www.merkur.de Open in urlscan Pro
193.218.202.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-91242399.html
Effective URL:
https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-variante-91242399.html
Submission Tags: falconsandbox
Submission: On February 24 via api (February 24th 2022, 9:55:36 am UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 13 domains to perform 53 HTTP transactions. The main IP is 193.218.202.149, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.merkur.de. The Cisco Umbrella rank of the primary domain is 90318.
TLS certificate: Issued by R3 on January 10th 2022. Valid for: 3 months.

This is the only time www.merkur.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	193.218.202.149 193.218.202.149	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
8	91.234.30.145 91.234.30.145	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
7	2606:4700:20:... 2606:4700:20::681a:ff6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:2de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	161.156.47.60 161.156.47.60	36351 (SOFTLAYER) (SOFTLAYER)
3	176.9.67.12 176.9.67.12	24940 (HETZNER-AS) (HETZNER-AS)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	91.215.100.39 91.215.100.39	43407 (INFONLINE-AS) (INFONLINE-AS)
1	52.29.176.90 52.29.176.90	16509 (AMAZON-02) (AMAZON-02)
1 11	2600:9000:223... 2600:9000:223e:e00:11:fdd5:15c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:224... 2600:9000:2240:8c00:d:46fd:8a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223c:dc00:4:f963:680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:6e00:1f:867b:4100:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225a:f200:a:2950:1bc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:e600:11:363e:6940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2240:400:d:46fd:8a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.31.213.120 52.31.213.120	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:c00:4:f963:680:93a1	16509 (AMAZON-02) (AMAZON-02)
53	21

3 193.218.202.149 (Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)

www.merkur.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 91.234.30.145 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)

idcdn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:ff6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.opencmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:2de (United States)

ASN13335 (CLOUDFLARENET, US)

cdntrf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.156.47.60 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 3c.2f.9ca1.ip4.static.sl-reverse.com

merkur.met.vgwort.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.67.12 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.67.9.176.clients.your-server.de

pp.lp4.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cl.k5a.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.176.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-176-90.eu-central-1.compute.amazonaws.com

idat.production.ippen.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:223e:e00:11:fdd5:15c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

player.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

4051686b.de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:8c00:d:46fd:8a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

amp-integration.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:dc00:4:f963:680:93a1 (United States)

ASN16509 (AMAZON-02, US)

i2thumbs.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:6e00:1f:867b:4100:21 (United States)

ASN16509 (AMAZON-02, US)

d1miwkthq39xj8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225a:f200:a:2950:1bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2wu036mkcz52n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:e600:11:363e:6940:93a1 (United States)

ASN16509 (AMAZON-02, US)

config-vvs.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:400:d:46fd:8a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

integration-cloudfront-eu-west-1.mes.glomex.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.213.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-213-120.eu-west-1.compute.amazonaws.com

player-feedback-v1.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c00:4:f963:680:93a1 (United States)

ASN16509 (AMAZON-02, US)

i1thumbs.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	glomex.com 2 redirects player.glomex.com — Cisco Umbrella Rank: 40766 amp-integration.glomex.com — Cisco Umbrella Rank: 50284 i2thumbs.glomex.com — Cisco Umbrella Rank: 93779 config-vvs.glomex.com — Cisco Umbrella Rank: 44764 player-feedback-v1.glomex.com — Cisco Umbrella Rank: 44701 i1thumbs.glomex.com — Cisco Umbrella Rank: 95817	374 KB
8	idcdn.de idcdn.de — Cisco Umbrella Rank: 88846	32 KB
7	opencmp.net cdn.opencmp.net — Cisco Umbrella Rank: 57952	131 KB
3	ioam.de 1 redirects script.ioam.de — Cisco Umbrella Rank: 13922 4051686b.de.ioam.de	10 KB
3	lp4.io pp.lp4.io — Cisco Umbrella Rank: 31500	18 KB
3	cdntrf.com cdntrf.com — Cisco Umbrella Rank: 54295	96 KB
3	merkur.de 1 redirects www.merkur.de — Cisco Umbrella Rank: 90318	17 KB
2	cloudfront.net d1miwkthq39xj8.cloudfront.net d2wu036mkcz52n.cloudfront.net	721 B
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 407 fonts.googleapis.com — Cisco Umbrella Rank: 35	123 KB
2	k5a.io cl.k5a.io — Cisco Umbrella Rank: 40090	70 KB
2	vgwort.de 1 redirects merkur.met.vgwort.de — Cisco Umbrella Rank: 296390	771 B
1	glomex.cloud integration-cloudfront-eu-west-1.mes.glomex.cloud — Cisco Umbrella Rank: 45049	2 KB
1	ippen.space idat.production.ippen.space — Cisco Umbrella Rank: 90897	221 B
53	13

	Domain	Requested by
11	player.glomex.com	1 redirects www.merkur.de player.glomex.com
8	idcdn.de	www.merkur.de idcdn.de
7	cdn.opencmp.net	www.merkur.de cdn.opencmp.net cl.k5a.io
3	i2thumbs.glomex.com	player.glomex.com
3	pp.lp4.io	www.merkur.de pp.lp4.io
3	cdntrf.com	www.merkur.de cdntrf.com
3	www.merkur.de	1 redirects www.merkur.de
2	player-feedback-v1.glomex.com	player.glomex.com
2	4051686b.de.ioam.de	1 redirects www.merkur.de
2	cl.k5a.io	www.merkur.de cl.k5a.io
2	merkur.met.vgwort.de	1 redirects www.merkur.de
1	i1thumbs.glomex.com
1	integration-cloudfront-eu-west-1.mes.glomex.cloud	player.glomex.com
1	config-vvs.glomex.com	player.glomex.com
1	d2wu036mkcz52n.cloudfront.net	www.merkur.de
1	fonts.googleapis.com	player.glomex.com
1	d1miwkthq39xj8.cloudfront.net	player.glomex.com
1	amp-integration.glomex.com	1 redirects
1	imasdk.googleapis.com	player.glomex.com
1	idat.production.ippen.space	www.merkur.de
1	script.ioam.de	www.merkur.de
53	21

This site contains links to these domains. Also see Links.

Domain
www.ippen.media
veranstaltungen.merkur.de
promo.merkur.de
www.merkurtz-mediacenter.de

Subject Issuer	Validity	Valid
merkur.de R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
idcdn.de R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
*.lp4.io Go Daddy Secure Certificate Authority - G2	`2021-11-11` - `2022-12-13`	a year	crt.sh
cl.k5a.io R3	`2022-02-13` - `2022-05-14`	3 months	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2021-12-01` - `2022-12-01`	a year	crt.sh
production.ippen.space Amazon	`2021-11-15` - `2022-12-14`	a year	crt.sh
*.mep.glomex.cloud Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.dp.glomex.cloud Amazon	`2021-04-16` - `2022-05-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-variante-91242399.html
Frame ID: 76D979B8C12E4E1C1275D60E2045BCFB
Requests: 36 HTTP requests in this frame

Frame: https://player.glomex.com/integration/1.678.0/iframe-player.html?integrationId=2b9h6ryj2201rvm&playlistId=v-ch8vyzfmbntt-se&playlistIndex=0&origin=glomex-player&pageUrl=https%3A%2F%2Fwww.merkur.de%2Fwelt%2Fffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-variante-91242399.html
Frame ID: DB06660A55C00ABDDE8259FDEDD03577
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FFP2-Überraschung: Studie zeigt brisanten Unterschied zwischen Schutz vor Omikron und DeltaPathPathPathPathPath

Page URL History Show full URLs

https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-91242399.html HTTP 301
https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-va... Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Page Statistics

53
Requests

89 %
HTTPS

57 %
IPv6

13
Domains

21
Subdomains

21
IPs

3
Countries

873 kB
Transfer

2707 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ippen.media/

Search URL Search Domain Scan URL

URL: http://veranstaltungen.merkur.de/region/
Title: Veranstaltungen

Search URL Search Domain Scan URL

URL: https://veranstaltungen.merkur.de/region/
Title: Veranstaltungen

Search URL Search Domain Scan URL

URL: https://promo.merkur.de/formular/printprobe/
Title: Probeabo

Search URL Search Domain Scan URL

URL: https://www.merkurtz-mediacenter.de/
Title: Mediadaten Online

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-91242399.html HTTP 301
https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-variante-91242399.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://merkur.met.vgwort.de/na/68350eb8ad2e4726a23b85d6fc57168b HTTP 302
https://merkur.met.vgwort.de/blank.gif

Request Chain 20

https://player.glomex.com/integration/1/glomex-player.js HTTP 302
https://player.glomex.com/integration/1.678.0/glomex-player.js

Request Chain 22

https://4051686b.de.ioam.de/tx.io?st=ippenmed&cp=me_welt&sv=ke&sc=yes&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.merkur.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0012&i2=0012db94bc7f5051562175613&ep=1672809134&vr=434&id=95gqf7&i3=0012db94bc7f5051562175613%3A1677146131865%3A1645696531865%3A.merkur.de%3A1%3Aippenmed%3Ame_welt%3Anoevent%3A1645696531865&n1=4&dntt=0&lt=1645696531866&ev=&cs=cvjzqr&mo=1 HTTP 302
https://4051686b.de.ioam.de/tx.io?st=ippenmed&cp=me_welt&sv=ke&sc=yes&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.merkur.de&xy=1600x1200x24&lo=DE%2Fn.a.&cb=0012&i2=0012db94bc7f5051562175613&ep=1672809134&vr=434&id=95gqf7&i3=0012db94bc7f5051562175613%3A1677146131865%3A1645696531865%3A.merkur.de%3A1%3Aippenmed%3Ame_welt%3Anoevent%3A1645696531865&n1=4&dntt=0&lt=1645696531866&ev=&cs=cvjzqr&mo=1&sr=71

Request Chain 37

https://amp-integration.glomex.com/image?integration_id=2b9h6ryj2201rvm&playlist_id=v-ch8vyzfmbntt-se&current_url=https%3A%2F%2Fwww.merkur.de%2Fwelt%2Fffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-variante-91242399.html&profile=extra-small-32x18 HTTP 302
https://i2thumbs.glomex.com/dC1iZzAxdWlqcnp0cmQvMjAyMi8wMS8xOC8xNS8wMF8xNl82MWU2ZDYwMDAxNGQ5LmpwZw==/profile:extra-small-32x18

53 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-variante-91242399.html Show response
www.merkur.de/welt/
Redirect Chain

https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-91242399.html
https://www.merkur.de/welt/ffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-variante-91242399.html

49 KB
15 KB

39ms
38ms

Document
text/html

193.218.202.149
02742 Friedersdor...

General

Domain/Path	Expires	Name / Value
www.merkur.de/	1970-01-20 18:39:28	Name: cua_uuid Value: 9922faf5-74d2-2aed-e18d-d144a5382957
www.merkur.de/	1970-01-20 09:53:52	Name: new_user Value: false
merkur.met.vgwort.de/	1969-12-31 23:59:59	Name: srp Value: 04136217561351fe0003
.merkur.de/	1970-01-20 09:53:52	Name: _k5a Value: %7B%22u%22%3A%5B%7B%22uid%22%3A%22roPQ1F8XWmXZuTz8%22%2C%22ts%22%3A1645696531%7D%2C1645786531%5D%7D
.merkur.de/	1970-01-20 09:53:52	Name: _lp4_u Value: zmHdP1FseA
.merkur.de/	1970-01-20 09:52:26	Name: ioam2018 Value: 0012db94bc7f5051562175613:1677146131865:1645696531865:.merkur.de:2:ippenmed:me_welt:noevent:1645696531865:8auw36
.ioam.de/	1970-01-20 07:27:33	Name: i00 Value: 00372b685e7f7fbaa621756130001%3B62175613%3B63729452
.merkur.de/	1970-01-20 01:48:35	Name: iom_consent Value: 0100000000&1645696532208

Source	Level	URL Text
other	warning	URL: https://player.glomex.com/integration/1.678.0/glomex-player-module.js Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://player.glomex.com/integration/1.678.0/glomex-player-module.js Message: Unrecognized feature: 'monetization'.
other	warning	URL: https://player.glomex.com/integration/1.678.0/glomex-player-module.js Message: Allow attribute will take precedence over 'allowfullscreen'.
javascript	warning	URL: https://player.glomex.com/integration/1.678.0/iframe-player.html?integrationId=2b9h6ryj2201rvm&playlistId=v-ch8vyzfmbntt-se&playlistIndex=0&origin=glomex-player&pageUrl=https%3A%2F%2Fwww.merkur.de%2Fwelt%2Fffp2-omikron-maske-delta-corona-schutz-infektion-max-planck-institut-variante-91242399.html Message: The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

www.merkur.de Open in urlscan Pro 193.218.202.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

89 %HTTPS

57 %IPv6

13 Domains

21 Subdomains

21 IPs

3 Countries

873 kBTransfer

2707 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.merkur.de Open in urlscan Pro
193.218.202.149 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

89 %
HTTPS

57 %
IPv6

13
Domains

21
Subdomains

21
IPs

3
Countries

873 kB
Transfer

2707 kB
Size

8
Cookies

53 HTTP transactions
2 data transactions