6ba800a527f32d7872c3f6de7ed3deac592f521390a7d1e6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=86400
last-modified
Mon, 04 Sep 2017 11:22:03 GMT
server
ATS/7.1.2
date
Sat, 02 Dec 2023 12:07:31 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=23
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1706
expires
Sat, 02 Dec 2023 12:07:54 GMT
api
te.technical-service.net/
659 B
2 KB
Fetch
General
Full URL
https://te.technical-service.net/api?pa=2&&bds=0&url=https://lohrasp.tak028.top/&uuidpd=13100d39-f186-465d-8362-8b6f9c9b3712
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.134.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-134-96.eu-central-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
837e6551a9b6940aabe1e53842fa1cc933cdc240ff599b74d343687e10da3b10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
server
uvicorn
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://lohrasp.tak028.top
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
659
ope-adalliance.js
cdn.opecloud.com/
69 KB
14 KB
Script
General
Full URL
https://cdn.opecloud.com/ope-adalliance.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-2.iad50.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
6f37ab119551d439d8d282dff2a6927fa9e95beb49115819403dfedda20edaaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:31:00 GMT
content-encoding
gzip
via
1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront)
last-modified
Tue, 21 Nov 2023 13:36:09 GMT
server
nginx/1.24.0
x-amz-cf-pop
IAD50-C2
age
2191
etag
W/"655cb249-11577"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800, public
x-amz-cf-id
NsWHk6u2T4oAEfDVy8xyYsKfcCe4zdYwK4LMXp2rK_lOWTWEPJ3zAQ==
expires
Sat, 09 Dec 2023 11:31:00 GMT
Notice.3a0d3.css
sp-spiegel-de.spiegel.de/ Frame F9AD
33 KB
6 KB
Stylesheet
General
Full URL
https://sp-spiegel-de.spiegel.de/Notice.3a0d3.css
Requested by
Host: sp-spiegel-de.spiegel.de
URL: https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=5820c21b-5705-4dfc-8dd3-97413f8b8522&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=5820c21b-5705-4dfc-8dd3-97413f8b8522&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:29:53 GMT
content-encoding
gzip
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P1
age
2259
x-amz-server-side-encryption
AES256
etag
W/"453680a5f8883be2b15dcb7878e5d351"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
b9Cs0VfCXno_ywJoZ0G4AKLpv4Saq6hQcNydMRvVKLOiuVVYEnvWFQ==
polyfills.d36c5.js
sp-spiegel-de.spiegel.de/ Frame F9AD
5 KB
2 KB
Script
General
Full URL
https://sp-spiegel-de.spiegel.de/polyfills.d36c5.js
Requested by
Host: sp-spiegel-de.spiegel.de
URL: https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=5820c21b-5705-4dfc-8dd3-97413f8b8522&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=5820c21b-5705-4dfc-8dd3-97413f8b8522&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:29:53 GMT
content-encoding
gzip
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P1
age
2259
x-amz-server-side-encryption
AES256
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
4gSX19YG74zY-Hw6aelB0K2TyzdCJPxK3j43NeWVTuxyJF87Z0wG2w==
Notice.cfd37.js
sp-spiegel-de.spiegel.de/ Frame F9AD
274 KB
72 KB
Script
General
Full URL
https://sp-spiegel-de.spiegel.de/Notice.cfd37.js
Requested by
Host: sp-spiegel-de.spiegel.de
URL: https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=5820c21b-5705-4dfc-8dd3-97413f8b8522&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-94.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=5820c21b-5705-4dfc-8dd3-97413f8b8522&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:16:18 GMT
content-encoding
gzip
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P1
age
3074
x-amz-server-side-encryption
AES256
etag
W/"ab0bfa06558578f0cc888d8945749f5b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
UO6nqYlVrC1iwZuqwgcMqTovF22a00iGEC_9BfkatHqEISwJvYw4cw==
targeting
adalliance.profiles.tagger.opecloud.com/v1/
74 B
253 B
Fetch
General
Full URL
https://adalliance.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Flohrasp.tak028.top%2F&gdpr_applies=1&consent_string=CPgrvQAPgrvQAAGABBENCkCgAAAAAAAAAAYgAAAAAAAA.YAAAAAAAAAAA
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.78.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-78-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2cef7c3a34223830690814fd7c9f92ee6863f59e984be42bc6a95132be24639b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://lohrasp.tak028.top
date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
gpt.js
securepubads.g.doubleclick.net/tag/js/
91 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?0.2107891918598539&
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5210293519f5db380225ea20bb7e5d0a2735c2661a8f88e1078d37902e321820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29850
x-xss-protection
0
server
cafe
etag
409 / 19693 / 31079857 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 12:07:31 GMT
get
zipservice.adalliance.io/
63 B
319 B
Fetch
General
Full URL
https://zipservice.adalliance.io/get
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.114.33 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.33.114.9.5.clients.your-server.de
Software
openresty / Express
Resource Hash
57eeb107b9dbf422afc78fc05a607694c9baa44f422ae2a2272d94a523e60f2c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
server
openresty
x-powered-by
Express
etag
W/"3f-85ee16b0"
vary
Origin
x-char
s2, s2
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lohrasp.tak028.top
cache-control
public, max-age=300
access-control-allow-credentials
true
content-length
63
2x2
ad.yieldlab.net/d/7053789/631/ Frame 7344
307 B
781 B
Document
General
Full URL
https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.07006235078218537&type=h
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.125.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-125-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e73a5652c5b8da7968ab7319bf9b216b6f8cd793d75a6cdd108b501f34c1f67

Request headers

Referer
https://lohrasp.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Language
en-US
Content-Length
307
Content-Type
text/html;charset=UTF-8
Date
Sat, 02 Dec 2023 12:07:31 GMT
Expires
Fri, 01 Dec 2023 12:07:31 GMT
Pragma
no-cache
apstag.js
c.amazon-adsystem.com/aax2/
267 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js?
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:36:41 GMT
content-encoding
gzip
via
1.1 a075746ea1824aa1c02a5e26a9e968e4.cloudfront.net (CloudFront), 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, IAD89-C1
age
1851
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
OaujKZm5_ZYuY-dY3gsFMY3YWeFH3tYAbAxbZiv_3Pdnp9l9UCW_sw==
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3EFC
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://lohrasp.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
12565
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 02 Dec 2023 12:07:31 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4485, 16284
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760072-MIA
X-Timer
S1701518851.452921,VS0,VE0
render.dynamic.js
static.emsservice.de/molten/live/
8 KB
3 KB
Script
General
Full URL
https://static.emsservice.de/molten/live/render.dynamic.js?
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.205 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-249-205.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cb305d4e4a38aecc9bd5dae4ccb92cf983ff2582d9a2541ea6b489cea9792a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
content-length
2263
last-modified
Wed, 13 Sep 2023 13:21:30 GMT
server
AmazonS3
etag
"ec7bd615919ca57c4f5eddbc30fb45fb"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=25431
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JY5Djfa7nIxrT-hBZtiYSRmTtwVad23039dhLY21esySrQrG86scug==
expires
Sat, 02 Dec 2023 19:11:22 GMT
render.wp.js
static.emsservice.de/molten/live/
6 KB
3 KB
Script
General
Full URL
https://static.emsservice.de/molten/live/render.wp.js?
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.205 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-249-205.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e9f8ff23866bd848fe7ef4a4a38d85ced44742a5aad5c9f0b53f68bc5ea836b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
content-length
2209
last-modified
Wed, 13 Sep 2023 13:21:30 GMT
server
AmazonS3
etag
"ab75fa298a8192aa7bfffde5e8e41031"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=28368
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ch2_GTziD1nJnxfLFcE5_TSrfzPfcZ8rFai4tXUZ56Ym528aIQLGgw==
expires
Sat, 02 Dec 2023 20:00:19 GMT
render.fp.js
static.emsservice.de/molten/live/
7 KB
2 KB
Script
General
Full URL
https://static.emsservice.de/molten/live/render.fp.js?
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.205 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-249-205.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
158276d6ff64e9501a1e8ed6cf20e2d1f154425de149dbe5fbcbbdb60a326610

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
content-length
2071
last-modified
Wed, 22 Nov 2023 15:03:41 GMT
server
AmazonS3
etag
"7a352230d82b4ac7cc5012b96a9badb7"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=25341
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
yQ7mUaCFiG-Dg8PFQJ9R7SuUY85JmwOiRTXiC-_-dXFCUzUeL5E4zg==
expires
Sat, 02 Dec 2023 19:09:52 GMT
render.layer.js
static.emsservice.de/molten/live/
3 KB
2 KB
Script
General
Full URL
https://static.emsservice.de/molten/live/render.layer.js?
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.249.205 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-249-205.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
787420847ce82c0b7469a668d8f3b733d1af6e7c3e08f82c8476f863d5205bf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
content-length
1351
last-modified
Wed, 09 Aug 2023 12:59:34 GMT
server
AmazonS3
etag
"b2269124662b1705c5d2db579f18952e"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=23052
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
9qH9_PGkXu_G0irV2voIcTaJp0b3VJbGUVF--acA1su68KU4mL53Iw==
expires
Sat, 02 Dec 2023 18:31:43 GMT
10225449,10225452,10225447,10225450,10225446,10225451,11228691,10225448
ad.yieldlab.net/yp/
154 B
651 B
Script
General
Full URL
https://ad.yieldlab.net/yp/10225449,10225452,10225447,10225450,10225446,10225451,11228691,10225448?t=consent%3Dyes%26clienttc%3D%26&pvid=1&pubref=https%3A%2F%2Flohrasp.tak028.top%2F&ids=&ts=0.7497882376989207&
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.125.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-125-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:07:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
124
Expires
Fri, 01 Dec 2023 12:07:31 GMT
12956915,12956960,12957005,11228691,12957050
ad.yieldlab.net/yp/
154 B
651 B
Script
General
Full URL
https://ad.yieldlab.net/yp/12956915,12956960,12957005,11228691,12957050?t=consent%3Dyes%26clienttc%3D%26&pvid=1&pubref=https%3A%2F%2Flohrasp.tak028.top%2F&ids=&ts=0.5134755584566724&
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.125.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-125-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:07:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
124
Expires
Fri, 01 Dec 2023 12:07:31 GMT
9859438,9859439,10751042,9859440,15687977,9859450,15687985,15687989,15687994,9859451
ad.yieldlab.net/yp/
154 B
651 B
Script
General
Full URL
https://ad.yieldlab.net/yp/9859438,9859439,10751042,9859440,15687977,9859450,15687985,15687989,15687994,9859451?t=consent%3Dyes%26clienttc%3D%26&pvid=1&pubref=https%3A%2F%2Flohrasp.tak028.top%2F&ids=&ts=0.40803746364696014&
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.125.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-125-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:07:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
124
Expires
Fri, 01 Dec 2023 12:07:31 GMT
11761245,11761246,11761247,11761248
ad.yieldlab.net/yp/
154 B
651 B
Script
General
Full URL
https://ad.yieldlab.net/yp/11761245,11761246,11761247,11761248?t=consent%3Dyes%26clienttc%3D%26&pvid=1&pubref=https%3A%2F%2Flohrasp.tak028.top%2F&ids=&ts=0.22777531355865777&
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.125.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-125-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:07:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
124
Expires
Fri, 01 Dec 2023 12:07:31 GMT
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame F9AD
6 KB
3 KB
Fetch
General
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=31256
Requested by
Host: sp-spiegel-de.spiegel.de
URL: https://sp-spiegel-de.spiegel.de/Notice.cfd37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-101.iad89.r.cloudfront.net
Software
/
Resource Hash
46e760fc451ec1d97dbb15df7f60d42432c0ead75672f72531e7087aa0fb3d88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sp-spiegel-de.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 0dc81f450c72d91e34b5a0b41d441f28.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
koQMdTyV4RlMCqSjRtZWg_FSoJDbwQPN5hMdjKgBCF-gE07_glbdfA==
bounce
ib.adnxs.com/ Frame 3EFC
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
646 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:07:31 GMT
an-x-request-uuid
be84a62b-16f5-4fc0-b1d7-4a94ca870be1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:07:31 GMT
an-x-request-uuid
0d2c2044-b921-4426-8854-3b7c553cfcda
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
targeting
adalliance.profiles.tagger.opecloud.com/v1/
74 B
253 B
Fetch
General
Full URL
https://adalliance.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Flohrasp.tak028.top%2F&fpid=c63e606c-cc03-4a84-9e29-7ad7b0588fc0&gdpr_applies=0&consent_string=undefined
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.78.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-78-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b7d6003f223402927ad31632703d9cf321b6337768f2313c28e37bd3f0c88d44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://lohrasp.tak028.top
date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
targeting
adalliance.profiles.tagger.opecloud.com/v1/
74 B
252 B
Fetch
General
Full URL
https://adalliance.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Flohrasp.tak028.top%2F&fpid=c63e606c-cc03-4a84-9e29-7ad7b0588fc0&gdpr_applies=0&consent_string=undefined
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.78.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-78-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b7d6003f223402927ad31632703d9cf321b6337768f2313c28e37bd3f0c88d44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://lohrasp.tak028.top
date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
pbfs.gif
tagger.opecloud.com/adition/
Redirect Chain
  • https://adalliance.tagger.opecloud.com/adalliance/v2/pixel.gif?url=https%3A%2F%2Flohrasp.tak028.top%2F&ref=&tref=&tz=10&screen=1600x1200x24&visiturl=https%3A%2F%2Flohrasp.tak028.top%2F&dcRegion=us-...
  • https://adalliance.tagger.opecloud.com/adalliance/v2/pixel.gif?e=%5B%5D&tref=&url=https%3A%2F%2Flohrasp.tak028.top%2F&tz=10&trackability-redirect=true&visiturl=https%3A%2F%2Flohrasp.tak028.top%2F&r...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fadalliance.tagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dadalliance%26state%3D2-7vc3XAEbXvZ1ts%252FnWjtycXwI3ObtZDJiRWRgM2o%253D%26puid%3D%24UID
  • https://adalliance.tagger.opecloud.com/appnexus/pbfs.gif?source=adalliance&state=2-7vc3XAEbXvZ1ts%2FnWjtycXwI3ObtZDJiRWRgM2o%3D&puid=5331408649650564158
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-dboQHwV3wGTaQOu0GNX7pjpKHiiO19T0c7%252FtH6c%253D%26source%3Dadalliance&puid=%25%25TDID%25%25
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-dboQHwV3wGTaQOu0GNX7pjpKHiiO19T0c7%252FtH6c%253D%26source%3Dadalliance&puid=%25%25TDID%25%25
  • https://tagger.opecloud.com/tradedesk/pbfs.gif?puid=ad3353fc-1e81-4fba-ba96-118a4a9c143a&state=2-dboQHwV3wGTaQOu0GNX7pjpKHiiO19T0c7%2FtH6c%3D&source=adalliance
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-YE4s2mfW7ZDBGfPl6Y4SDdUdIQ0WOPuYEJK7Ozs%3D&source=adalliance
  • https://tagger.opecloud.com/dbm/opecs.gif?state=2-YE4s2mfW7ZDBGfPl6Y4SDdUdIQ0WOPuYEJK7Ozs%3D&source=adalliance&google_gid=CAESEDItrUlstUKSPSRqirrPbes&google_cver=1
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Ftagger.opecloud.com%2Fadition%2Fpbfs.gif%3Fsource%3Dadalliance%26state%3D2-5rdlMlKsGaTc2%252BQpdb0kzFGFosUl1bX%252F%252B1tU4eA%253D%26...
  • https://tagger.opecloud.com/adition/pbfs.gif?source=adalliance&state=2-5rdlMlKsGaTc2%2BQpdb0kzFGFosUl1bX%2F%2B1tU4eA%3D&puid=7307967827176061083
35 B
211 B
Image
General
Full URL
https://tagger.opecloud.com/adition/pbfs.gif?source=adalliance&state=2-5rdlMlKsGaTc2%2BQpdb0kzFGFosUl1bX%2F%2B1tU4eA%3D&puid=7307967827176061083
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Server
52.57.216.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-216-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:07:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
51
expires
0

Redirect headers

Location
https://tagger.opecloud.com/adition/pbfs.gif?source=adalliance&state=2-5rdlMlKsGaTc2%2BQpdb0kzFGFosUl1bX%2F%2B1tU4eA%3D&puid=7307967827176061083
Date
Sat, 02 Dec 2023 12:07:33 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/
432 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31079857
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 04:29:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
27488
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138184
x-xss-protection
0
server
cafe
etag
495798054771589180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 01 Dec 2024 04:29:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
69 B
84 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lohrasp.tak028.top
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de409ea7f87a69d59145f99737e1a033d76ce01072b46407cbcc501d18dc7af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60
x-xss-protection
0
expires
Sat, 02 Dec 2023 12:07:31 GMT
2x2
ad.yieldlab.net/d/7053371/5459/ Frame 7344
22 B
406 B
Script
General
Full URL
https://ad.yieldlab.net/d/7053371/5459/2x2?ts=1672748634&consent=
Requested by
Host: ad.yieldlab.net
URL: https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.07006235078218537&type=h
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.125.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-125-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
977db676822d169898477bb8d00fad87112543cb4ad505a1cc6a864a0fe7cad5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.07006235078218537&type=h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:07:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Dec 2023 12:07:31 GMT
m
ad.yieldlab.net/ Frame 7344
0
400 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=739302&ext_id=1&gdpr_consent=
Requested by
Host: ad.yieldlab.net
URL: https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.07006235078218537&type=h
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.125.152 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-125-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.07006235078218537&type=h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:07:31 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Fri, 01 Dec 2023 12:07:31 GMT
3493
config.aps.amazon-adsystem.com/configs/
505 B
782 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3493
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-80.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
d391a2dc0b520e0c727366dfce929480854c3c01477ee9560b233b698948ff93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:04:55 GMT
via
1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
156
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
LYbU0zoorEfTE8byZ72eQNA7bRvA9JtXWFEGWPgXSzC5LH3j_qUrhw==
config
c.amazon-adsystem.com/cdn/prod/
0
312 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3493&u=https%3A%2F%2Flohrasp.tak028.top
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:20:46 GMT
via
1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD89-C1
age
2805
x-cache
Hit from cloudfront
access-control-allow-origin
https://lohrasp.tak028.top
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
dC7eOtT3obyDWSJGKKw0sdyW5EVuus2cRzXjpQ4A90q0vw7kE_Nneg==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
465 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3493&u=https%3A%2F%2Flohrasp.tak028.top%2F&pid=1P9DGLqBLTuSw&cb=0&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22skyscraper_1%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_4%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_5%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_6%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_7%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_8%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22skyscraper_3%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.1.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-1-134.iad12.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P3
x-amz-rid
Y1W7MWZY08C6NNDXYHSA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://lohrasp.tak028.top
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
WcuR8863ks1Ol7I8dGoTYtXJ0U99_wlWIGZlD5QR80_JdG8KmjZzmg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-27.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:32 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 14d757a67b913f1bc93427e69819362c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
p4W0HlGYxNr3gayIiSEAK1LGKK3M4exVIqeHVAgNth6o0uCKgxllzQ==
default.js
ups.xplosion.de/loader/86497/
Redirect Chain
  • https://dyn.emetriq.de/loader/86497/default.js?_&0.6914363634872771&
  • https://ups.xplosion.de/loader/86497/default.js?_&0.6914363634872771&
867 B
1 KB
Script
General
Full URL
https://ups.xplosion.de/loader/86497/default.js?_&0.6914363634872771&
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Server
52.215.116.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-116-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8ca54f5e05f284f2494a48a83c9b3a9d0361888b207c63245a16a23be8e140e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Dec 2023 12:07:32 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
867
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"

Redirect headers

location
https://ups.xplosion.de:443/loader/86497/default.js?_&0.6914363634872771&
date
Sat, 02 Dec 2023 12:07:32 GMT
server
awselb/2.0
content-length
134
content-type
text/html
truncated
/ Frame F9AD
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
077ba938ff318757207c5d86d31e78a8836d1d342c8ba8b3b2cc2557eb495839

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F9AD
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd6cb9c3211dc5164c313cb9139107b3a5dfc6d614873f0e9289325f79c5920c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F9AD
32 KB
32 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c

Request headers

Referer
Origin
https://sp-spiegel-de.spiegel.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ Frame F9AD
38 KB
38 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4

Request headers

Referer
Origin
https://sp-spiegel-de.spiegel.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ Frame F9AD
39 KB
39 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5

Request headers

Referer
Origin
https://sp-spiegel-de.spiegel.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
font/woff2
ads
securepubads.g.doubleclick.net/gampad/
1 KB
390 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1563616819397597&correlator=2288793951593239&eid=31079857%2C31079527&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&gdpr=0&iu_parts=6032%3A22337032985%2Cspon_dt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C800x250%7C728x600%7C970x250%2C160x600%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701518852604&lmt=1701518852&adxs=280%2C1300&adys=237%2C245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flohrasp.tak028.top%2F&vis=1&psz=1020x-1%7C300x-1&msz=0x-1%7C160x-1&fws=644%2C644&ohw=1600%2C1600&ga_vid=556921324.1701518853&ga_sid=1701518853&ga_hid=1021307417&ga_fc=false&dlt=1701518849148&idt=2694&prev_scp=pos%3D1%26adPositionName%3Dwallpaper_1%26slotid%3Dwp1%26optout%3D0%7Cpos%3D1%26adPositionName%3Dskyscraper_1%26slotid%3Dsk1%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cust_params=ind%3Dyes%26scrw%3Dl%26zm%3D100%26ab%3Db%26anchor%3D0%26host%3Dtak028.top%26idrep%3Dja_windows_desktop%26kw%3Dnextgen%26bb%3Dno%26gallery%3Dno%26logcrt%3D0%26logap%3D0%26logjp%3D0%26logcwi%3D0%26dabu%3D0%26fp%3Ds%26spmtp%3Dcenterpage%26exclude%3Ddouble%26logamz%3D1%26emq_g_rt%3D%26emq_a_rt%3D%26emq_s_rt%3D%26emq_bi_rt%3D%26emq_bs_rt%3D%26emq_re_rt%3D%26emq_ne_rt%3D%26emq_in_rt%3D%26emq_li_rt%3D%26emq_bus_rt%3D%26emq_fam_rt%3D%26emq_hf_rt%3D%26emq_hg_rt%3D%26emq_fs_rt%3D%26emq_all_rt%3D%26logyl%3D1%26pegasus%3D0%26j4%3D2%26j5%3D10%252C12%252C15%252C6%26dp4%3D3%26bj4%3D2%26bj5%3D6%252C10%252C12%252C15%26dp5a%3D4%26dp5%3D4%26dp5b%3D3%26dp5c%3D3%26dp5d%3D3%26ipteid%3D307053bd-0537-406e-a36a-03cd485723b1&adks=872976239%2C352836094&frm=20
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31bb7607cd213c03f5296395f808732ab72d6556741d6328e9dc37ee0da45f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lohrasp.tak028.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
827c5654691d7b8307975fd424bbb8c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A50C
6 KB
3 KB
Document
General
Full URL
https://827c5654691d7b8307975fd424bbb8c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lohrasp.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 12:07:32 GMT
expires
Sun, 01 Dec 2024 12:07:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p.min.js
cdn.xplosion.de/adp/profiling/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://cdn.xplosion.de/adp/profiling/1.0.0/p.min.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20aa:c00:e:29d5:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f192b52f249f5c4fad0cf86aa4cb0cce6b55d6ec72f706eacf8bb5defb6d317

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
lVWdVlgr0qFDIbVhvuXuxya2BcB5zCGX
content-encoding
gzip
via
1.1 c242c974a465288488c7876cabca7752.cloudfront.net (CloudFront)
date
Sat, 02 Dec 2023 02:53:08 GMT
last-modified
Mon, 20 Nov 2023 13:45:06 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C2
age
33266
x-amz-server-side-encryption
AES256
etag
W/"0c81a4ff07585e457c47fc3a43e4c08b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
Tjr8U2Rr2092gEg2GEeISSyXYOVwTOd0LpOT8BLODg9Cl6pqc_Yr-g==
ads
securepubads.g.doubleclick.net/gampad/
2 KB
211 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1563616819397597&correlator=2288793951593239&eid=31079857%2C31079527&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&gdpr=0&iu_parts=6032%3A22337032985%2Cspon_dt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C800x250%7C970x250%2C200x200%2C320x50%7C728x90%7C800x250%7C970x250%2C320x50%7C728x90%7C800x250%7C200x200%7C970x250%2C320x50%7C728x90%7C800x250%7C200x200%7C970x250%2C320x50%7C728x90%7C800x250%7C970x250%2C320x50%7C728x90%7C800x250%7C970x250%2C123x234&fluid=height%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D14a46096e6875ec2%3AT%3D1701518852%3ART%3D1701518852%3AS%3DALNI_MYy_OeNLZ4zR230vXepRKMnWeWV1Q&gpic=UID%3D00000da52dae5ee3%3AT%3D1701518852%3ART%3D1701518852%3AS%3DALNI_MauNdy6KFnEv2IK0VGdYMGxS7Tf6A&abxe=1&dt=1701518852792&lmt=1701518852&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C0&adys=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C28838&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C1&ucis=3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flohrasp.tak028.top%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=644%2C644%2C644%2C644%2C644%2C644%2C644%2C644&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=556921324.1701518853&ga_sid=1701518853&ga_hid=1021307417&ga_fc=false&dlt=1701518849148&idt=2694&prev_scp=pos%3D3%26adPositionName%3Dsuperbanner_3%26slotid%3Dsb3%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D31%26adPositionName%3Dmarktplatz_1%26optout%3D0%7Cpos%3D4%26adPositionName%3Dsuperbanner_4%26slotid%3Dsb4%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D5%26adPositionName%3Dsuperbanner_5%26slotid%3Dsb5%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D6%26adPositionName%3Dsuperbanner_6%26slotid%3Dsb6%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D7%26adPositionName%3Dsuperbanner_7%26slotid%3Dsb7%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D8%26adPositionName%3Dsuperbanner_8%26slotid%3Dsb8%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D121%26adPositionName%3Dbrandlift_1%26optout%3D0&cust_params=ind%3Dyes%26scrw%3Dl%26zm%3D100%26ab%3Do%26anchor%3D0%26host%3Dtak028.top%26idrep%3Dja_windows_desktop%26kw%3Dnextgen%26bb%3Dno%26gallery%3Dno%26logcrt%3D0%26logap%3D0%26logjp%3D0%26logcwi%3D0%26dabu%3D0%26fp%3Ds%26spmtp%3Dcenterpage%26exclude%3Ddouble%26emq_g_rt%3D%26emq_a_rt%3D%26emq_s_rt%3D%26emq_bi_rt%3D%26emq_bs_rt%3D%26emq_re_rt%3D%26emq_ne_rt%3D%26emq_in_rt%3D%26emq_li_rt%3D%26emq_bus_rt%3D%26emq_fam_rt%3D%26emq_hf_rt%3D%26emq_hg_rt%3D%26emq_fs_rt%3D%26emq_all_rt%3D%26logyl%3D1%26pegasus%3D0%26j4%3D2%26j5%3D10%252C12%252C15%252C6%26dp4%3D3%26bj4%3D2%26bj5%3D6%252C10%252C12%252C15%26dp5a%3D4%26dp5%3D4%26dp5b%3D3%26dp5c%3D3%26dp5d%3D3%26ipteid%3D307053bd-0537-406e-a36a-03cd485723b1%26logamz%3D3%26czp%3D33132%26cst%3DFlorida%26clientseg%3Dfg%252Cfh%252Chz%252C3w%252Cu%252Cv2%252C52%252Cnl%252Cnm%252Cq0%26clienttc%3D&adks=2933506286%2C671742417%2C2933506257%2C1998842777%2C1998842782%2C2933506258%2C2933506261%2C1921587896&frm=20
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02c12ce13cea3deb3ebbc92e7326451123c5be5dfd0352a3e0de1e73fd3c30a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lohrasp.tak028.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
302 B
152 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1563616819397597&correlator=2288793951593239&eid=31079857%2C31079527&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&gdpr=0&iu_parts=6032%3A22337032985%2Cspon_dt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&eri=1&sc=1&cookie=ID%3D14a46096e6875ec2%3AT%3D1701518852%3ART%3D1701518852%3AS%3DALNI_MYy_OeNLZ4zR230vXepRKMnWeWV1Q&gpic=UID%3D00000da52dae5ee3%3AT%3D1701518852%3ART%3D1701518852%3AS%3DALNI_MauNdy6KFnEv2IK0VGdYMGxS7Tf6A&abxe=1&dt=1701518852814&lmt=1701518852&adxs=0&adys=28838&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flohrasp.tak028.top%2F&vis=1&psz=1600x-1&msz=0x-1&fws=644&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=556921324.1701518853&ga_sid=1701518853&ga_hid=1021307417&ga_fc=false&dlt=1701518849148&idt=2694&prev_scp=pos%3D1%26adPositionName%3Doop_1%26slotid%3Doop1%26optout%3D0&cust_params=ind%3Dyes%26scrw%3Dl%26zm%3D100%26ab%3Do%26anchor%3D0%26host%3Dtak028.top%26idrep%3Dja_windows_desktop%26kw%3Dnextgen%26bb%3Dno%26gallery%3Dno%26logcrt%3D0%26logap%3D0%26logjp%3D0%26logcwi%3D0%26dabu%3D0%26fp%3Ds%26spmtp%3Dcenterpage%26exclude%3Ddouble%26emq_g_rt%3D%26emq_a_rt%3D%26emq_s_rt%3D%26emq_bi_rt%3D%26emq_bs_rt%3D%26emq_re_rt%3D%26emq_ne_rt%3D%26emq_in_rt%3D%26emq_li_rt%3D%26emq_bus_rt%3D%26emq_fam_rt%3D%26emq_hf_rt%3D%26emq_hg_rt%3D%26emq_fs_rt%3D%26emq_all_rt%3D%26logyl%3D1%26pegasus%3D0%26j4%3D2%26j5%3D10%252C12%252C15%252C6%26dp4%3D3%26bj4%3D2%26bj5%3D6%252C10%252C12%252C15%26dp5a%3D4%26dp5%3D4%26dp5b%3D3%26dp5c%3D3%26dp5d%3D3%26ipteid%3D307053bd-0537-406e-a36a-03cd485723b1%26logamz%3D3%26czp%3D33132%26cst%3DFlorida%26clientseg%3Dfg%252Cfh%252Chz%252C3w%252Cu%252Cv2%252C52%252Cnl%252Cnm%252Cq0%26clienttc%3D&adks=4225619084&frm=20
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
481dd610aa70584db5d7a7d41ee5e646cf2f9bbecedcb50414767fba7f2a376b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lohrasp.tak028.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
data
ups.xplosion.de/
1 KB
2 KB
Script
General
Full URL
https://ups.xplosion.de/data?title=DER%20SPIEGEL%20%7C%20Online-Nachrichten&hostSiteUrl=https%3A%2F%2Flohrasp.tak028.top%2F&userAgent=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&userLang=en-US&color=24&os=Win32&timezone=10&screen=1200x1600&agent_class=browser&event_id=page_view&gdpr=0&gdpr_policy=4&gdpr_consent=undefined&gdpr_success=1&gdpr_path=v2&gdpr_is_ifr=false&gdpr_cmp_loc_2=true&gdpr_applies=0&gdpr_cmp_status=loaded&gdpr_event_status=tcloaded&_rfs=1&_sid=86497&_ver=1.0.0&_seg=jsonp&_=976884724152
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.116.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-116-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0f85443c21a36d41e284665cf453cabc27037b19f503b8b5fe55676382866101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Dec 2023 12:07:32 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
1429
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"
event
adalliance.dcapi.tagger.opecloud.com/ingest/ Frame
0
0
Preflight
General
Full URL
https://adalliance.dcapi.tagger.opecloud.com/ingest/event?fpid=c63e606c-cc03-4a84-9e29-7ad7b0588fc0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.101.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-101-17.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.8 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lohrasp.tak028.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://lohrasp.tak028.top
access-control-max-age
1800
content-length
0
date
Sat, 02 Dec 2023 12:07:33 GMT
server
akka-http/10.2.8
custom-no-tagger
adalliance.tagger.opecloud.com/adalliance/v2/
35 B
414 B
Image
General
Full URL
https://adalliance.tagger.opecloud.com/adalliance/v2/custom-no-tagger?type=emetriqSegments&url=https%3A%2F%2Flohrasp.tak028.top%2F&ref=&tref=&id=&cmpstatus=gdprdoesnotapply&fpid=c63e606c-cc03-4a84-9e29-7ad7b0588fc0
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.216.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-216-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
950716303d22b34eb1526bc6aab7e65223899e8d3538938a271a9084bcd51bb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:07:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
p3p
CP="ADMa OUR IND DSP NON COR"
cache-control
no-cache, no-store, must-revalidate
content-length
52
expires
0
event
adalliance.dcapi.tagger.opecloud.com/ingest/
2 B
168 B
XHR
General
Full URL
https://adalliance.dcapi.tagger.opecloud.com/ingest/event?fpid=c63e606c-cc03-4a84-9e29-7ad7b0588fc0
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.101.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-101-17.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.8 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://lohrasp.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://lohrasp.tak028.top
date
Sat, 02 Dec 2023 12:07:34 GMT
access-control-allow-credentials
true
server
akka-http/10.2.8
content-length
2
content-type
text/plain; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311290101&st=env
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59e542c13faf015e87763c601731f70e8fd48dccbf1802de37af72f66f237e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12218
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 12:07:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F556
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lohrasp.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
4628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 10:50:26 GMT
expires
Sun, 01 Dec 2024 10:50:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 74AB
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: lohrasp.tak028.top
URL: https://lohrasp.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62b0e07c0ac3ab67038532b8c4ab0cf8a2b37a1204a1faa46181dd97ad04f8e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LyCXRDsmsbYu30RqIQ5EVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lohrasp.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LyCXRDsmsbYu30RqIQ5EVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 12:07:34 GMT
expires
Sat, 02 Dec 2023 12:07:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F556
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 05:39:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
23286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 05:39:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 74AB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311290101&jk=1563616819397597&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame F556
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?QPRayA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:07:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311290101&jk=1563616819397597&bg=!lpWlldrNAAY3kmNgF5I7ADQBe5WfOKQbJbtHblY5aIynJacfJjFUBAwAdZz5VRm3Kmajv8Wt7uFCm5DOvDKQRRpKonNVAgAAAFtSAAAAA2gBB5kCwIKjDiLVEr3GwO3039dKfgTwz0koVgBvYFI0YKoCfw3PWvRKOR2zXxsPD4M8WDzRoVP81_0UqEdt62X1swO7ajegdmOiIGM5sr0nXDaev6cwTJkGNUPmz8A89iYoAG2ZSVfQKzpfieJVy9dtO5Hbn_IGgGLwCWZSUMbfFeFaz3nL94tgPfTakGElxA9V6v4uMMlxfh8RYarJmL0WGuVDZl0B-FpK0LB9sbFC14RxmiEhdPdahpUoWQ6fC6tJlCm8dEv2TRRnK1if_pzDdvdJ1aeujCPxCFTa03_Gof3UDYKdKiG7mg9oVL87yrMDbpdXMKd_iDtBZ-UALaMZz_i4X74ENcymnxmOq1gr_FY_hU4L0I5qd4PFbZ_rqDxe7e7nmchlXqFlhhKSkxfsUTfd4z3Qw1_vQHIW5yNBO4egjQkIYRbngUFtT2fPjYhtswfqzS-_NtIvAoqFWav8bFISNPOHueSEU_baNA7pnOvfrbrbyPYcADt7e5HlEER8MR13fh7CFTlUb_HtOugyQv2rmG3gcokpI-XcZbBffaw1PtI0FkyO59Wi5m_TPSEpPAnszWQQDmtPsVbD2W-PtjiLEjvacahMnO8UptTvKgweDhe1w4Q_s-ixTjL3mriDR6C6pXpIvf0zriUsg9LYQxtNsva2He_mh4Ts718OT4ojvck3nPMzok_YxwLHMadbYwtViWzMPXQ2E3eH2M_C6mdctM1_6-MaCrgS3KwMkCRWm4xfQGOmGzLWPtcJPRnAZ9XTC2zUpvV0E_PiMY9Rjmpm6oZvIne1-Ho0KRNvo17F1qHFhSOCpzcFAhrrwxoQYsfgxTAFhKrVX4v6w6oGugsDhDTbkJFy8w_m-2jVup9PS1zJrSFlRKUNWguIuV3r_LGr8Qx_Qqqc93_BMzH8Ojm-xwPX6yX9I7f8-3DZQn6_Bkrz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohrasp.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| event object| documentPictureInPicture function| _typeof function| __tcfapi undefined| match undefined| minVersion undefined| version undefined| ua undefined| isOSSupported boolean| isBrowserSupported object| webpackChunksource object| SARAs_data object| polygon object| GujAd object| GujAdPositions function| PYRZBdd function| UABPreloaded object| jczuaCln object| jczuaClne object| jczuaClni boolean| jczualsn object| jczua63fFlags string| jczua817Rnd boolean| videoScriptIsAlreadyExecuted function| UABPVreloaded function| callNextAdTag object| jczuadb1ctc object| Alpine number| lastVolume object| _sp_queue object| _sp_ boolean| jczua997sdl boolean| jczua997sdln string| jczuadb1cgenat string| jczuadb1csthash string| jczuadb1cDomain boolean| jczua7c1forceimp object| jczuasc boolean| jczua6a8Body boolean| jczua4d9Detect object| jczua78eMobile object| jczuadb1c1 object| jczuadb1co1 object| jczuadb1co1a object| jczuadb1co2 object| jczuadb1co3 object| jczuadb1co3a object| jczuadb1c2 number| jczuadb1cd3 object| jczuadb1c4 object| jczuadb1c5 boolean| jczua762ij object| _sp_wp_jsonp object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| targetGlobalSettings object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| track_tag object| events function| handler function| EngagementTracker object| stats function| PodWatcher function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s object| MoltenBundle object| MoltenTopRequire boolean| PrivacyLoaded object| AdALoaderV2 object| $AC boolean| MoltenTopLoaded boolean| AdADMPLoaded function| ope boolean| GUJAD_DEBUG object| EmsAd object| EmsGuj object| autoNative2 object| opeCustomEvents object| autoNative object| googletag object| yl object| apstag boolean| jczuae50Track function| BlockAdBlock object| blockAdBlock object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing object| _enqAdpParam number| google_unique_id object| gaGlobal object| _EQLService object| _EQPScript object| _EQPService object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
.tak028.top/ Name: AMCVS_79655FCF5C1D42160A495E15%40AdobeOrg
Value: 1
.tak028.top/ Name: AMCV_79655FCF5C1D42160A495E15%40AdobeOrg
Value: -130454370%7CMCIDTS%7C19694%7CMCMID%7C11605881965860596529047013637562221843%7CMCAID%7CNONE%7CMCOPTOUT-1701526051s%7CNONE%7CvVersion%7C5.5.0
lohrasp.tak028.top/ Name: uuidpd
Value: 13100d39-f186-465d-8362-8b6f9c9b3712
lohrasp.tak028.top/ Name: consentUUID
Value: dc222b82-0db2-4745-bb7b-83f6c53d3e89
.adnxs.com/ Name: uuid2
Value: 5331408649650564158
te.technical-service.net/ Name: tecm
Value: "AgtZOHOs-2hmtWRLYRI5gpUaDbB65FL5DSVHY912vWeVhhYF_GTqwpVFB8fd6_OQVY9WrWGpSgA7sIrI1G-gR18veZH8MFx6hZ8gwDGqcTbSdwHU_IgFPwad2HMVpwpYydpmynz-j1lxHF5bUXJzV7nqaGvw-bPXXaju0_DDQsSJLTmLyygJ1ZFQr4-702AbapP08h5F6RZatXPd45mrvY4et1CBbaRT7hm0Rh8n9xmj7m9iT1juaOJKLcC4eyIXc7zUgoYRc4rmCiW_eEX67ptTjIV09vvARggkWgO6-ZKgbS5N2Qqi-wJUYGAAFYQWcbTJF5YYEXnXdv0KQvo9RfXaZ38mZL4-IqMNKuxwpOoouC7h5T_iI8B4p3g-rhK0_5SIhccBwtWGa8qP7wG4k_nekv6lf4Yz7BxCT-iiWB52lYSdJ1fZKuoITr2R7Y3wQ4IOPdSXasjFZHS4poz_cBnUPWBRRia5rnD9zBk5pxGE8W0uY1MelMEW-nA="
.technical-service.net/ Name: tevs
Value: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAA
.technical-service.net/ Name: tthc
Value: 307053bd-0537-406e-a36a-03cd485723b1
.yieldlab.net/ Name: id
Value: c76c7cb3-72ac-494b-9b50-17145a9a59dc
.adsrvr.org/ Name: TDID
Value: ad3353fc-1e81-4fba-ba96-118a4a9c143a
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwj-_tXqv865PBAFOAE.
.tak028.top/ Name: __gads
Value: ID=14a46096e6875ec2:T=1701518852:RT=1701518852:S=ALNI_MYy_OeNLZ4zR230vXepRKMnWeWV1Q
.tak028.top/ Name: __gpi
Value: UID=00000da52dae5ee3:T=1701518852:RT=1701518852:S=ALNI_MauNdy6KFnEv2IK0VGdYMGxS7Tf6A
.doubleclick.net/ Name: IDE
Value: AHWqTUnhs82j2TOCTEJ-ouQa78KilaLYdI7A0E-2xoQWQfO7l8a9cK_Cq4pIoMOBQAg
.adfarm1.adition.com/ Name: UserID1
Value: 7307967827176061083
.tagger.opecloud.com/ Name: ope_uid
Value: 2-vW9PcxKJgdwPjhlgaTs/OCnIfg+Y8rVcWJJ/7gTjI4ZXX1mXFD5mxLk8JhklB06StPlubQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=2592000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

827c5654691d7b8307975fd424bbb8c3.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.yieldlab.net
adalliance.dcapi.tagger.opecloud.com
adalliance.profiles.tagger.opecloud.com
adalliance.tagger.opecloud.com
assets.adobedtm.com
bilder-a.akamaihd.net
c.amazon-adsystem.com
cdn.opecloud.com
cdn.privacy-mgmt.com
cdn.prod.www.spiegel.de
cdn.xplosion.de
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
dsp.adfarm1.adition.com
dyn.emetriq.de
ib.adnxs.com
interactive.spiegel.de
lohrasp.tak028.top
match.adsrvr.org
omny.fm
pagead2.googlesyndication.com
sams.spiegel.de
secure.adnxs.com
securepubads.g.doubleclick.net
sp-spiegel-de.spiegel.de
static.emsservice.de
tagger.opecloud.com
te.technical-service.net
tpc.googlesyndication.com
ups.xplosion.de
www.google.com
zipservice.adalliance.io
13.249.42.27
142.251.163.155
151.101.193.108
18.160.1.134
18.160.10.80
18.185.78.145
18.198.101.17
18.67.65.94
18.67.76.101
23.212.249.205
23.220.125.152
23.222.5.85
2600:1408:c400:195::1e80
2600:1408:c400:68::17db:9a51
2600:1408:c400:68::17db:9a56
2600:9000:20aa:c00:e:29d5:db00:93a1
2606:4700:10::6814:6b3e
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::67
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1b::9a
3.74.134.96
35.71.131.137
5.9.114.33
52.215.116.161
52.57.216.183
52.85.132.2
62.204.58.112
63.140.62.160
68.67.160.132
85.114.159.118
01ad95c30ab8bafb85c61826be949d9625c509f0d6ccb4ca921cfac5d87509d6
027ec9d50e541956f8be140fbc8c2b214ae44ae9405db409730311814eb9e9c9
02c12ce13cea3deb3ebbc92e7326451123c5be5dfd0352a3e0de1e73fd3c30a5
065a0f4caeadf4edd6516b5f852483cbe5c881370b4eececa4c01f02244b276a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077ba938ff318757207c5d86d31e78a8836d1d342c8ba8b3b2cc2557eb495839
08c1caa3c9865973b486795b763065327d37f241e30f43064f7779c45560a814
0a05847c3f2f5a4c4931a1fbcfca2dcd37d5d60ba1090f20a8cc3e896bf92dea
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f27bf250b76a9086dab149430370668a431e1ec8dfc28d1e91662a24fc6e3d9
0f85443c21a36d41e284665cf453cabc27037b19f503b8b5fe55676382866101
10ff0d60bfd122c6111c16a95dce08e3ac4c0c2625e9dc89df5fc1bfc20fffa3
158276d6ff64e9501a1e8ed6cf20e2d1f154425de149dbe5fbcbbdb60a326610
1b3b64353ca4f6878606cecdc4c99899031e956763ca27dade44f46f2db74893
1cd21742d03ce8fdc56a66e00db3b7f360212099ab033e6b1d335b8d056f5de3
1dfd4b968aabfe1058b714f8c54de85cec9eb55cec9d51548b4c646cb4e3463b
1e73a5652c5b8da7968ab7319bf9b216b6f8cd793d75a6cdd108b501f34c1f67
24516e1dd04fb0f1af5e87bf0f6126fb28cc160134f693fb1193c0ff271662a1
2cef7c3a34223830690814fd7c9f92ee6863f59e984be42bc6a95132be24639b
307c29ce6b7e955c2895c6f771e4bd221bbc8caed8acdbaa7d58598b25ce161b
31bb7607cd213c03f5296395f808732ab72d6556741d6328e9dc37ee0da45f72
32f9db0a1a05fd7e7bdbc75f42c15a5beae9053150de7c005f02c7a8397daae4
331d866a911b6978849e8239e720b1e82e43014aadb74978cab4e5d3b2b78671
337b55f5dca7e0300948455aede7ca245935b0652c0e5cbec49d801599ba5ebf
34e62b970ab1831e45441dd0711026f99216315b038935e1040b658bc8ed0a14
35e1ca516492f5d721502a1f38f387fb0459469d57573c7137f0dd9018cd1207
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
4285ac395a438cdc6ba800a527f32d7872c3f6de7ed3deac592f521390a7d1e6
4641263e04dff132a7f1e4d225ed41f609a718b875d9749c30cef4c81c17799e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469690dfd142afa3744ab4911e65e2379d6add7844a25db8aaaf0e65f749db8e
46e760fc451ec1d97dbb15df7f60d42432c0ead75672f72531e7087aa0fb3d88
481dd610aa70584db5d7a7d41ee5e646cf2f9bbecedcb50414767fba7f2a376b
4986cfef70f57a3c524b749439a2b5b35be0f0fd2b18280dabe09bb721ce3c43
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c
4ed5ab0855b6eb557dc4fc3349c8e3201842db7cc0c006fef8186eff6d528289
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5210293519f5db380225ea20bb7e5d0a2735c2661a8f88e1078d37902e321820
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560264c04c8234afbce89f4b26d6009ee64d5d18cad14992f9a473fee1ec152c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57eeb107b9dbf422afc78fc05a607694c9baa44f422ae2a2272d94a523e60f2c
59ab45cac565b156740051d68e8b7148e861aa5374e62b45204a68a77316d41d
59e542c13faf015e87763c601731f70e8fd48dccbf1802de37af72f66f237e75
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5
5eb17b019e3f8dab490647d1727b304a04516859089e7562362eab3f8e765e00
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624aa195716c9815c3236f3fef49383dbced2596c7430bb4069ec4e323e30239
62b0e07c0ac3ab67038532b8c4ab0cf8a2b37a1204a1faa46181dd97ad04f8e7
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b685658dd4cecaeab3aea68dede5fc08f0f8d8b199180f93006e20882b18082
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6f37ab119551d439d8d282dff2a6927fa9e95beb49115819403dfedda20edaaf
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
787420847ce82c0b7469a668d8f3b733d1af6e7c3e08f82c8476f863d5205bf0
7f943470ac510b922aca5671c2f7629dd56daf7941e16724df80f0c3c8768c06
8109d7f45b41af473bc04a75c7875a2cdefc989d1fd201173dd173141bae95a7
813947ddc6405f4e35f985440cb938198a83d8d895a62ace5076b267b3120dc3
837e6551a9b6940aabe1e53842fa1cc933cdc240ff599b74d343687e10da3b10
83d499d63224ad99634f9bbc0914f3a2393da23359a7e2dc950457ce13014d7f
85ee1ac97ae6b32a5286dea08f65adf7a35694d48784b8fe9d762b0160bdff5c
8ca54f5e05f284f2494a48a83c9b3a9d0361888b207c63245a16a23be8e140e4
8d8281f67004dd29f3ee6ae1ec40489f79b4e6c6f98d6e2042ded26126148d2b
8f192b52f249f5c4fad0cf86aa4cb0cce6b55d6ec72f706eacf8bb5defb6d317
8f7eaea2c1460c5447d090193cec088be298fcc777cfd4ee6aa006dfa64d358a
950716303d22b34eb1526bc6aab7e65223899e8d3538938a271a9084bcd51bb9
96027e0b03463d27e3c6f815149f5ce075dccfeb06b6f7935aa876b40b6664ef
977db676822d169898477bb8d00fad87112543cb4ad505a1cc6a864a0fe7cad5
a03b7af602fa9d955c4954c02f4bb2fa03311083bf4e138f77eebb471b2fd935
a403e92b80cb0b9d999f9a38ff33a86b7b832f15bdac0da35949db2938920bb9
a8743628c7b7732ffaa9cb69c3ed9f906f378a2710d43371f0a10c08b37fc52f
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9
ae2e8470977c2f977f5255093f2167fed30305361a29a1c9c229afef2aed6ac9
b74ea72c4f6103c31606e7918ea026b8b14c4b4579910f08440a815f0620ec7b
b7d6003f223402927ad31632703d9cf321b6337768f2313c28e37bd3f0c88d44
b82b44bf65db27b74faae64a4194920919d08f0fb311d56da55d5f9d27cb3e3e
be94a6295277a3ec39c70cdfba958062d07d07e1ad61d1e35e679ba9d1970b18
c054a1f854b682947214e3245f5721f4e9dea0dc4669e3ec480521599beb1060
c6a94dbcbc21076862a94ff3b6411e14b2199db566e97ba427f0a84e570a4a95
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180
c8021c17932ea41e5e8fd0db9af0202110f5156eab8f2473eb2eb3e650c5e2d0
c8781a2a3d250e769c7264d57b2836a9e180d5452e9212d6d51d1ea4093ffd45
c931dec2166efa07832b7cdb52ff3e3f00ffe7a3c3563b4db8b762a1e096a08e
cb305d4e4a38aecc9bd5dae4ccb92cf983ff2582d9a2541ea6b489cea9792a65
ccd368d2cc4e1eb0f3a2b0bb1be416ff3bd3e21c0900154c21eb9cbddbad472e
d391a2dc0b520e0c727366dfce929480854c3c01477ee9560b233b698948ff93
d998fb5f5c9aff497598fcf5704f1c5f4731cdb9b0fdb4c930311baaa41e0aaf
d9f1dcff795fb3edeb001c9e566ccb85edfc7e174cd0cc0e4d05766bd534eb2a
db0133036797b0b58666bdd362d018ebcee660fc31e94e93659e03572bb77676
db038ead1a7102425b895809d65ca3e6d9521ff4399229497ae9a575f3cfaf30
db3441ba23a1a6907788e4263e988da2c39042abf28e46cea68f19d959610476
de409ea7f87a69d59145f99737e1a033d76ce01072b46407cbcc501d18dc7af6
df73f4b9c8590be28d0b642b1b10b224f13fc1497089b57e78b829c7c78a3e75
e13911b55e63800e1fd4fd89ba3a333107c7b04d7906b385da4ee38d4a105588
e259ff19f7a1d952eec7d0035c8d685ee6305fb56d17d697f5d9ec65b860484a
e34e3767438924f7a921fe6e947f831717a0f9905343f5941b2fb108fe8762d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e461ec99a1d40286ccdb0e737880e244c8e6dbb509f2a62e117a74e8a2c03065
e623198d33f383cf5bc971100ea3596389d1c94d417841fd9fd3b90831e78612
e9f8ff23866bd848fe7ef4a4a38d85ced44742a5aad5c9f0b53f68bc5ea836b4
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492
effea39115f8e678dcd549082abcbe0402c7729cee6591e8dec3ce27857fab27
f90a5f8301aeffcf946f92c5059191703f269d82bdd5be8302b8cc8be963cc6a
f9d890f6c6e525a34f5268ed07841bb790109871ff780db21cbfe8348be7f98d
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
fd6cb9c3211dc5164c313cb9139107b3a5dfc6d614873f0e9289325f79c5920c
ff3e82c0365229a9f962f063a601da8eee495129132628a8a9c5a6e13eab98ce