abo.spiegel.de Open in urlscan Pro
128.65.210.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://expercab.com/
Effective URL:
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7...
Submission: On January 17 via api (January 17th 2022, 5:05:32 am UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 26 domains to perform 78 HTTP transactions. The main IP is 128.65.210.191, located in Frankfurt am Main, Germany and belongs to LINK11 Link11 GmbH, DE. The main domain is abo.spiegel.de. The Cisco Umbrella rank of the primary domain is 154602.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 16th 2020. Valid for: 2 years.

This is the only time abo.spiegel.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	81.17.29.150 81.17.29.150	51852 (PLI-AS) (PLI-AS)
2	52.20.219.89 52.20.219.89	14618 (AMAZON-AES) (AMAZON-AES)
1	52.218.36.122 52.218.36.122	16509 (AMAZON-02) (AMAZON-02)
2	3.126.48.135 3.126.48.135	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3033::6815:daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.26.99.247 185.26.99.247	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
15	128.65.210.191 128.65.210.191	34309 (LINK11 Li...) (LINK11 Link11 GmbH)
10	2a02:26f0:fb:... 2a02:26f0:fb:59e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	34.250.101.202 34.250.101.202	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	51.77.7.80 51.77.7.80	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:2156:0:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.50.85.221 52.50.85.221	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	54.170.22.84 54.170.22.84	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
1 2	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
10	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2.21.141.186 2.21.141.186	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	54.194.244.117 54.194.244.117	16509 (AMAZON-02) (AMAZON-02)
78	31

1 81.17.29.150 (Zurich, Switzerland) 1 redirects

ASN51852 (PLI-AS, PA)

expercab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.219.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-219-89.compute-1.amazonaws.com

v4.s.arclk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.36.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.48.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com

jsrdtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:daf (United States)

ASN13335 (CLOUDFLARENET, US)

vipestores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.26.99.247 (Frankfurt am Main, Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde430-2.fornex.org

ad.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 128.65.210.191 (Frankfurt am Main, Germany)

ASN34309 (LINK11 Link11 GmbH, DE)

abo.spiegel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:fb:59e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.101.202 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-101-202.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.7.80 (France)

ASN16276 (OVH, FR)
PTR: read.apartena.net

read.apartena.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:0:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.85.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-85-221.eu-west-1.compute.amazonaws.com

the.sciencebehindecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

sams.spiegel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.22.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-22-84.eu-west-1.compute.amazonaws.com

sats.spiegel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.90.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.135.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.141.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-186.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.244.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-244-117.eu-west-1.compute.amazonaws.com

spiegel.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	spiegel.de abo.spiegel.de — Cisco Umbrella Rank: 154602 sams.spiegel.de — Cisco Umbrella Rank: 81114 sats.spiegel.de — Cisco Umbrella Rank: 77747	525 KB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	2 KB
10	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 497	121 KB
4	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3933 s2.adform.net — Cisco Umbrella Rank: 5692	30 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 91857	3 KB
3	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1240	3 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	1 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2353 tr.outbrain.com — Cisco Umbrella Rank: 2115	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	200 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 385	11 KB
3	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 205 spiegel.demdex.net — Cisco Umbrella Rank: 80000	5 KB
3	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14385	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5557	612 B
2	ad-srv.net 1 redirects ad.ad-srv.net — Cisco Umbrella Rank: 30986	1 KB
2	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 32669	2 KB
2	sciencebehindecommerce.com the.sciencebehindecommerce.com — Cisco Umbrella Rank: 62157	5 KB
2	apartena.net read.apartena.net	5 KB
2	vipestores.com vipestores.com	3 KB
2	jsrdtrck.com jsrdtrck.com	4 KB
2	arclk.net v4.s.arclk.net — Cisco Umbrella Rank: 159391	3 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4559	10 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	39 KB
1	admitad.com 1 redirects ad.admitad.com — Cisco Umbrella Rank: 36717	540 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	7 KB
1	expercab.com 1 redirects expercab.com	583 B
78	26

	Domain	Requested by
15	abo.spiegel.de	vipestores.com abo.spiegel.de
10	www.facebook.com	abo.spiegel.de
10	assets.adobedtm.com	abo.spiegel.de assets.adobedtm.com
3	track.adform.net	2 redirects hal9000.redintelligence.net
3	pixel.mathtag.com	hal9000.redintelligence.net
3	connect.facebook.net	v4.s.arclk.net connect.facebook.net
3	bat.bing.com	assets.adobedtm.com bat.bing.com abo.spiegel.de
3	www.awin1.com	1 redirects www.dwin1.com www.awin1.com
2	5994599.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	www.google.de	abo.spiegel.de
2	www.google.com	1 redirects abo.spiegel.de
2	tr.outbrain.com	amplify.outbrain.com abo.spiegel.de
2	ad.ad-srv.net	1 redirects v4.s.arclk.net
2	hal9000.redintelligence.net	1 redirects v4.s.arclk.net
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	sams.spiegel.de	assets.adobedtm.com
2	the.sciencebehindecommerce.com	www.dwin1.com the.sciencebehindecommerce.com
2	read.apartena.net	assets.adobedtm.com read.apartena.net
2	dpm.demdex.net	1 redirects abo.spiegel.de
2	vipestores.com	vipestores.com
2	jsrdtrck.com	v4.s.arclk.net
2	v4.s.arclk.net	v4.s.arclk.net
1	spiegel.demdex.net	assets.adobedtm.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	s2.adform.net	hal9000.redintelligence.net
1	sats.spiegel.de	assets.adobedtm.com
1	www.dwin1.com	v4.s.arclk.net
1	amplify.outbrain.com	v4.s.arclk.net
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	assets.adobedtm.com
1	ad.admitad.com	1 redirects
1	s3-eu-west-1.amazonaws.com	v4.s.arclk.net
1	expercab.com	1 redirects
78	33

This site contains links to these domains. Also see Links.

Domain
www.spiegel.de
gruppenkonto.spiegel.de
www.spiegelgruppe.de

Subject Issuer	Validity	Valid
s.arclk.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-03-26` - `2022-03-08`	a year	crt.sh
jsrdtrck.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-05` - `2022-11-04`	a year	crt.sh
abo.spiegel.de Sectigo RSA Domain Validation Secure Server CA	`2020-03-16` - `2022-06-14`	2 years	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
read.apartena.net R3	`2021-12-14` - `2022-03-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2021-07-19` - `2022-08-20`	a year	crt.sh
sams.spiegel.de DigiCert TLS RSA SHA256 2020 CA1	`2021-09-28` - `2022-10-29`	a year	crt.sh
sats.spiegel.de DigiCert TLS RSA SHA256 2020 CA1	`2021-10-08` - `2022-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
redintelligence.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
ad-srv.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Frame ID: 71ACED8EC58008E8162BE60F5D0C7029
Requests: 65 HTTP requests in this frame

Frame: https://www.awin1.com/alt.php?mid=21540&sv=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f
Frame ID: F3A4B930F7B9966B6F5F99C4F399331C
Requests: 2 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Frame ID: 538C6E4D7B2E58532CB09E195F293F59
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Frame ID: D93E765691255826951D5301F8E584F6
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3401040068211.287
Frame ID: B2E32A6080901F5D5CFEDF22E40E90FE
Requests: 2 HTTP requests in this frame

Frame: https://spiegel.demdex.net/dest5.html?d_nsid=0
Frame ID: 4624C544856D4B1C6A9CF30281CE1426
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SPIEGEL+

Page URL History Show full URLs

http://expercab.com/ HTTP 302
https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
https://jsrdtrck.com/click?trvid=22122&extid=0147b7f52e12b56f22911b32897fcb994bd04b0f04.r.1642395... Page URL
https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHU... Page URL
https://vipestores.com/links?idw=5482&subid=1gdy58xerpgx Page URL
https://vipestores.com/de/digital-services/spiegelde Page URL
https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1gdy58xerpgx HTTP 302
https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=6979120fcf16760c2932a9db2c3edff9&cl... HTTP 302
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5c... Page URL

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

78
Requests

95 %
HTTPS

33 %
IPv6

26
Domains

33
Subdomains

31
IPs

6
Countries

996 kB
Transfer

2634 kB
Size

37
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.spiegel.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://gruppenkonto.spiegel.de/bestellung.html?productid=O_NSUNUIW2S534MNARPK&awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&targetUrl=https%3A%2F%2Fwww.spiegel.de%2Fplus%2F
Title: Entdecken Sie die digitale Welt des SPIEGEL mit SPIEGEL+: Unbegrenzter Zugriff auf alle SPIEGEL+-Inhalte auf SPIEGEL.de und in der DER SPIEGEL-App Den kompletten Inhalt der gedruckten Ausgabe auch digital mit SPIEGEL+ lesen inkl. E-Paper und Digital-Archiv Bis zum 30.06.2022 inklusive kostenlosem Zugriff auf Audio+ mit der professionell vertonten Ausgabe des SPIEGEL und weiteren spannenden Audio-Formaten 1,- €/im 1. Monatdanach 19,99 €, monatlich kündbar Jetzt bestellen

Search URL Search Domain Scan URL

URL: https://gruppenkonto.spiegel.de/bestellung.html?productid=O_6ANRS6T2SYN492IRLM
Title: 3 Monate mit 50% Rabatt 10,- €/mtl. für die ersten 3 MonateDanach 19,99 €, monatlich kündbar 3 Monate lesen, länger sparen Unbegrenzter Zugriff auf alle SPIEGEL+-Inhalte auf SPIEGEL.de Wöchentlich die digitale Ausgabe des SPIEGEL, inkl. E-Paper (PDF) Jetzt bestellen

Search URL Search Domain Scan URL

URL: https://gruppenkonto.spiegel.de/bestellung.html?productid=O_NDH21HEPZC0DQXRATX&awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&targetUrl=https%3A%2F%2Fwww.spiegel.de%2Fplus%2F
Title: für alle unter 30 Jahren 0,- €/im ersten MonatDanach 11,99 €, monatlich kündbar Gratis testen, danach 40% sparen Unbegrenzter Zugriff auf alle SPIEGEL+-Inhalte auf SPIEGEL.de Wöchentlich die digitale Ausgabe des SPIEGEL, inkl. E-Paper (PDF) Jetzt bestellen Premium U30

Search URL Search Domain Scan URL

URL: http://www.spiegelgruppe.de/
Title: © 2021 SPIEGEL-Verlag Rudolf Augstein GmbH & Co. KG

Search URL Search Domain Scan URL

URL: http://www.spiegel.de/datenschutz-spiegel
Title: Datenschutz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://expercab.com/ HTTP 302
https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms Page URL
https://jsrdtrck.com/click?trvid=22122&extid=0147b7f52e12b56f22911b32897fcb994bd04b0f04.r.1642395925.c69926a4ecd157af000e554f1d329901&cpc=0.0073&sourceid=61a2d7887922af05cbb722e4&match=ron&carrier=wifi&mob_pf=windows&country=DE Page URL
https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHUwMDI2c3ViaWQ9MWdkeTU4eGVycGd4IiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ== Page URL
https://vipestores.com/links?idw=5482&subid=1gdy58xerpgx Page URL
https://vipestores.com/de/digital-services/spiegelde Page URL
https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1gdy58xerpgx HTTP 302
https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=6979120fcf16760c2932a9db2c3edff9&clickRef2=823603 HTTP 302
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://expercab.com/ HTTP 302
https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms

Request Chain 22

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642395927850 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642395927850

Request Chain 48

https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B HTTP 302
https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1

Request Chain 49

https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+ HTTP 302
https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1

Request Chain 66

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 67

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3401040068211.287 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3401040068211.287

Request Chain 72

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=873022819209&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=873022819209&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1

Request Chain 74

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro HTTP 302
https://www.google.com/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1898502190 HTTP 302
https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1898502190&ipr=y

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

0147b7f52e12b56f22911b32897fcb994bd04b0f04.r Show response
v4.s.arclk.net/api/user/
Redirect Chain

http://expercab.com/
https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVy...

2 KB
2 KB

313ms
100ms

Document
text/html

52.20.219.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.219.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-219-89.compute-1.amazonaws.com
Software: /
Resource Hash: f56cdfe2abfef107046969ff83a9bb43fef1751506f94226bd95147ab3541f61

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 17 Jan 2022 05:05:25 GMT
content-type: text/html; charset=utf-8
content-length: 2104
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
accept-ch: UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 17 Jan 2022 05:05:24 GMT
location: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
server: nginx

GET
H/1.1 200
OK ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 7 KB
7 KB 137ms
46ms Image
image/gif 52.218.36.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by: Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.36.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:27 GMT
Last-Modified: Fri, 12 Aug 2016 15:23:54 GMT
Server: AmazonS3
x-amz-request-id: EYHM4VH1KF7JWDVD
ETag: "dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 6820
x-amz-id-2: OamVQAJbiqkFCnzGzRj8kMQx+lREgF75z64d9BjGxpUf/imnus7/GVV0Fute25obWi8tg7NN9jg=

GET
H2 200 0147b7f52e12b56f22911b32897fcb994bd04b0f04.r
v4.s.arclk.net/api/product/ 227 B
378 B 137ms
137ms XHR
text/html 52.20.219.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v4.s.arclk.net/api/product/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?confirm=1bc34b6e5bdde6c590ae95245c9e63cd&size=1920000&noframe=1&tnc_ref=n%2Fa&reftaken=feed&refEqual=false
Requested by: Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.219.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-219-89.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:26 GMT
referrer-policy: no-referrer
p3p: CP="CUR NOI NID STA STP"
x-robots-tag: noindex, nofollow
content-length: 227
content-type: text/html; charset=utf-8

GET
H2 200 click Show response
jsrdtrck.com/ 1003 B
3 KB 233ms
193ms Document
text/html 3.126.48.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jsrdtrck.com/click?trvid=22122&extid=0147b7f52e12b56f22911b32897fcb994bd04b0f04.r.1642395925.c69926a4ecd157af000e554f1d329901&cpc=0.0073&sourceid=61a2d7887922af05cbb722e4&match=ron&carrier=wifi&mob_pf=windows&country=DE
Requested by: Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 40cd136a720cc6a517ea348dabf9e99ce0ab12f9b4ddb2d1a77155defc50f421

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 17 Jan 2022 05:05:26 GMT
content-type: text/html; charset=utf-8
content-length: 1003
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache

GET
H2 200 double
jsrdtrck.com/ 636 B
816 B 14ms
13ms Document
text/html 3.126.48.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHUwMDI2c3ViaWQ9MWdkeTU4eGVycGd4IiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 17 Jan 2022 05:05:26 GMT
content-type: text/html; charset=utf-8
content-length: 636
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache

GET
H2 200 links Show response
vipestores.com/ 595 B
2 KB 94ms
56ms Document
text/html 2606:4700:3033::6815:daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vipestores.com/links?idw=5482&subid=1gdy58xerpgx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b42bbb3bb25f62778c8d4090697a0bcf1e7cf0daf1f45b7e704e00b55682c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 17 Jan 2022 05:05:26 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BYijFnBnp9wlGHPhaK7FJn7R4is7Clfe8y4k3l%2FKhVvuEyTqo%2FzD3%2FQYA7eM4r0qxckw6F0LQEqMGWwW9ifnclurotbrym84ZcsDXgLvwMtNWfMf3k57mN2hYTYdcw%2FnMW%2FFIy6PFNh9hnb5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ced0c6caefd5a1f-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 spiegelde Show response
vipestores.com/de/digital-services/ 569 B
1 KB 42ms
42ms Document
text/html 2606:4700:3033::6815:daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vipestores.com/de/digital-services/spiegelde

Requested by

Host: vipestores.com
URL: https://vipestores.com/links?idw=5482&subid=1gdy58xerpgx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

723bfca6669c494744918de3d2b3124ebad3b93d26e5a76f5a681021c6e3cea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 17 Jan 2022 05:05:26 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=225C8FzFs4o9HyZGpv8%2BQ%2BFE2LaSGayss3wDh3f0xwQUOGMJC0z57UxTHTrpi30mjJM0QSdcVPAwmUomp384zF38OAm9JufUggi6FOloLBA1WLP%2B%2B6zu5ZYD%2B9yFSnJtR26FAYHokb7QTUksTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ced0c6d1f925a1f-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

Primary Request plus-einstiegsangebot Show response
abo.spiegel.de/de/c/microsites/pl/standard/
Redirect Chain

https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1gdy58xerpgx
https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=6979120fcf16760c2932a9db2c3edff9&clickRef2=823603
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14

9 KB
3 KB

880ms
861ms

Document
text/html

128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Requested by: Host: vipestores.com
URL: https://vipestores.com/de/digital-services/spiegelde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9339d196fd5a7301e5f0b9a0af5ab34790361203b18d0c1fca468c66d94792c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vipestores.com/

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 17 Jan 2022 05:15:27 GMT
cache-control: max-age=600, must-revalidate
x-cache-status: MISS
content-encoding: gzip
alt-svc: clear
server: nginx
via: 1.1 google

Redirect headers

Content-Length: 0
Location: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Allow: GET
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Mon, 17 Jan 2022 05:05:26 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2 200 nextgen-sp.css
abo.spiegel.de/de/r/35550911/css/responsive/ 242 KB
34 KB 24ms
23ms Stylesheet
text/css 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: 563994fb1b9efb27e1850f68ee2947524b0ef16cf0555890ff7965d52e0dd25b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:09:49 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
via: 1.1 google
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
expires: Sat, 05 Nov 2022 02:52:32 GMT

GET
H2 200 cookieconsent.min.css
abo.spiegel.de/de/r/35550911/css/ 4 KB
1 KB 19ms
19ms Stylesheet
text/css 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550911/css/cookieconsent.min.css
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: d25416547417e4eb415d306c29c4e50c6e0ed187f7f872705a5cc08be1ed756e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 13:08:18 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
via: 1.1 google
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
expires: Sat, 05 Nov 2022 03:05:20 GMT

GET
H2 200 cookieconsent.min.js Show response
abo.spiegel.de/de/r/35550911/js/ 19 KB
6 KB 29ms
29ms Script
text/javascript 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550911/js/cookieconsent.min.js
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: 0cf9e1d924ce7ccf5d4ae9a2d996cfe47106a0014ea71a9c9ae3d73afe835f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 10:54:37 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 google
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
expires: Sat, 05 Nov 2022 02:35:19 GMT

GET
H2 200 launch-e7ca7d7ca20f.min.js Show response
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/ 331 KB
94 KB 51ms
8ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dfed2a1da850a7bdadbe9e0e5ed7bf84c3998b9a2f468b1e6e8cb27e5398e6fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 12:54:42 GMT
server: AkamaiNetStorage
etag: "c0317154a2452ff9c1db792286505929:1628859282.227983"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 96198
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 29765241-420-360-p
abo.spiegel.de/de/m/1642165345895/ 38 KB
38 KB 20ms
19ms Image
image/png 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abo.spiegel.de/de/m/1642165345895/29765241-420-360-p
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 48eac3fd30f6954ddf77771f40905eb953cbc988e065d4148c626ed846915b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Fri, 14 Jan 2022 13:02:32 GMT
server: nginx
x-cache-status: HIT
content-type: image/png
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 39102
expires: Sat, 14 Jan 2023 13:04:29 GMT

GET
H2 200 15611634
abo.spiegel.de/de/m/1526481576157/ 17 KB
17 KB 32ms
31ms Image
image/jpeg 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abo.spiegel.de/de/m/1526481576157/15611634
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: b52565263f97d8926823bbcbf39939c347c29df533de3e78a07ca0610b9b599d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Wed, 16 May 2018 14:39:36 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 17272
expires: Sat, 05 Nov 2022 03:08:29 GMT

GET
H2 200 29384717-300-150-p
abo.spiegel.de/de/m/1642165504078/ 33 KB
33 KB 31ms
31ms Image
image/png 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abo.spiegel.de/de/m/1642165504078/29384717-300-150-p
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: a173134924c4708f9ea71e4f490ff92b41f7a9bd4719ca424b54b62198e80f83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Fri, 14 Jan 2022 13:05:10 GMT
server: nginx
x-cache-status: HIT
content-type: image/png
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 33349
expires: Tue, 17 Jan 2023 00:01:12 GMT

GET
H2 200 29509623-300-150-p
abo.spiegel.de/de/m/1642165427746/ 32 KB
33 KB 31ms
31ms Image
image/png 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abo.spiegel.de/de/m/1642165427746/29509623-300-150-p
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8db60be922c28db592b53be8a7da7ce1556590fe358188377242ccb79038094e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Fri, 14 Jan 2022 13:03:54 GMT
server: nginx
x-cache-status: HIT
content-type: image/png
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 33189
expires: Tue, 17 Jan 2023 00:01:04 GMT

GET
H2 200 jwplayer.js Show response
abo.spiegel.de/de/r/35550909/js/lib/jwplayer-7.2.4/ 211 KB
64 KB 23ms
23ms Script
text/javascript 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550909/js/lib/jwplayer-7.2.4/jwplayer.js
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: 63d484e51dd9de676e5ad3fa5ebce0413032951f5addd9f8969aada0b13a7880

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2016 11:12:09 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 google
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
expires: Sat, 05 Nov 2022 03:05:39 GMT

GET
H2 200 responsive.js Show response
abo.spiegel.de/de/r/35550909/js/ 398 KB
119 KB 23ms
22ms Script
text/javascript 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550909/js/responsive.js
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: cb0a327f9915200c334c81e77ec6fdbf7569c725f1d3f6f5521cb8b0a18163ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 07:49:56 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 google
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
expires: Sat, 05 Nov 2022 02:36:48 GMT

GET
H2 200 logo-aboshop-desktop-tablet.png
abo.spiegel.de/de/r/35550911/img/ 2 KB
2 KB 50ms
50ms Image
image/png 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abo.spiegel.de/de/r/35550911/img/logo-aboshop-desktop-tablet.png
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: e03fb16c347106a6b99ff1b26757ca24b8afefca648975f063ecaf4f00447784

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Tue, 07 Jan 2020 10:11:44 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
content-type: image/png
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 1714
expires: Sat, 05 Nov 2022 03:01:54 GMT

GET
H2 200 SpiegelSlab4UICd-ExtraBold.woff2
abo.spiegel.de/de/r/35550911/css/font/ 32 KB
32 KB 33ms
33ms Font
application/octet-stream 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSlab4UICd-ExtraBold.woff2
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: 4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c

Request headers

Referer: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin: https://abo.spiegel.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Tue, 07 Jan 2020 10:10:31 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 32624
expires: Sat, 05 Nov 2022 02:35:50 GMT

GET
H2 200 SpiegelSans4UI-Regular.woff2
abo.spiegel.de/de/r/35550911/css/font/ 38 KB
38 KB 34ms
34ms Font
application/octet-stream 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSans4UI-Regular.woff2
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: 5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4

Request headers

Referer: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin: https://abo.spiegel.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Tue, 07 Jan 2020 10:10:20 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 38464
expires: Sat, 05 Nov 2022 03:04:38 GMT

GET
H2 200 SpiegelSans4UI-Bold.woff2
abo.spiegel.de/de/r/35550911/css/font/ 39 KB
39 KB 30ms
30ms Font
application/octet-stream 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSans4UI-Bold.woff2
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: 5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5

Request headers

Referer: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin: https://abo.spiegel.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Tue, 07 Jan 2020 10:10:11 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 39692
expires: Sat, 05 Nov 2022 03:02:34 GMT

GET
H2 200 fontawesome-webfont.woff
abo.spiegel.de/de/r/35550911/css/font/font-awesome/ 64 KB
64 KB 31ms
31ms Font
application/octet-stream 128.65.210.191
LINK11 Link11 GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://abo.spiegel.de/de/r/35550911/css/font/font-awesome/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software: nginx / Undertow 1
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin: https://abo.spiegel.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
via: 1.1 google
last-modified: Tue, 14 Oct 2014 09:41:16 GMT
server: nginx
x-powered-by: Undertow 1
x-cache-status: HIT
cache-control: max-age=31536000, must-revalidate
alt-svc: clear
content-length: 65452
expires: Sat, 05 Nov 2022 02:52:32 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642395927850
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642395927850

216 B
1023 B

30ms
30ms

XHR
application/json

34.250.101.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642395927850

Requested by

Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14

Protocol

HTTP/1.1

Server

34.250.101.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-101-202.eu-west-1.compute.amazonaws.com

Software

Resource Hash

50f5693e75e870f2848d0e334aa7e297b22326fe2edc83f776f3ff11894952cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-05a12a762.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: DP1mSygCQSg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://abo.spiegel.de
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 209
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v026-0ac25a091.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://abo.spiegel.de
X-TID: 6XWiPBvvS3U=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642395927850
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 RCe42ee6079f764fc5bd130b1e534ddc5d-source.min.js Show response
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 562 B
613 B 7ms
7ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCe42ee6079f764fc5bd130b1e534ddc5d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8fc81bfaae09c53410ea3b71aa3f94e3f04bce34bf69af63406a6dffc15092f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 12:54:42 GMT
server: AkamaiNetStorage
etag: "cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 349
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 RCb124da92a1e44ebdbba65145b6f3ace4-source.min.js Show response
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 463 B
561 B 8ms
8ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCb124da92a1e44ebdbba65145b6f3ace4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: afa42a12f640a207939cbfcf63b76643cb1e3cdbdaa90d4c99d6ab3685dfc670

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 12:54:42 GMT
server: AkamaiNetStorage
etag: "cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 297
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 RC11368e0e6aad43f6afe8ca290bc3d2da-source.min.js Show response
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 981 B
800 B 9ms
9ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC11368e0e6aad43f6afe8ca290bc3d2da-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3d1369d73b7b1661d2c6bf8889f3994f0677ee1383843389a1e77908c17a105f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 12:54:42 GMT
server: AkamaiNetStorage
etag: "cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 536
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 RCb2252bca63f0424d9dea57ee4da763fe-source.min.js Show response
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 599 B
583 B 9ms
9ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCb2252bca63f0424d9dea57ee4da763fe-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 30edfd81c377191b302397b6ec28a0ed32867af35cbe39c7ce870f5d1cc2f0ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 12:54:42 GMT
server: AkamaiNetStorage
etag: "cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 319
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 66ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FFCB91AEBF44435CB50C623D92E90B60 Ref B: FRAEDGE1413 Ref C: 2022-01-17T05:05:27Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 RC5f0ea6df8e5d468986df67e0e6c04db4-source.min.js Show response
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 922 B
820 B 10ms
10ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC5f0ea6df8e5d468986df67e0e6c04db4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e304a82f7be6185c5546182215943406505696e23da260206ca371cbf21088e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 12:54:42 GMT
server: AkamaiNetStorage
etag: "cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 556
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H/1.1 200
OK eatms.js Show response
read.apartena.net/trck/etms/ 1014 B
1 KB 60ms
25ms Script
text/html 51.77.7.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.77.7.80 , France, ASN16276 (OVH, FR),

Reverse DNS

read.apartena.net

Software

nginx / PHP/7.2.34

Resource Hash

5b4cf55c521e7766e3a16145ea8cd325bc45298fc002e9ce63b23e9b335a206b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 05:05:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Jan 2022 05:05:27 GMT
Server: nginx
X-Powered-By: PHP/7.2.34
Vary: Accept-Encoding
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload
X-HTTPS-Header: 1
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 RC93106eb217034ace90e720b10f39ece3-source.min.js Show response
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 542 B
598 B 10ms
10ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC93106eb217034ace90e720b10f39ece3-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3f58ff29e518dfc03ef0cded688de7e8ae0e3718f4c0728bf83d2a093e544c5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 12:54:42 GMT
server: AkamaiNetStorage
etag: "cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://abo.spiegel.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 334
expires: Mon, 17 Jan 2022 06:05:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 36ms
15ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1036667778

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaf899f6939afc034c2bcd5fba417028899b0c556d80161d6c78ec03351aa22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39817
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jan 2022 05:05:27 GMT

GET
H/1.1 200
OK eatms.js Show response
read.apartena.net/trck/etms/ 13 KB
4 KB 43ms
43ms Script
text/html 51.77.7.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no&referrer=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14

Requested by

Host: read.apartena.net
URL: https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.77.7.80 , France, ASN16276 (OVH, FR),

Reverse DNS

read.apartena.net

Software

nginx / PHP/7.2.34

Resource Hash

eac892d018c210174ffbe6065512bc944fda678275effebf7daca079c4da578c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 17 Jan 2022 05:05:28 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-HTTPS-Header: 1
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 38ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1036667778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14835
x-xss-protection: 0
server: cafe
etag: 2630088915750441828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: private
x-fb-debug: TGLDw13512HXcRN9wUHPoYl6DGzf23lr84DDS02QC9sHTy8CuBoDLozn7bokzM84TGcFwE4VwFEsmIkqMjrqNw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 17 Jan 2022 05:05:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 58ms
18ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 12:12:10 GMT
Server: AkamaiNetStorage
ETag: "973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Mon, 17 Jan 2022 05:25:28 GMT

GET
H2 200 21540.js Show response
www.dwin1.com/ 42 KB
10 KB 25ms
7ms Script
application/javascript 2600:9000:2156:0:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/21540.js
Requested by: Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6663f1bb0fc2e62591af7d37d35dae587eeb29af7b3565e6beca954f23d6e543

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: SIYdF4loCziFPx4IarRPUy7CD7JbaAF6
content-encoding: gzip
etag: W/"005832146012c112b280ee01034d6c65"
age: 441
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 16:49:09 GMT
server: AmazonS3
date: Mon, 17 Jan 2022 04:58:36 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lFuiOdvoCTeiO5eL0uuYYQbSRlMs49kUveiKS_ASaKLET5LaOu__rg==

GET
H2 204 5279339.js Show response
bat.bing.com/p/action/ 0
93 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5279339.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Jan 2022 05:05:27 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DCB6B85B0D8541CCA141C94C50B13A86 Ref B: FRAEDGE1413 Ref C: 2022-01-17T05:05:28Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5279339&tm=al001&Ver=2&mid=69a7946d-49dd-48d7-9c6d-882465b6bdba&sid=16336cf0775311ecbeab975ef32048e6&vid=16339910775311ec86b61f0cc4b63ae4&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=SPIEGEL%2B&p=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&r=https%3A%2F%2Fvipestores.com%2F&lt=1274&pt=1642395926621,,,,,167,168,168,168,187,175,187,1048,1048,1051,1267,1267,1274,,,&pn=0,0&evt=pageLoad&msclkid=N&sv=1&rn=613129
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7D18E6471284318B64C81C5866D691B Ref B: FRAEDGE1413 Ref C: 2022-01-17T05:05:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 468291950412468 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/468291950412468?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3b36f90a2e437fff7ce8d1b80e23824d79045fe44b8069414d8127867c4a40c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89399
x-xss-protection: 0
pragma: public
x-fb-debug: MKZaUuo/OEzjolBxw/5TKX7oGCZVw/fXpaJ0DN+NbP/THBY6uceWRNyMlA7rvSAa4YUuApllny6QMWEgGlPJNw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 17 Jan 2022 05:05:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK alt.php Show response
www.awin1.com/ Frame F3A4 155 B
509 B 23ms
23ms Document
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/alt.php?mid=21540&sv=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f

Requested by

Host: www.dwin1.com
URL: https://www.dwin1.com/21540.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

8bd74b21c5a1eada284eb2479b0ca1d168bd192f607c93763218c4fce2ca0469

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/

Response headers

Content-Type: text/html
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 17 Jan 2022 05:05:28 GMT
Content-Length: 141
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200 d9core Show response
the.sciencebehindecommerce.com/ 11 KB
4 KB 134ms
31ms Script
application/javascript 52.50.85.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/d9core
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/21540.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.85.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-85-221.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 60824cfcdda751e70ba30ec01e65b6fb800e67d2bae750135c918a9bd05e4291

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:27 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: the.sciencebehindecommerce.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 3608

GET
H2 200 id Show response
sams.spiegel.de/ 48 B
506 B 74ms
21ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sams.spiegel.de/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=79655FCF5C1D42160A495E15%40AdobeOrg&mid=48066506155735796073208928866508222389&ts=1642395928054

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

17513ef9c0e367efa8c823bef2b87bbd4c46d484191060eb0c9acc459d0ef18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abo.spiegel.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-hthlb
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://abo.spiegel.de
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

POST
H2 200 delivery Show response
sats.spiegel.de/rest/v1/ 363 B
593 B 107ms
38ms XHR
application/json 54.170.22.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sats.spiegel.de/rest/v1/delivery?client=spiegelverlagrudolfa&sessionId=f273b8f37baf405cb3e5a989b18036c7&version=2.4.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.22.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-22-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0374b580cc742a3d2016a26c252f3cca7a94e4e3aa38b7f7d947e7b79894f8a3

Request headers

Referer: https://abo.spiegel.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://abo.spiegel.de
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: fffb7bd9bd6e8fb671cc5ed129fe33c1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/ 3 KB
2 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?random=1642395928084&cv=9&fst=1642395928084&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4248d3cc6bb52ac99845c1bc1e2bbb5e9eb2fb6016c2353a9c413a5a97662fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1161
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

retarget Show response
hal9000.redintelligence.net/ Frame 538C
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B
https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1

2 KB
1 KB

50ms
26ms

Document
text/html

78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Requested by: Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: a85052c3dab21584ea53e96e43e0c8cacc9d0191f69b80c712d814337d931be2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 801
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: ?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

retarget Show response
ad.ad-srv.net/ Frame D93E
Redirect Chain

https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+
https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1

26 B
498 B

51ms
30ms

Document
text/html

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Requested by: Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0147b7f52e12b56f22911b32897fcb994bd04b0f04.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTcwNTA1IiwiZCI6ImV4cGVyY2FiLmNvbSJ9.V2a4Uwq76URqryAdy_zMlEk-aQFcNIXqQi9a5Oohbms
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Length: 26
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: ?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 362ms
91ms Script
application/javascript 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00bf784a92253a49c50216eea8b47eb721
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
content-encoding: gzip
X-TraceId: ff43c0b694c7fe62f4db810cbe31a88b
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 367ms
92ms Image
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00bf784a92253a49c50216eea8b47eb721&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&optOut=false&bust=07293776991181489
Requested by: Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Cache-Control: no-cache
X-TraceId: 8f85f7fb80d99a4444b19482d6308f07
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK 21540.gif
www.awin1.com/m/ Frame F3A4 43 B
488 B 21ms
21ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/m/21540.gif

Requested by

Host: www.awin1.com
URL: https://www.awin1.com/alt.php?mid=21540&sv=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.awin1.com/alt.php?mid=21540&sv=21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jan 2022 05:05:28 GMT
Allow: GET
ETag: 21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: max-age=0
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 109763999395282 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/109763999395282?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54c446fa045539633e08f1e7d8fbb19dbd2f60f2e116c242affdb3a8e5914cc6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89243
x-xss-protection: 0
pragma: public
x-fb-debug: FYCXR89NwUswCEyaYQUAYSOO9wd9QBLvpmnNQuQ6VF0q7Y3eTl7VZLO+TpwM6EkwRz2QNVYAu9EpwmjN4bWqtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 17 Jan 2022 05:05:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 25ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468291950412468&ev=UserProperties&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395928133&cd[%24user_type]=no_paidAccess&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&es=user_properties&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 25ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468291950412468&ev=PageView&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395928137&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 25ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=109763999395282&ev=PageView&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395928138&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 26ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468291950412468&ev=ViewShopContent&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395928139&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 26ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=109763999395282&ev=ViewShopContent&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395928139&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 26ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468291950412468&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395928140&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=109763999395282&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395928141&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1036667778/ 42 B
548 B 45ms
20ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1036667778/?random=1642395928084&cv=9&fst=1642395600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&async=1&fmt=3&is_vtc=1&random=4066561386&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1036667778/ 42 B
548 B 40ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036667778/?random=1642395928084&cv=9&fst=1642395600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&async=1&fmt=3&is_vtc=1&random=4066561386&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 lgc Show response
the.sciencebehindecommerce.com/ 0
569 B 41ms
40ms XHR
text/plain 52.50.85.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://the.sciencebehindecommerce.com/lgc
Requested by: Host: the.sciencebehindecommerce.com
URL: https://the.sciencebehindecommerce.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.85.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-85-221.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://abo.spiegel.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Mon, 17 Jan 2022 05:05:27 GMT
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://abo.spiegel.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 538C 597 B
1 KB 57ms
20ms Script
text/javascript 2.21.141.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-186.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x2 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Server: MT3 4133 baa842e master zrh-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 17 Jan 2022 05:05:27 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 538C 597 B
1 KB 59ms
23ms Script
text/javascript 2.21.141.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-186.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x3 config:1.0.0 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Server: MT3 4133 baa842e master zrh-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 17 Jan 2022 05:05:27 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 538C
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

66ms
20ms

Script
application/x-javascript

37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol: H2
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:16 GMT
server: nginx
etag: W/"613888fc-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 17 Jan 2022 05:05:28 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3

200

activityi;dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7... Show response
5994599.fls.doubleclick.net/ Frame B2E3
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...

456 B
392 B

46ms
31ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3401040068211.287?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

71800e012e9af5eb07b398ab9027e5ecf21d2793cc7f3cf2c3d6ed147a66f5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jan 2022 05:05:28 GMT
expires: Mon, 17 Jan 2022 05:05:28 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jan 2022 05:05:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3401040068211.287?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 538C 43 B
525 B 18ms
18ms Image
image/gif 2.21.141.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-186.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:05:28 GMT
Server: MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 Jan 2022 05:05:27 GMT

GET
H2 200 s39399717160377 Show response
sams.spiegel.de/b/ss/spiegel.ng.spieg.main,spiegel.spieg.abo/10/JS-2.22.0-LBWB/ 490 B
929 B 46ms
46ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sams.spiegel.de/b/ss/spiegel.ng.spieg.main,spiegel.spieg.abo/10/JS-2.22.0-LBWB/s39399717160377?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=17%2F0%2F2022%205%3A5%3A28%201%200&d.&nsid=0&jsonv=1&.d&sdid=01F7E4E3F3A416D3-30DD6295EA253200&mid=48066506155735796073208928866508222389&aamlh=6&ce=UTF-8&pageName=sp.abo%20%3E%20product%20%3E%20%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&g=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&r=https%3A%2F%2Fvipestores.com%2F&c.&apl=4.0&inList=3.0&getValOnce=3.0&getPreviousValue=3.0&cm.&ssf=0&.cm&opt.&sell=N&.opt&.c&cc=EUR&server=abo.spiegel.de&v0=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&events=event400%2Cevent1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=D%3DpageName&h1=sp%7Cabo&v2=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&h2=abo.spiegel.de%7Cde%7Cc%7Cmicrosites%7Cpl&v3=web&v4=shop&v5=product&c7=from_ext_other&v7=SPIEGEL%2B&c8=Abo&v8=abo.spiegel.de&c9=%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&v9=%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&v11=vipestores.com&v12=https%3A%2F%2Fvipestores.com%2F&v15=D%3Dc9&v16=all_tracking&v19=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&c32=2022-01-17T05%3A05%3A27.923Z&v33=desktop&v35=06%3A05&v36=new_visitor&c50=event400%2Cevent1&c61=has_visitorAPI&c62=has_ssoID&c70=default&c71=page_data_ready%7Cgeneric%7C&c73=04_abo.spiegel.de%7C27.2.0%7C2021-08-11T20%3A25%3A49Z&c74=production%7C2021-08-13T12%3A54%3A27Z&c75=v1.7.22b_spabo&v146=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&v147=D%3Dv0&v148=D%3Dv145&v149=D%3Dv146&v175=logged_out&v185=D%3Dmid&v200=D%3DUser-Agent&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=79655FCF5C1D42160A495E15%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

582acd738167baac27fef1ddc30e82bd7d24ab458c547af657c8352f90baeacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-aam-tid: rY1KbsGLSns=
date: Mon, 17 Jan 2022 05:05:28 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 490
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v026-081a091d6.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Tue, 18 Jan 2022 05:05:28 GMT
server: jag
xserver: anedge-cdfbd77b-jtg5z
etag: 3527018400994000896-4619812629033406940
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 16 Jan 2022 05:05:28 GMT

GET
H2 200 dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3401...
adservice.google.com/ddm/fls/z/ Frame B2E3 42 B
494 B 38ms
17ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3401040068211.287

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIfsis-BuPUCFRzMEQgdUe8F_w;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3401040068211.287?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
spiegel.demdex.net/ Frame 4624 7 KB
3 KB 143ms
30ms Document
text/html 54.194.244.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spiegel.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.244.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-244-117.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 17 Jan 2022 05:05:28 GMT
DCS: dcs-prod-irl1-2-v026-0fdb1f8b7.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Dec 2021 14:26:35 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: WsQDZkHaT04=
Content-Length: 2791
Connection: keep-alive

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 538C
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=873022819209&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintel...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=873022819209&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.red...

111 B
593 B

21ms
21ms

Script
text/javascript

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=873022819209&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1

Protocol

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:28 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=873022819209&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468291950412468&ev=Adobe-Audience-Manager-Segment&cd[segID]=19570004&noscript=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 17 Jan 2022 05:05:28 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1036667778/ Frame 4624
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro
https://www.google.com/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1898502190
https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1898502190&ipr=y

42 B
64 B

33ms
16ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1898502190&ipr=y

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://spiegel.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jan 2022 05:05:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1898502190&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468291950412468&ev=Microdata&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395929636&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5CtSPIEGEL%2B%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=4&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 17 Jan 2022 05:05:29 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=109763999395282&ev=Microdata&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642395929639&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5CtSPIEGEL%2B%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1642395928132.1315662347&it=1642395928037&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://abo.spiegel.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 05:05:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 17 Jan 2022 05:05:29 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.expercab.com/	1970-02-13 20:44:39	Name: sid Value: 1490f7fa-7753-11ec-aafc-1b57f89322b9
v4.s.arclk.net/	1969-12-31 23:59:59	Name: checkme Value: 1bc34b6e5bdde6c590ae95245c9e63cdb789
jsrdtrck.com/	1970-01-20 00:56:27	Name: ClickDataNG Value: H4sIAAAAAAAA_7RU247bNhD9FWGeEoCQKVoXS4EQbJ2iLbIbFMim-1KgoMiRzVomhSHlS5P8e6FLHKNAH_NGcQ7ncuYcfYYTkjfOQgVJzGMODMK1R6g4Az80z9_OytkTUkANVSs7jwxUZ9ThNz0-3Olrtrkg9bsLMNAyIFRJnop1mZUiZ6DksZdmZ0e0EIkQDIzf_v5wy0UuyGDcBEhFsWZAQ4fjF2dAqA2hCk8Y9k5DlTHwbiA1xXMGnbTa2N2CXr4-UQcVAAPXtkgTcp2lDBqSVu0X7BSbkfsQel-tVifTow-O0MfKHVedsQf_1uhznaUb8efAucj90Bhd_2do5XyAisecT93jCe0wM9fLqxvC93rbgQitukIFnz6-AwYDmbsG_vakA6nDVH7i-G2gk9H1RNzcAV6C0TVP0qIp2kxgIposb4Uok6RZi01ZtKopy7TRPG14y9OY4ts6sljlZSlymaLSSVbIlnOOWZa2iV6LsuTJXEP1qp7HWaaeKDe6zhMpdLHZFKUQsuWZappCCExn2FEGta_J2SWLJDJI9dm0ZgG45q--rc_Ganf2C8oNNtC1fvczMDD9g9aE3kMFIiniPI2TLIlFeR_L5-UOHulhhzZABU_uH9N1cpXFPHr1MqePPjxHCY_5m-jF2Dx9E13y9HX00PcdvmDz3oRVti7idR69ev_r89MjizpzwOgXVAf3OtruyR1xVRYxj9O8FHGRRB9lK8ksr2BcdIuENHej8WQU3izjxgmWRkYh-j--W230WUPu7Ke3c6Vbhp9IWn2f8slp7O4vPsgjzt9qLgdbR72j0Xmjt_qRD5EW0WPQkzgnfqGCiWHC3dzGGDJhvv_yBUatEtqwHVW3uIfMztjH_u4qkLReqtmuHio7dB0DNfjgjlB9XpwAs3aAAV4CkpXd9Kv4UZoFBicOFfyfOMd4AhWQs-NRQAWjJMfzejp_29IpnVn6-vXfAAAA__9WTCrfGwUAAA==
jsrdtrck.com/	1970-01-20 00:56:27	Name: ClickDataNgFall Value: H4sIAAAAAAAA_7RU247bNhD9FWGeEoCQKVoXS4EQbJ2iLbIbFMim-1KgoMiRzVomhSHlS5P8e6FLHKNAH_NGcQ7ncuYcfYYTkjfOQgVJzGMODMK1R6g4Az80z9_OytkTUkANVSs7jwxUZ9ThNz0-3Olrtrkg9bsLMNAyIFRJnop1mZUiZ6DksZdmZ0e0EIkQDIzf_v5wy0UuyGDcBEhFsWZAQ4fjF2dAqA2hCk8Y9k5DlTHwbiA1xXMGnbTa2N2CXr4-UQcVAAPXtkgTcp2lDBqSVu0X7BSbkfsQel-tVifTow-O0MfKHVedsQf_1uhznaUb8efAucj90Bhd_2do5XyAisecT93jCe0wM9fLqxvC93rbgQitukIFnz6-AwYDmbsG_vakA6nDVH7i-G2gk9H1RNzcAV6C0TVP0qIp2kxgIposb4Uok6RZi01ZtKopy7TRPG14y9OY4ts6sljlZSlymaLSSVbIlnOOWZa2iV6LsuTJXEP1qp7HWaaeKDe6zhMpdLHZFKUQsuWZappCCExn2FEGta_J2SWLJDJI9dm0ZgG45q--rc_Ganf2C8oNNtC1fvczMDD9g9aE3kMFIiniPI2TLIlFeR_L5-UOHulhhzZABU_uH9N1cpXFPHr1MqePPjxHCY_5m-jF2Dx9E13y9HX00PcdvmDz3oRVti7idR69ev_r89MjizpzwOgXVAf3OtruyR1xVRYxj9O8FHGRRB9lK8ksr2BcdIuENHej8WQU3izjxgmWRkYh-j--W230WUPu7Ke3c6Vbhp9IWn2f8slp7O4vPsgjzt9qLgdbR72j0Xmjt_qRD5EW0WPQkzgnfqGCiWHC3dzGGDJhvv_yBUatEtqwHVW3uIfMztjH_u4qkLReqtmuHio7dB0DNfjgjlB9XpwAs3aAAV4CkpXd9Kv4UZoFBicOFfyfOMd4AhWQs-NRQAWjJMfzejp_29IpnVn6-vXfAAAA__9WTCrfGwUAAA==
vipestores.com/	1970-01-20 00:13:23	Name: XSRF-TOKEN Value: eyJpdiI6IkphdW9DVFVPdEhDUjlBVG5wVVRqZGc9PSIsInZhbHVlIjoiUklZQnF3cjBIS0ttSkIyamt2cXdFMWhwMWZFR0kvU2xsMk9OaDlyMUR6Z2FraGRBT3FGYnZPcUEydHQvSGxqQyIsIm1hYyI6IjY0YWM4NWU4MzZlZGY4ODdmNGJhN2JhMjYwN2M5ZWZlYTZhNmQzZTNmNGE0MGRmZjI5ZjFkNTJhNzA5NTMxMWUifQ%3D%3D
vipestores.com/	1970-01-20 00:13:23	Name: vipstores_session Value: eyJpdiI6InRBdjVuRlpmdlpxNUFoYW1oUmNSbUE9PSIsInZhbHVlIjoielZ6Q0JUUVZKNXVPWmdmVGJxYzFUZWVCQ0k4RzQ2SlIxZVE0VHl2NUtGUHlJN285UGp6TFZXQzFPYko0anQrZSIsIm1hYyI6IjM2OWJjM2Q3OTZkMjIzMWViZjk0MWI2NzRiNWRlZGRkOWYxYjdjMDAxZGUzZDVjODI0ZGZjNGIxMzY5YjMzNGQifQ%3D%3D
.ad.admitad.com/	1970-01-20 17:44:27	Name: UID Value: v=3\|id=efa88f9ff30875294ff708749b1918cf\|expr=1705467926\|type=0\|business_expr=1644987926
.ad.admitad.com/	1969-12-31 23:59:59	Name: UID2 Value: v=3\|id=efa88f9ff30875294ff708749b1918cf\|expr=1705467926\|type=0\|business_expr=1644987926
.awin1.com/	1970-01-20 00:56:27	Name: aw21540 Value: 632098\|0\|0\|1642395926\|6979120fcf16760c2932a9db2c3edff9\|aw\|0
.awin1.com/	1970-01-20 08:58:51	Name: bId Value: HLEX_61e4f9165cad83.86559479
.spiegel.de/	1969-12-31 23:59:59	Name: at_check Value: true
.bing.com/	1970-01-20 09:34:51	Name: MUID Value: 326538F80D0E65C1384829D70C65642D
.spiegel.de/	1970-01-20 02:22:51	Name: _gcl_au Value: 1.1.865973337.1642395928
.demdex.net/	1970-01-20 04:32:27	Name: demdex Value: 53847475286876014412631993139673657283
.spiegel.de/	1970-01-20 00:14:42	Name: _uetsid Value: 16336cf0775311ecbeab975ef32048e6
.spiegel.de/	1970-01-20 09:34:51	Name: _uetvid Value: 16339910775311ec86b61f0cc4b63ae4
.spiegel.de/	1970-01-20 08:58:51	Name: _aw_m_21540 Value: 21540_1642395926_c1b5cc45088692fb64628cfb7b46c52f
.spiegel.de/	1969-12-31 23:59:59	Name: AMCVS_79655FCF5C1D42160A495E15%40AdobeOrg Value: 1
.spiegel.de/	1970-01-20 17:44:27	Name: s_ecid Value: MCMID%7C48066506155735796073208928866508222389
.spiegel.de/	1970-01-20 02:22:51	Name: _fbp Value: fb.1.1642395928132.1315662347
.spiegel.de/	1970-01-20 17:44:27	Name: AMCV_79655FCF5C1D42160A495E15%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19010%7CMCMID%7C48066506155735796073208928866508222389%7CMCAAMLH-1643000728%7C6%7CMCAAMB-1643000728%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1642403128s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.redintelligence.net/	1970-01-20 02:22:51	Name: 8lcfmzhxc8d6_uid Value: 148f6ebefec71274
.ad-srv.net/	1970-01-20 02:22:51	Name: kdb0xdq3ls8m_uid Value: 35680644d8c388f5
.facebook.com/	1970-01-20 02:22:51	Name: fr Value: 0tknCGoLZHhF7Rgcw..Bh5PkY...1.0.Bh5PkY.
.spiegel.de/	1970-01-20 17:47:20	Name: mbox Value: session#f273b8f37baf405cb3e5a989b18036c7#1642397788\|PC#f273b8f37baf405cb3e5a989b18036c7.37_0#1705640729
.spiegel.de/	1970-01-20 00:13:17	Name: sara_gpv_page Value: sp.abo%20%3E%20product%20%3E%20%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot
.spiegel.de/	1969-12-31 23:59:59	Name: sara_cid_any Value: aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
.spiegel.de/	1969-12-31 23:59:59	Name: sara_cid_ext Value: aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
.sciencebehindecommerce.com/	1970-01-20 08:58:51	Name: _D9J Value: 1cb04aa0ca8248bfbbfa8313078f6e25
.mathtag.com/	1970-01-20 09:39:11	Name: uuid Value: e86b61e4-f918-4900-918f-11475373cf32
.mathtag.com/	1970-01-20 00:56:27	Name: mt_misc Value: mt_bt:1
.spiegel.de/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 09:34:51	Name: IDE Value: AHWqTUngCi5nJwXlsjk03lQLLSII15XeLpoahLNIBLspOVLGL04nSrxyqLwwHHTyAfw
.spiegel.de/	1970-01-20 00:56:27	Name: sara_aam_uuid Value: 53847475286876014412631993139673657283
.adform.net/	1970-01-20 00:57:54	Name: C Value: 1
.adform.net/	1970-01-20 01:39:39	Name: uid Value: 7794948198498246708
abo.spiegel.de/	1970-01-20 00:13:16	Name: outbrain_cid_fetch Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
abo.spiegel.de
ad.ad-srv.net
ad.admitad.com
adservice.google.com
amplify.outbrain.com
assets.adobedtm.com
bat.bing.com
connect.facebook.net
dpm.demdex.net
expercab.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
jsrdtrck.com
pixel.mathtag.com
read.apartena.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sams.spiegel.de
sats.spiegel.de
spiegel.demdex.net
the.sciencebehindecommerce.com
tr.outbrain.com
track.adform.net
v4.s.arclk.net
vipestores.com
www.awin1.com
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.111.239.217
128.65.210.191
13.36.218.177
138.201.135.164
142.250.181.226
142.250.186.38
185.26.99.247
2.18.234.190
2.21.141.186
2600:9000:2156:0:f:8ce2:fb80:93a1
2606:4700:3033::6815:daf
2620:1ec:c11::200
2a00:1450:4001:811::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a02:26f0:fb:59e::1e80
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.48.135
34.250.101.202
37.157.2.248
37.157.6.241
51.77.7.80
52.20.219.89
52.218.36.122
52.50.85.221
54.170.22.84
54.194.244.117
70.42.32.63
78.46.90.238
81.17.29.150
0374b580cc742a3d2016a26c252f3cca7a94e4e3aa38b7f7d947e7b79894f8a3
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0cf9e1d924ce7ccf5d4ae9a2d996cfe47106a0014ea71a9c9ae3d73afe835f1f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17513ef9c0e367efa8c823bef2b87bbd4c46d484191060eb0c9acc459d0ef18b
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30edfd81c377191b302397b6ec28a0ed32867af35cbe39c7ce870f5d1cc2f0ba
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3d1369d73b7b1661d2c6bf8889f3994f0677ee1383843389a1e77908c17a105f
3f58ff29e518dfc03ef0cded688de7e8ae0e3718f4c0728bf83d2a093e544c5a
40cd136a720cc6a517ea348dabf9e99ce0ab12f9b4ddb2d1a77155defc50f421
4248d3cc6bb52ac99845c1bc1e2bbb5e9eb2fb6016c2353a9c413a5a97662fa3
48eac3fd30f6954ddf77771f40905eb953cbc988e065d4148c626ed846915b1f
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c
50f5693e75e870f2848d0e334aa7e297b22326fe2edc83f776f3ff11894952cc
54c446fa045539633e08f1e7d8fbb19dbd2f60f2e116c242affdb3a8e5914cc6
563994fb1b9efb27e1850f68ee2947524b0ef16cf0555890ff7965d52e0dd25b
582acd738167baac27fef1ddc30e82bd7d24ab458c547af657c8352f90baeacb
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4
5b4cf55c521e7766e3a16145ea8cd325bc45298fc002e9ce63b23e9b335a206b
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5
60824cfcdda751e70ba30ec01e65b6fb800e67d2bae750135c918a9bd05e4291
63d484e51dd9de676e5ad3fa5ebce0413032951f5addd9f8969aada0b13a7880
6663f1bb0fc2e62591af7d37d35dae587eeb29af7b3565e6beca954f23d6e543
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
71800e012e9af5eb07b398ab9027e5ecf21d2793cc7f3cf2c3d6ed147a66f5a9
723bfca6669c494744918de3d2b3124ebad3b93d26e5a76f5a681021c6e3cea6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8b42bbb3bb25f62778c8d4090697a0bcf1e7cf0daf1f45b7e704e00b55682c29
8bd74b21c5a1eada284eb2479b0ca1d168bd192f607c93763218c4fce2ca0469
8db60be922c28db592b53be8a7da7ce1556590fe358188377242ccb79038094e
8fc81bfaae09c53410ea3b71aa3f94e3f04bce34bf69af63406a6dffc15092f0
9339d196fd5a7301e5f0b9a0af5ab34790361203b18d0c1fca468c66d94792c7
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
a173134924c4708f9ea71e4f490ff92b41f7a9bd4719ca424b54b62198e80f83
a85052c3dab21584ea53e96e43e0c8cacc9d0191f69b80c712d814337d931be2
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
aaf899f6939afc034c2bcd5fba417028899b0c556d80161d6c78ec03351aa22e
afa42a12f640a207939cbfcf63b76643cb1e3cdbdaa90d4c99d6ab3685dfc670
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b52565263f97d8926823bbcbf39939c347c29df533de3e78a07ca0610b9b599d
cb0a327f9915200c334c81e77ec6fdbf7569c725f1d3f6f5521cb8b0a18163ba
d25416547417e4eb415d306c29c4e50c6e0ed187f7f872705a5cc08be1ed756e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
dfed2a1da850a7bdadbe9e0e5ed7bf84c3998b9a2f468b1e6e8cb27e5398e6fe
e03fb16c347106a6b99ff1b26757ca24b8afefca648975f063ecaf4f00447784
e304a82f7be6185c5546182215943406505696e23da260206ca371cbf21088e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
eac892d018c210174ffbe6065512bc944fda678275effebf7daca079c4da578c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b36f90a2e437fff7ce8d1b80e23824d79045fe44b8069414d8127867c4a40c
f56cdfe2abfef107046969ff83a9bb43fef1751506f94226bd95147ab3541f61
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

abo.spiegel.de Open in urlscan Pro 128.65.210.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

95 %HTTPS

33 %IPv6

26 Domains

33 Subdomains

31 IPs

6 Countries

996 kBTransfer

2634 kBSize

37 Cookies

6 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

abo.spiegel.de Open in urlscan Pro
128.65.210.191 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

95 %
HTTPS

33 %
IPv6

26
Domains

33
Subdomains

31
IPs

6
Countries

996 kB
Transfer

2634 kB
Size

37
Cookies

78 HTTP transactions
0 data transactions