URL: https://lohraspcdn.tak028.top/
Submission: On December 02 via api from US — Scanned from US

Summary

This website contacted 30 IPs in 5 countries across 20 domains to perform 97 HTTP transactions. The main IP is 62.204.58.112, located in Turkey and belongs to DIGITURUNC, TR. The main domain is lohraspcdn.tak028.top.
TLS certificate: Issued by R3 on November 29th 2023. Valid for: 3 months.
This is the only time lohraspcdn.tak028.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 62.204.58.112 48011 (DIGITURUNC)
27 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
13 99.86.102.118 16509 (AMAZON-02)
3 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 63.140.62.135 16509 (AMAZON-02)
1 23.223.209.35 20940 (AKAMAI-ASN1)
1 18.158.12.134 16509 (AMAZON-02)
1 18.164.124.81 16509 (AMAZON-02)
3 18.158.220.34 16509 (AMAZON-02)
6 2607:f8b0:402... 15169 (GOOGLE)
1 5.9.114.33 24940 (HETZNER-AS)
7 23.199.50.98 16625 (AKAMAI-AS)
3 18.238.64.130 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
4 23.49.248.13 20940 (AKAMAI-ASN1)
5 7 18.157.190.96 16509 (AMAZON-02)
2 3 68.67.179.87 29990 (ASN-APPNEX)
2 2 35.71.131.137 16509 (AMAZON-02)
2 2 142.250.72.98 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 18.238.55.102 16509 (AMAZON-02)
1 1 18.200.183.204 16509 (AMAZON-02)
2 52.17.229.147 16509 (AMAZON-02)
1 99.86.102.29 16509 (AMAZON-02)
1 18.173.138.29 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
2 52.57.146.233 16509 (AMAZON-02)
97 30
Apex Domain
Subdomains
Transfer
43 spiegel.de
cdn.prod.www.spiegel.de — Cisco Umbrella Rank: 44496
interactive.spiegel.de — Cisco Umbrella Rank: 875260
sp-spiegel-de.spiegel.de — Cisco Umbrella Rank: 61959
sams.spiegel.de — Cisco Umbrella Rank: 83173
1 MB
13 opecloud.com
cdn.opecloud.com — Cisco Umbrella Rank: 5764
adalliance.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 30827
adalliance.tagger.opecloud.com — Cisco Umbrella Rank: 42156
tagger.opecloud.com — Cisco Umbrella Rank: 4604
adalliance.dcapi.tagger.opecloud.com — Cisco Umbrella Rank: 42739
18 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
99ad941381cf234693393f4b704148af.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
42 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
167 KB
7 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4166
4 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
70 KB
4 emsservice.de
static.emsservice.de — Cisco Umbrella Rank: 40457
9 KB
4 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 610
secure.adnxs.com — Cisco Umbrella Rank: 478
ib.adnxs.com — Cisco Umbrella Rank: 229
19 KB
3 xplosion.de
ups.xplosion.de — Cisco Umbrella Rank: 20001
cdn.xplosion.de — Cisco Umbrella Rank: 30067
5 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 431
160 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
791 B
2 omny.fm
omny.fm — Cisco Umbrella Rank: 16413
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 emetriq.de
dyn.emetriq.de — Cisco Umbrella Rank: 38329
118 B
1 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4286
3 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
519 B
1 adalliance.io
zipservice.adalliance.io — Cisco Umbrella Rank: 57176
323 B
1 technical-service.net
te.technical-service.net — Cisco Umbrella Rank: 30145
2 KB
1 akamaihd.net
bilder-a.akamaihd.net — Cisco Umbrella Rank: 39069
2 KB
1 tak028.top
lohraspcdn.tak028.top
227 KB
97 20
Domain Requested by
27 cdn.prod.www.spiegel.de lohraspcdn.tak028.top
cdn.prod.www.spiegel.de
13 sp-spiegel-de.spiegel.de lohraspcdn.tak028.top
sp-spiegel-de.spiegel.de
7 ad.yieldlab.net lohraspcdn.tak028.top
ad.yieldlab.net
6 securepubads.g.doubleclick.net lohraspcdn.tak028.top
4 pagead2.googlesyndication.com lohraspcdn.tak028.top
tpc.googlesyndication.com
4 adalliance.tagger.opecloud.com 3 redirects
4 static.emsservice.de lohraspcdn.tak028.top
3 tpc.googlesyndication.com lohraspcdn.tak028.top
3 tagger.opecloud.com 2 redirects
3 c.amazon-adsystem.com lohraspcdn.tak028.top
3 adalliance.profiles.tagger.opecloud.com lohraspcdn.tak028.top
3 assets.adobedtm.com cdn.prod.www.spiegel.de
lohraspcdn.tak028.top
2 adalliance.dcapi.tagger.opecloud.com lohraspcdn.tak028.top
2 ups.xplosion.de lohraspcdn.tak028.top
2 ib.adnxs.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 match.adsrvr.org 2 redirects
2 omny.fm lohraspcdn.tak028.top
2 interactive.spiegel.de lohraspcdn.tak028.top
1 www.google.com lohraspcdn.tak028.top
1 99ad941381cf234693393f4b704148af.safeframe.googlesyndication.com lohraspcdn.tak028.top
1 cdn.xplosion.de lohraspcdn.tak028.top
1 aax.amazon-adsystem.com lohraspcdn.tak028.top
1 config.aps.amazon-adsystem.com lohraspcdn.tak028.top
1 dyn.emetriq.de 1 redirects
1 cdn.privacy-mgmt.com sp-spiegel-de.spiegel.de
1 dsp.adfarm1.adition.com 1 redirects
1 secure.adnxs.com 1 redirects
1 acdn.adnxs.com lohraspcdn.tak028.top
1 zipservice.adalliance.io lohraspcdn.tak028.top
1 cdn.opecloud.com lohraspcdn.tak028.top
1 te.technical-service.net lohraspcdn.tak028.top
1 bilder-a.akamaihd.net lohraspcdn.tak028.top
1 sams.spiegel.de lohraspcdn.tak028.top
1 lohraspcdn.tak028.top
97 35
Subject Issuer Validity Valid
lohraspcdn.tak028.top
R3
2023-11-29 -
2024-02-27
3 months crt.sh
cdn.prod.www.spiegel.de
R3
2023-10-23 -
2024-01-21
3 months crt.sh
interactive.spiegel.de
R3
2023-10-02 -
2023-12-31
3 months crt.sh
omny.fm
Cloudflare Inc ECC CA-3
2023-08-18 -
2024-08-17
a year crt.sh
amp-manager-magazin-de.manager-magazin.de
R3
2023-11-28 -
2024-02-26
3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2024-08-10
a year crt.sh
sams.spiegel.de
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-02 -
2024-11-01
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh
te.technical-service.net
Amazon RSA 2048 M01
2023-08-01 -
2024-08-29
a year crt.sh
cdn.opecloud.com
Amazon RSA 2048 M02
2023-02-23 -
2024-02-13
a year crt.sh
*.profiles.tagger.opecloud.com
Amazon RSA 2048 M02
2023-11-27 -
2024-12-25
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.adalliance.io
Thawte TLS RSA CA G1
2023-11-08 -
2024-11-07
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2023-09-17 -
2024-09-17
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
static.emsservice.de
R3
2023-11-14 -
2024-02-12
3 months crt.sh
*.privacy-mgmt.com
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.xplosion.de
R3
2023-11-22 -
2024-02-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.dcapi.tagger.opecloud.com
Amazon RSA 2048 M02
2023-08-21 -
2024-09-19
a year crt.sh
*.tagger.opecloud.com
Amazon RSA 2048 M01
2023-05-03 -
2024-05-31
a year crt.sh

This page contains 7 frames:

Primary Page: https://lohraspcdn.tak028.top/
Frame ID: DD51293F36431D32A7F86C6B549F38B3
Requests: 106 HTTP requests in this frame

Frame: https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=eef717d4-a8b0-45b3-a2b7-51f680ef2385&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Frame ID: 7353E53D21CBE6471A6D3514DCCC7560
Requests: 10 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.4598679276892821&type=h
Frame ID: 1537329F5B61A6B1DE9EE37544E7F423
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 23DFF8BD8CE290A58E770C69A183A897
Requests: 2 HTTP requests in this frame

Frame: https://99ad941381cf234693393f4b704148af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CDEB984340F2B31ACF88BFE7DA03B62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F496EB66888F4FDD1D220E8CCEAD9F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E657B571DBDD4E377C6DCFB22C52B41
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

DER SPIEGEL | Online-Nachrichten

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

97
Requests

97 %
HTTPS

30 %
IPv6

20
Domains

35
Subdomains

30
IPs

5
Countries

1931 kB
Transfer

5616 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://adalliance.tagger.opecloud.com/adalliance/v2/pixel.gif?url=https%3A%2F%2Flohraspcdn.tak028.top%2F&ref=&tref=&tz=10&screen=1600x1200x24&visiturl=https%3A%2F%2Flohraspcdn.tak028.top%2F&dcRegion=us-east-1&cmpstatus=gdprdoesnotapply&e=%5B%5D&fpid=cc74cc3c-6579-4e76-8621-117128ff828a HTTP 302
  • https://adalliance.tagger.opecloud.com/adalliance/v2/pixel.gif?e=%5B%5D&tref=&url=https%3A%2F%2Flohraspcdn.tak028.top%2F&tz=10&trackability-redirect=true&visiturl=https%3A%2F%2Flohraspcdn.tak028.top%2F&ref=&fpid=cc74cc3c-6579-4e76-8621-117128ff828a&screen=1600x1200x24&cmpstatus=gdprdoesnotapply&dcRegion=us-east-1 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fadalliance.tagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dadalliance%26state%3D2-SBzpPEfb8hWGdwbVoaMPWJk%252FwSaL3jOiHOhwbsA%253D%26puid%3D%24UID HTTP 302
  • https://adalliance.tagger.opecloud.com/appnexus/pbfs.gif?source=adalliance&state=2-SBzpPEfb8hWGdwbVoaMPWJk%2FwSaL3jOiHOhwbsA%3D&puid=4626605611139248764 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-q80lSpAyfTXl6NrXaDf6eALw%252FjHScxIB9TBrRps%253D%26source%3Dadalliance&puid=%25%25TDID%25%25 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-q80lSpAyfTXl6NrXaDf6eALw%252FjHScxIB9TBrRps%253D%26source%3Dadalliance&puid=%25%25TDID%25%25 HTTP 302
  • https://tagger.opecloud.com/tradedesk/pbfs.gif?puid=616f09f1-a7cc-4d99-b3d1-b23f8c14160b&state=2-q80lSpAyfTXl6NrXaDf6eALw%2FjHScxIB9TBrRps%3D&source=adalliance HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-O9J2NSVv%2BQVvxz20kWfFJBfwSKH5o1PAgVfxO6M%3D&source=adalliance HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-O9J2NSVv%2BQVvxz20kWfFJBfwSKH5o1PAgVfxO6M%3D&source=adalliance&google_tc= HTTP 302
  • https://tagger.opecloud.com/dbm/opecs.gif?state=2-O9J2NSVv%2BQVvxz20kWfFJBfwSKH5o1PAgVfxO6M%3D&source=adalliance&google_gid=CAESEGy2YEBulSj_a6tJgBI-gdA&google_cver=1 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Ftagger.opecloud.com%2Fadition%2Fpbfs.gif%3Fsource%3Dadalliance%26state%3D2-BYOuuBqg8Py27EeqbVneadaQQGEmTTRQsD%252FZ%252BKQ%253D%26puid%3D%25%25COOKIE%25%25 HTTP 302
  • https://tagger.opecloud.com/adition/pbfs.gif?source=adalliance&state=2-BYOuuBqg8Py27EeqbVneadaQQGEmTTRQsD%2FZ%2BKQ%3D&puid=7307969858682484885
Request Chain 98
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 108
  • https://dyn.emetriq.de/loader/86497/default.js?_&0.5225388964064022& HTTP 301
  • https://ups.xplosion.de/loader/86497/default.js?_&0.5225388964064022&

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lohraspcdn.tak028.top/
1 MB
227 KB
Document
General
Full URL
https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.58.112 , Turkey, ASN48011 (DIGITURUNC, TR),
Reverse DNS
62-204-58-112.digiturunc.com
Software
nginx/1.24.0 /
Resource Hash
35c913b9dbe8c4b180b31096741ef3114bce57f9f37edecc87f74f179af64c4f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=2592000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=0,s-maxage=90
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 12:15:21 GMT
server
nginx/1.24.0
strict-transport-security
max-age=2592000;
vary
X-Forwarded-Proto, X-Authorized-Sppur, Accept-Encoding
via
1.1 google
x-cache
HIT
x-cache-grace
3600.000
styles.11a1912e8354e463715d.css
cdn.prod.www.spiegel.de/public/spon/generated/css/
90 KB
16 KB
Stylesheet
General
Full URL
https://cdn.prod.www.spiegel.de/public/spon/generated/css/styles.11a1912e8354e463715d.css
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ae2e8470977c2f977f5255093f2167fed30305361a29a1c9c229afef2aed6ac9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 14 Nov 2023 10:01:38 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1699865474
etag
W/"11a1912e8354e463715d778944339fdd"
vary
Accept-Encoding
content-type
text/css
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
15710
expires
Tue, 14 Nov 2023 11:04:07 GMT
commons.1fb192978176ab9c5ab9.js
cdn.prod.www.spiegel.de/public/shared/generated/js/
40 KB
12 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/generated/js/commons.1fb192978176ab9c5ab9.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
effea39115f8e678dcd549082abcbe0402c7729cee6591e8dec3ce27857fab27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701085247
etag
W/"401b8cd3c5445c9da7bb537a8532f044"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
11913
expires
Tue, 28 Nov 2023 11:04:29 GMT
header.656594cc00f32d1b2792.js
cdn.prod.www.spiegel.de/public/shared/generated/js/
9 KB
3 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/generated/js/header.656594cc00f32d1b2792.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
065a0f4caeadf4edd6516b5f852483cbe5c881370b4eececa4c01f02244b276a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701085247
etag
W/"671c781c45795085483f5182c004cade"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
2833
expires
Tue, 28 Nov 2023 11:04:29 GMT
vendors.097fb2eaf280092bab9a.js
cdn.prod.www.spiegel.de/public/shared/generated/js/
157 KB
48 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/generated/js/vendors.097fb2eaf280092bab9a.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b685658dd4cecaeab3aea68dede5fc08f0f8d8b199180f93006e20882b18082

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701085247
etag
W/"0aba066ad396f5c296c377873c5583b5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
49066
expires
Tue, 28 Nov 2023 11:04:29 GMT
index.b21a95b23d9a8107787e.js
cdn.prod.www.spiegel.de/public/shared/generated/js/
213 KB
50 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/generated/js/index.b21a95b23d9a8107787e.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
337b55f5dca7e0300948455aede7ca245935b0652c0e5cbec49d801599ba5ebf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701085247
etag
W/"e7e31323627bafa9c6ed5447c00c892a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
50436
expires
Tue, 28 Nov 2023 11:04:29 GMT
SpiegelSans4UI-Bold.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
39 KB
39 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSans4UI-Bold.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"b34cfff725375ac3000e39c300104028"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
39692
expires
Tue, 28 Nov 2023 23:10:02 GMT
SpiegelSans4UI-Regular.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
38 KB
38 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSans4UI-Regular.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Wed, 22 Nov 2023 10:26:53 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"334ab4d3ad92620872b3cd2bd46a8b73"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
38464
expires
Sun, 26 Nov 2023 12:12:00 GMT
SpiegelSlab4UICd-ExtraBold.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
32 KB
32 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSlab4UICd-ExtraBold.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701079984
etag
"04b23c9d0b8f65be2b6c59479763e822"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
32624
expires
Tue, 28 Nov 2023 14:38:58 GMT
SpiegelSans4-6SemiBold.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
11 KB
11 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSans4-6SemiBold.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4986cfef70f57a3c524b749439a2b5b35be0f0fd2b18280dabe09bb721ce3c43

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"97e433a12662ca84b78c6e4af5506135"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
11344
expires
Tue, 28 Nov 2023 14:51:26 GMT
SpiegelSerifTextUI-Regular.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
40 KB
40 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifTextUI-Regular.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8781a2a3d250e769c7264d57b2836a9e180d5452e9212d6d51d1ea4093ffd45

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Thu, 30 Nov 2023 10:38:26 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701172252
etag
"16b1c82353e002cc9a4b3c0551788559"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
40736
expires
Fri, 01 Dec 2023 06:21:52 GMT
SpiegelSerifTextUI-Italic.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
32 KB
33 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifTextUI-Italic.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f90a5f8301aeffcf946f92c5059191703f269d82bdd5be8302b8cc8be963cc6a

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Wed, 22 Nov 2023 10:26:54 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"dac9bba73ae7973662775fd59b233641"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
33168
expires
Sat, 25 Nov 2023 13:58:47 GMT
SpiegelSerifTextUI-Bold.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
31 KB
31 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifTextUI-Bold.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
813947ddc6405f4e35f985440cb938198a83d8d895a62ace5076b267b3120dc3

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Wed, 22 Nov 2023 10:26:54 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"18cc1fcfdac7ee4801b8491a2dd1da3c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
31412
expires
Sun, 26 Nov 2023 23:45:27 GMT
SpiegelSerifTextUI-BoldItalic.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
33 KB
33 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifTextUI-BoldItalic.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8021c17932ea41e5e8fd0db9af0202110f5156eab8f2473eb2eb3e650c5e2d0

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Tue, 28 Nov 2023 10:01:43 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1701079984
etag
"c1d259b6279a6ea9254d57aa92d9fb77"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
33816
expires
Wed, 29 Nov 2023 08:13:18 GMT
SpiegelSerifDisplayUI-BoldItalic.woff2
cdn.prod.www.spiegel.de/public/shared/fonts/
33 KB
34 KB
Font
General
Full URL
https://cdn.prod.www.spiegel.de/public/shared/fonts/SpiegelSerifDisplayUI-BoldItalic.woff2
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c931dec2166efa07832b7cdb52ff3e3f00ffe7a3c3563b4db8b762a1e096a08e

Request headers

Referer
https://lohraspcdn.tak028.top/
Origin
https://lohraspcdn.tak028.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Wed, 22 Nov 2023 10:26:53 GMT
x-ttl
86400.000
x-cache-grace
3600.000
x-goog-meta-goog-reserved-file-mtime
1700575992
etag
"882c0a05482c2c0eb186726fdab46113"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, s-maxage=604800, max-age=604800
accept-ranges
bytes
content-length
34256
expires
Tue, 28 Nov 2023 05:59:30 GMT
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
469690dfd142afa3744ab4911e65e2379d6add7844a25db8aaaf0e65f749db8e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
094f03d2-9a4b-409f-9e25-4870a6651090_w720_r1.778_fpx52_fpy45.webp
cdn.prod.www.spiegel.de/images/
47 KB
47 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/094f03d2-9a4b-409f-9e25-4870a6651090_w720_r1.778_fpx52_fpy45.webp
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a03b7af602fa9d955c4954c02f4bb2fa03311083bf4e138f77eebb471b2fd935

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:17:50 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"4b1f9ebdc91802bcdd5c0f41654147d5"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
47928
expires
Fri, 01 Dec 2023 17:18:07 GMT
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6a94dbcbc21076862a94ff3b6411e14b2199db566e97ba427f0a84e570a4a95

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e259ff19f7a1d952eec7d0035c8d685ee6305fb56d17d697f5d9ec65b860484a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a05847c3f2f5a4c4931a1fbcfca2dcd37d5d60ba1090f20a8cc3e896bf92dea

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
92 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e623198d33f383cf5bc971100ea3596389d1c94d417841fd9fd3b90831e78612

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
ws.csv
interactive.spiegel.de/gra/apps/wissenschaft/2023/warming-stripes/v0/
1 KB
790 B
Fetch
General
Full URL
https://interactive.spiegel.de/gra/apps/wissenschaft/2023/warming-stripes/v0/ws.csv
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f9d890f6c6e525a34f5268ed07841bb790109871ff780db21cbfe8348be7f98d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Mon, 27 Nov 2023 10:54:12 GMT
x-ttl
1800.000
x-cache-grace
300.000
etag
W/"dc547c621448c5138cf80edf7cd26cab"
vary
Accept-Encoding
content-type
text/csv
access-control-allow-origin
*
cache-control
public, s-maxage=10800, max-age=10800
accept-ranges
bytes
content-length
531
expires
Tue, 28 Nov 2023 12:14:12 GMT
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
307c29ce6b7e955c2895c6f771e4bd221bbc8caed8acdbaa7d58598b25ce161b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db038ead1a7102425b895809d65ca3e6d9521ff4399229497ae9a575f3cfaf30

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4641263e04dff132a7f1e4d225ed41f609a718b875d9749c30cef4c81c17799e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
027ec9d50e541956f8be140fbc8c2b214ae44ae9405db409730311814eb9e9c9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01ad95c30ab8bafb85c61826be949d9625c509f0d6ccb4ca921cfac5d87509d6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c054a1f854b682947214e3245f5721f4e9dea0dc4669e3ec480521599beb1060

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cd21742d03ce8fdc56a66e00db3b7f360212099ab033e6b1d335b8d056f5de3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34e62b970ab1831e45441dd0711026f99216315b038935e1040b658bc8ed0a14

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b74ea72c4f6103c31606e7918ea026b8b14c4b4579910f08440a815f0620ec7b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dfd4b968aabfe1058b714f8c54de85cec9eb55cec9d51548b4c646cb4e3463b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d8281f67004dd29f3ee6ae1ec40489f79b4e6c6f98d6e2042ded26126148d2b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
ws.csv
interactive.spiegel.de/gra/apps/wissenschaft/2023/warming-stripes/v0/
1 KB
790 B
Fetch
General
Full URL
https://interactive.spiegel.de/gra/apps/wissenschaft/2023/warming-stripes/v0/ws.csv
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f9d890f6c6e525a34f5268ed07841bb790109871ff780db21cbfe8348be7f98d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
last-modified
Mon, 27 Nov 2023 10:54:12 GMT
x-ttl
1800.000
x-cache-grace
300.000
etag
W/"dc547c621448c5138cf80edf7cd26cab"
vary
Accept-Encoding
content-type
text/csv
access-control-allow-origin
*
cache-control
public, s-maxage=10800, max-age=10800
accept-ranges
bytes
content-length
531
expires
Tue, 28 Nov 2023 12:14:12 GMT
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b3b64353ca4f6878606cecdc4c99899031e956763ca27dade44f46f2db74893

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10ff0d60bfd122c6111c16a95dce08e3ac4c0c2625e9dc89df5fc1bfc20fffa3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
92 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e13911b55e63800e1fd4fd89ba3a333107c7b04d7906b385da4ee38d4a105588

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e34e3767438924f7a921fe6e947f831717a0f9905343f5941b2fb108fe8762d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c1caa3c9865973b486795b763065327d37f241e30f43064f7779c45560a814

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9f1dcff795fb3edeb001c9e566ccb85edfc7e174cd0cc0e4d05766bd534eb2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f27bf250b76a9086dab149430370668a431e1ec8dfc28d1e91662a24fc6e3d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
94 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff3e82c0365229a9f962f063a601da8eee495129132628a8a9c5a6e13eab98ce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
560264c04c8234afbce89f4b26d6009ee64d5d18cad14992f9a473fee1ec152c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
624aa195716c9815c3236f3fef49383dbced2596c7430bb4069ec4e323e30239

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
331d866a911b6978849e8239e720b1e82e43014aadb74978cab4e5d3b2b78671

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
96 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8743628c7b7732ffaa9cb69c3ed9f906f378a2710d43371f0a10c08b37fc52f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
96 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32f9db0a1a05fd7e7bdbc75f42c15a5beae9053150de7c005f02c7a8397daae4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
clips
omny.fm/api/orgs/5ac1e950-45c7-4eb7-87c0-aa0f018441b8/playlists/4c18e072-24d2-4d60-9a42-abc00102c97e/
5 KB
2 KB
Fetch
General
Full URL
https://omny.fm/api/orgs/5ac1e950-45c7-4eb7-87c0-aa0f018441b8/playlists/4c18e072-24d2-4d60-9a42-abc00102c97e/clips?pageSize=1
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d998fb5f5c9aff497598fcf5704f1c5f4731cdb9b0fdb4c930311baaa41e0aaf

Request headers

Referer
https://lohraspcdn.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 12:15:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 02 Dec 2023 11:23:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=120
cf-ray
82f37eb91a594bcc-BUF
alt-svc
h3=":443"; ma=86400
breakingnews.json
cdn.prod.www.spiegel.de/assets/news/
2 B
199 B
Fetch
General
Full URL
https://cdn.prod.www.spiegel.de/assets/news/breakingnews.json
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
content-encoding
gzip
akamai-cache-status
Miss from child, Hit from parent
x-cache-grace
10.000
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=30,s-maxage=30
accept-ranges
bytes
content-length
22
wrapperMessagingWithoutDetection.js
sp-spiegel-de.spiegel.de/unified/
123 KB
38 KB
Script
General
Full URL
https://sp-spiegel-de.spiegel.de/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:20:18 GMT
content-encoding
gzip
via
1.1 eaaf15907191c2ffe9bca255f7e191f6.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:08:07 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C3
age
3305
x-amz-server-side-encryption
AES256
etag
W/"74fa9eeecc0f7ce308ddca60b7ef2b93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
jt9DFK-KP2-fO-R0oPzNcVemv6XDoB7HpxcPIbDYlgLbOd8TcVEg7w==
launch-1f27b0b1677f.min.js
assets.adobedtm.com/cc10f7b4369d/bc7780f78333/
574 KB
139 KB
Script
General
Full URL
https://assets.adobedtm.com/cc10f7b4369d/bc7780f78333/launch-1f27b0b1677f.min.js
Requested by
Host: cdn.prod.www.spiegel.de
URL: https://cdn.prod.www.spiegel.de/public/shared/generated/js/index.b21a95b23d9a8107787e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8f7eaea2c1460c5447d090193cec088be298fcc777cfd4ee6aa006dfa64d358a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:23 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 06:03:35 GMT
server
AkamaiNetStorage
etag
"cb400db5d1f044115d27651064b44eeb:1700633015.053634"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://lohraspcdn.tak028.top
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
141598
expires
Sat, 02 Dec 2023 13:15:23 GMT
ea93aa3e-e44f-44f3-9ef8-1bea08d43ef6_w168_r0.66_fpx50_fpy28.13.webp
cdn.prod.www.spiegel.de/images/
9 KB
9 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/ea93aa3e-e44f-44f3-9ef8-1bea08d43ef6_w168_r0.66_fpx50_fpy28.13.webp
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
be94a6295277a3ec39c70cdfba958062d07d07e1ad61d1e35e679ba9d1970b18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:37:54 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"ecfb55f32580973e41506ad55cf6ae91"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
9358
expires
Fri, 01 Dec 2023 17:49:06 GMT
e31e0abc-41e5-479d-b695-fa2a643b56a7_w168_r0.66_fpx45.22_fpy46.99.webp
cdn.prod.www.spiegel.de/images/
12 KB
13 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/e31e0abc-41e5-479d-b695-fa2a643b56a7_w168_r0.66_fpx45.22_fpy46.99.webp
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ccd368d2cc4e1eb0f3a2b0bb1be416ff3bd3e21c0900154c21eb9cbddbad472e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Thu, 30 Nov 2023 15:59:24 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"4b2a01bb72285bbcb30a30c0b67cc703"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
12774
expires
Fri, 01 Dec 2023 05:52:34 GMT
f9217b0d-a384-4d33-a810-4c8030dc4944_w168_r0.66_fpx35.99_fpy49.99.webp
cdn.prod.www.spiegel.de/images/
17 KB
17 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/f9217b0d-a384-4d33-a810-4c8030dc4944_w168_r0.66_fpx35.99_fpy49.99.webp
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b82b44bf65db27b74faae64a4194920919d08f0fb311d56da55d5f9d27cb3e3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 09:22:39 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"b9e2134c58096820e4547cd43c76c36b"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
17336
expires
Fri, 01 Dec 2023 17:49:06 GMT
0558e30a-d401-490f-977d-7db8a9b9e448_w168_r0.66_fpx50_fpy40.47.webp
cdn.prod.www.spiegel.de/images/
10 KB
10 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/0558e30a-d401-490f-977d-7db8a9b9e448_w168_r0.66_fpx50_fpy40.47.webp
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
96027e0b03463d27e3c6f815149f5ce075dccfeb06b6f7935aa876b40b6664ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:37:12 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"64e58c108a2c73a25bcd4095c51ef8cd"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
9792
expires
Fri, 01 Dec 2023 17:54:40 GMT
094f03d2-9a4b-409f-9e25-4870a6651090_w168_r0.66_fpx51_fpy47.webp
cdn.prod.www.spiegel.de/images/
16 KB
16 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/094f03d2-9a4b-409f-9e25-4870a6651090_w168_r0.66_fpx51_fpy47.webp
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ed5ab0855b6eb557dc4fc3349c8e3201842db7cc0c006fef8186eff6d528289

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:37:13 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"a47487042f0bd042df26a32ec9e6228f"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
16558
expires
Fri, 01 Dec 2023 17:54:41 GMT
9112cb9b-029d-4dbf-be2a-3e3109508d15_w168_r0.66_fpx55.32_fpy54.95.webp
cdn.prod.www.spiegel.de/images/
10 KB
10 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/9112cb9b-029d-4dbf-be2a-3e3109508d15_w168_r0.66_fpx55.32_fpy54.95.webp
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
83d499d63224ad99634f9bbc0914f3a2393da23359a7e2dc950457ce13014d7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Hit from child
last-modified
Fri, 01 Dec 2023 16:37:13 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"c062954e460cc3c81e0da15e278bd51f"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
9874
expires
Fri, 01 Dec 2023 17:54:42 GMT
73fc76cd-ca61-4bcc-a648-819861939c37_w720_r1.778_fpx56_fpy50.webp
cdn.prod.www.spiegel.de/images/
45 KB
45 KB
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/73fc76cd-ca61-4bcc-a648-819861939c37_w720_r1.778_fpx56_fpy50.webp
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3a4f5b30d1ff0314a95a2ce26ab2fe6fa1c42027bd350f3ea62c936c6b82520b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:22 GMT
akamai-cache-status
Miss from child, Hit from parent
last-modified
Sat, 02 Dec 2023 12:11:23 GMT
x-ttl
900.000
x-cache-grace
300.000
etag
"5f02a13f8160e0f5ba9d52632d2dde25"
content-type
image/webp
cache-control
public, s-maxage=2592000, max-age=2592000
accept-ranges
bytes
content-length
46048
expires
Sat, 02 Dec 2023 13:11:26 GMT
1f7531524-7c8e4-d367-8e61-a4413937879b_w910h_600_fpx29.95_fpy44.94.jpg
cdn.prod.www.spiegel.de/images/
68 B
312 B
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/1f7531524-7c8e4-d367-8e61-a4413937879b_w910h_600_fpx29.95_fpy44.94.jpg
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:15:23 GMT
akamai-cache-status
Miss from child, Miss from parent
server
ADFCDN/5.2.3
x-powered-by
AdDefend GmbH
content-type
image/png
cache-control
max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges
bytes
content-length
68
expires
0
id
sams.spiegel.de/
48 B
461 B
XHR
General
Full URL
https://sams.spiegel.de/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=79655FCF5C1D42160A495E15%40AdobeOrg&mid=38132319256070368618562618808118511290&d_coppa=true&ts=1701519323185
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
cedfeb84a0e11cefe16ab868b41073a69738ba53e3ef3b5f6707d04fdd69f5d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lohraspcdn.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Dec 2023 12:15:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://lohraspcdn.tak028.top
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/
34 KB
13 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:23 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://lohraspcdn.tak028.top
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12687
expires
Sat, 02 Dec 2023 13:15:23 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
35e1ca516492f5d721502a1f38f387fb0459469d57573c7137f0dd9018cd1207

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:23 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:27 GMT
server
AkamaiNetStorage
etag
"308e7196ecac7be14c7ad5cb14630137:1694496807.005407"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://lohraspcdn.tak028.top
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8755
expires
Sat, 02 Dec 2023 13:15:23 GMT
e57791064-cdfe4-5967-7f05-01011237879b_w910h_600_fpx29.95_fpy44.94.jpg.jpg
cdn.prod.www.spiegel.de/images/banners/
68 B
312 B
Image
General
Full URL
https://cdn.prod.www.spiegel.de/images/banners/e57791064-cdfe4-5967-7f05-01011237879b_w910h_600_fpx29.95_fpy44.94.jpg.jpg
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:15:23 GMT
akamai-cache-status
Miss from child, Miss from parent
server
ADFCDN/5.2.3
x-powered-by
AdDefend GmbH
content-type
image/png
cache-control
max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges
bytes
content-length
68
expires
0
gdpr-tcf.29a1390ca5468e08c1ee.bundle.js
sp-spiegel-de.spiegel.de/unified/4.13.4/
134 KB
22 KB
Script
General
Full URL
https://sp-spiegel-de.spiegel.de/unified/4.13.4/gdpr-tcf.29a1390ca5468e08c1ee.bundle.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e461ec99a1d40286ccdb0e737880e244c8e6dbb509f2a62e117a74e8a2c03065

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 08:26:00 GMT
content-encoding
br
via
1.1 eaaf15907191c2ffe9bca255f7e191f6.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 19:09:03 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C3
age
2087364
etag
W/"44467dde87d7b7afea5d9256b34c9523"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
QLYNafzXsPGOrgmXWmU68XvWpxoIyoO0XJnxaMupmpnTGounnJA30w==
get_site_data
sp-spiegel-de.spiegel.de/mms/v2/
209 B
1 KB
XHR
General
Full URL
https://sp-spiegel-de.spiegel.de/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fspiegel-ads&account_id=331
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
/
Resource Hash
7f943470ac510b922aca5671c2f7629dd56daf7941e16724df80f0c3c8768c06
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 10:25:28 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-17-56
via
1.1 738c4d7519e726c557e6997ecf719e4a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C3
age
6595
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
NwSjsXTCbk4faoMw4yu25RnetF_EdV_9N-Ph-LkVpaybU3UAMuIupw==
4c18e072-24d2-4d60-9a42-abc00102c97e
omny.fm/api/orgs/5ac1e950-45c7-4eb7-87c0-aa0f018441b8/playlists/
2 KB
963 B
Fetch
General
Full URL
https://omny.fm/api/orgs/5ac1e950-45c7-4eb7-87c0-aa0f018441b8/playlists/4c18e072-24d2-4d60-9a42-abc00102c97e
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb17b019e3f8dab490647d1727b304a04516859089e7562362eab3f8e765e00

Request headers

Referer
https://lohraspcdn.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 12:15:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 02 Dec 2023 11:23:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=120
cf-ray
82f37ebc0a684bcc-BUF
alt-svc
h3=":443"; ma=86400
meta-data
sp-spiegel-de.spiegel.de/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/meta-data?hasCsp=true&accountId=331&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=31256&ch=null&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://lohraspcdn.tak028.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
2806
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 02 Dec 2023 11:28:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 738c4d7519e726c557e6997ecf719e4a.cloudfront.net (CloudFront)
x-amz-cf-id
tQWvOGPa-pyt7wa6t-5hqE8fKYBM64zB0cyN1pn0WUvccGf8P0HfdA==
x-amz-cf-pop
IAH50-C3
x-cache
Hit from cloudfront
x-powered-by
Express
meta-data
sp-spiegel-de.spiegel.de/wrapper/v2/
227 B
763 B
XHR
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/meta-data?hasCsp=true&accountId=331&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=31256&ch=null&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
/ Express
Resource Hash
8109d7f45b41af473bc04a75c7875a2cdefc989d1fd201173dd173141bae95a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://lohraspcdn.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Dec 2023 12:07:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 738c4d7519e726c557e6997ecf719e4a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C3
age
458
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
227
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
pMQsDT1a1p4QI00gl9DlUz4kN-VAxCFlud--ORJW1kExLCbzyyXgqg==
messages
sp-spiegel-de.spiegel.de/wrapper/v2/
359 KB
251 KB
XHR
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A331%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22platform%22%3A%22web%22%2C%22is_phone%22%3Afalse%2C%22is_tablet%22%3Afalse%2C%22is_mobile%22%3Afalse%2C%22route%22%3A%22homepage%22%2C%22is_loggedIn%22%3Afalse%2C%22has_paid_access%22%3Afalse%2C%22has_noAds_access%22%3Afalse%2C%22has_conditional_access%22%3Atrue%2C%22disable_consent%22%3Afalse%2C%22lang%22%3A%22en%22%2C%22requestMessage%22%3A%22consent-layer%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsp-spiegel-de.spiegel.de%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fspiegel-ads%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=437313036437313036c9e6&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
/ Express
Resource Hash
e4074b6be25e680791d8ef9e54295e41a798a6f67344bb0db5a73d86173aef52
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://lohraspcdn.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Dec 2023 12:00:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 738c4d7519e726c557e6997ecf719e4a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C3
age
895
x-powered-by
Express
x-cache
Hit from cloudfront
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
8C5wpx0zDAWyHxJGuJT2K2abXQbNMshd33cqT5NBUpuM-KnFB5yFKg==
messages
sp-spiegel-de.spiegel.de/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A331%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22platform%22%3A%22web%22%2C%22is_phone%22%3Afalse%2C%22is_tablet%22%3Afalse%2C%22is_mobile%22%3Afalse%2C%22route%22%3A%22homepage%22%2C%22is_loggedIn%22%3Afalse%2C%22has_paid_access%22%3Afalse%2C%22has_noAds_access%22%3Afalse%2C%22has_conditional_access%22%3Atrue%2C%22disable_consent%22%3Afalse%2C%22lang%22%3A%22en%22%2C%22requestMessage%22%3A%22consent-layer%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsp-spiegel-de.spiegel.de%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fspiegel-ads%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=437313036437313036c9e6&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://lohraspcdn.tak028.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
60796
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 01 Dec 2023 19:22:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 738c4d7519e726c557e6997ecf719e4a.cloudfront.net (CloudFront)
x-amz-cf-id
5PkbdpEcGjJ61rXIXGyXj8OVyfP0inRqOFBhFHSo0aQAbDjQcEngAQ==
x-amz-cf-pop
IAH50-C3
x-cache
Hit from cloudfront
x-powered-by
Express
pv-data
sp-spiegel-de.spiegel.de/wrapper/v2/ Frame
0
0
Preflight
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=437313036437313036c9e6&scriptVersion=4.13.4&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lohraspcdn.tak028.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://lohraspcdn.tak028.top
allow
POST
cache-control
no-cache, no-store
content-length
4
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 12:15:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 738c4d7519e726c557e6997ecf719e4a.cloudfront.net (CloudFront)
x-amz-cf-id
IsPiMjQNUDNMP6qzpGPAURmGGy3eedl9b66APGj3uveXawHv-Pwf6w==
x-amz-cf-pop
IAH50-C3
x-cache
Miss from cloudfront
x-powered-by
Express
live.top.js
cdn.prod.www.spiegel.de/public/cron/spon/js/guj/
189 KB
38 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/cron/spon/js/guj/live.top.js
Requested by
Host: cdn.prod.www.spiegel.de
URL: https://cdn.prod.www.spiegel.de/public/shared/generated/js/index.b21a95b23d9a8107787e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
db0133036797b0b58666bdd362d018ebcee660fc31e94e93659e03572bb77676

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
akamai-cache-status
Miss from child, Hit from parent
last-modified
Sat, 02 Dec 2023 12:14:37 GMT
x-ttl
30.000
x-cache-grace
30.000
etag
W/"2b3b47b091a8caccbd830a39ffb99598"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=30, max-age=120
accept-ranges
bytes
content-length
38543
expires
Sat, 02 Dec 2023 13:15:12 GMT
pv-data
sp-spiegel-de.spiegel.de/wrapper/v2/
195 B
737 B
XHR
General
Full URL
https://sp-spiegel-de.spiegel.de/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=437313036437313036c9e6&scriptVersion=4.13.4&scriptType=unified
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
/ Express
Resource Hash
a1eda44c9643b8bf60f6b2ade0ebb9a90a84918ff441c604c56f64b9c2dedb77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://lohraspcdn.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 738c4d7519e726c557e6997ecf719e4a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C3
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lohraspcdn.tak028.top
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
195
x-amz-cf-id
l1oGhOFWStidyyivGrwx7QTywhCZlM71tTElahnEShRhkFaAvHJXlQ==
index.html
sp-spiegel-de.spiegel.de/ Frame 7353
5 KB
2 KB
Document
General
Full URL
https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=eef717d4-a8b0-45b3-a2b7-51f680ef2385&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701

Request headers

Referer
https://lohraspcdn.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3114
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Sat, 02 Dec 2023 11:23:31 GMT
etag
W/"5bd8512ba573dfffcca16bcba94d75a2"
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 eaaf15907191c2ffe9bca255f7e191f6.cloudfront.net (CloudFront)
x-amz-cf-id
z_eVAPwg-Z3Y_rg7z08J7FMarkScfgs9ZHQ86wADkDjrP2z0daTgMw==
x-amz-cf-pop
IAH50-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
live.bottom.js
cdn.prod.www.spiegel.de/public/cron/spon/js/guj/
281 KB
71 KB
Script
General
Full URL
https://cdn.prod.www.spiegel.de/public/cron/spon/js/guj/live.bottom.js
Requested by
Host: cdn.prod.www.spiegel.de
URL: https://cdn.prod.www.spiegel.de/public/shared/generated/js/index.b21a95b23d9a8107787e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:30::1739:5a6d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
df73f4b9c8590be28d0b642b1b10b224f13fc1497089b57e78b829c7c78a3e75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
akamai-cache-status
Miss from child, Hit from parent
last-modified
Sat, 02 Dec 2023 12:14:38 GMT
x-ttl
30.000
x-cache-grace
30.000
etag
W/"e2ad3ba06392baf1224b26f8417b6ceb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=30, max-age=120
accept-ranges
bytes
content-length
72393
expires
Sat, 02 Dec 2023 13:14:49 GMT
blockadblock.min.js
bilder-a.akamaihd.net/ip/js/ipdvdc/
5 KB
2 KB
Script
General
Full URL
https://bilder-a.akamaihd.net/ip/js/ipdvdc/blockadblock.min.js?0.34922939503782224&
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.223.209.35 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-209-35.deploy.static.akamaitechnologies.com
Software
ATS/7.1.2 /
Resource Hash
4285ac395a438cdc6ba800a527f32d7872c3f6de7ed3deac592f521390a7d1e6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=86400
last-modified
Mon, 04 Sep 2017 11:22:03 GMT
server
ATS/7.1.2
date
Sat, 02 Dec 2023 12:15:24 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1706
expires
Sat, 02 Dec 2023 12:15:38 GMT
api
te.technical-service.net/
659 B
2 KB
Fetch
General
Full URL
https://te.technical-service.net/api?pa=2&&bds=0&url=https://lohraspcdn.tak028.top/&uuidpd=304c8768-a495-4d39-adac-e98e67a2bf8a
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.12.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-12-134.eu-central-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
b473d7a28d1e4a207f1d6a480b340cc686e2304f061584a66fd604ed17671a68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
server
uvicorn
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://lohraspcdn.tak028.top
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
659
ope-adalliance.js
cdn.opecloud.com/
69 KB
14 KB
Script
General
Full URL
https://cdn.opecloud.com/ope-adalliance.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-81.jfk50.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
6f37ab119551d439d8d282dff2a6927fa9e95beb49115819403dfedda20edaaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:31:00 GMT
content-encoding
gzip
via
1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
last-modified
Tue, 21 Nov 2023 13:36:09 GMT
server
nginx/1.24.0
x-amz-cf-pop
JFK50-P7
age
2664
etag
W/"655cb249-11577"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800, public
x-amz-cf-id
Ly3DEfnt3Bankz6jCICslGGPbAcSV0LIW4P-315IPmvvmnWJm5XFBg==
expires
Sat, 09 Dec 2023 11:31:00 GMT
Notice.3a0d3.css
sp-spiegel-de.spiegel.de/ Frame 7353
33 KB
6 KB
Stylesheet
General
Full URL
https://sp-spiegel-de.spiegel.de/Notice.3a0d3.css
Requested by
Host: sp-spiegel-de.spiegel.de
URL: https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=eef717d4-a8b0-45b3-a2b7-51f680ef2385&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=eef717d4-a8b0-45b3-a2b7-51f680ef2385&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:41:36 GMT
content-encoding
gzip
via
1.1 eaaf15907191c2ffe9bca255f7e191f6.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C3
age
2029
x-amz-server-side-encryption
AES256
etag
W/"453680a5f8883be2b15dcb7878e5d351"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
Qh4c9QQgGAzhSk4NJDD14Wne-yzecai1qqbYOGNFkAJgNRy0c4bd1g==
polyfills.d36c5.js
sp-spiegel-de.spiegel.de/ Frame 7353
5 KB
2 KB
Script
General
Full URL
https://sp-spiegel-de.spiegel.de/polyfills.d36c5.js
Requested by
Host: sp-spiegel-de.spiegel.de
URL: https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=eef717d4-a8b0-45b3-a2b7-51f680ef2385&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=eef717d4-a8b0-45b3-a2b7-51f680ef2385&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:41:36 GMT
content-encoding
gzip
via
1.1 eaaf15907191c2ffe9bca255f7e191f6.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:11 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C3
age
2029
x-amz-server-side-encryption
AES256
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
UASp9rGs0YwYLohTg_0dK6CSoVp3i8t8KEQyLXRZgzeLxQDNw9e6oQ==
Notice.cfd37.js
sp-spiegel-de.spiegel.de/ Frame 7353
274 KB
72 KB
Script
General
Full URL
https://sp-spiegel-de.spiegel.de/Notice.cfd37.js
Requested by
Host: sp-spiegel-de.spiegel.de
URL: https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=eef717d4-a8b0-45b3-a2b7-51f680ef2385&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-118.iah50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sp-spiegel-de.spiegel.de/index.html?message_id=909365&consentUUID=null&requestUUID=eef717d4-a8b0-45b3-a2b7-51f680ef2385&preload_message=true&hasCsp=true&version=v1&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:41:36 GMT
content-encoding
gzip
via
1.1 eaaf15907191c2ffe9bca255f7e191f6.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 15:53:10 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C3
age
2029
x-amz-server-side-encryption
AES256
etag
W/"ab0bfa06558578f0cc888d8945749f5b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
BSAH8D0jwnfOu_fIvCnYSySK6kZrOpt0sLxFa7Sm1VAd7M8VxMx0XQ==
targeting
adalliance.profiles.tagger.opecloud.com/v1/
74 B
255 B
Fetch
General
Full URL
https://adalliance.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Flohraspcdn.tak028.top%2F&gdpr_applies=1&consent_string=CPgrvQAPgrvQAAGABBENCkCgAAAAAAAAAAYgAAAAAAAA.YAAAAAAAAAAA
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.220.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-220-34.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e806a31ac93e0747c4b8314d0a159aff85f4882862e84fcab4f9b7e408443671

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://lohraspcdn.tak028.top
date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
gpt.js
securepubads.g.doubleclick.net/tag/js/
91 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?0.1171328428617644&
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b0d621a1d45347b1080e4a35bed3fa307c5555251bfb6bc9c6e44724d8ad873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29970
x-xss-protection
0
server
cafe
etag
676 / 19693 / m202311150101 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 12:15:24 GMT
get
zipservice.adalliance.io/
64 B
323 B
Fetch
General
Full URL
https://zipservice.adalliance.io/get
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.114.33 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.33.114.9.5.clients.your-server.de
Software
openresty / Express
Resource Hash
d50f6218faf85af9ffb233e0bde4297df1790d99d2f2935fba38c3ca6490f002

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
server
openresty
x-powered-by
Express
etag
W/"40-8f4c6ae8"
vary
Origin
x-char
s5, s5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lohraspcdn.tak028.top
cache-control
public, max-age=300
access-control-allow-credentials
true
content-length
64
2x2
ad.yieldlab.net/d/7053789/631/ Frame 1537
307 B
781 B
Document
General
Full URL
https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.4598679276892821&type=h
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.50.98 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-50-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7b743e5d7796ad3eb7e0ea605632a74342b228d6ebccab817db387cabfc78d2

Request headers

Referer
https://lohraspcdn.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Language
en-US
Content-Length
307
Content-Type
text/html;charset=UTF-8
Date
Sat, 02 Dec 2023 12:15:24 GMT
Expires
Fri, 01 Dec 2023 12:15:24 GMT
Pragma
no-cache
apstag.js
c.amazon-adsystem.com/aax2/
267 KB
65 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js?
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:23:04 GMT
content-encoding
gzip
via
1.1 23c9ec01b6f4151f654547c0190aeebe.cloudfront.net (CloudFront), 1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:43 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK52-P4
age
3141
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
YaSaawHUVqTSWMphnrFzgMJmY6Ea72sY8SLwD1vkL7JML85GMqaNog==
async_usersync.html
acdn.adnxs.com/dmp/ Frame 23DF
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://lohraspcdn.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
13038
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 02 Dec 2023 12:15:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3911, 11718
X-Served-By
cache-lga13626-LGA, cache-yyz4527-YYZ
X-Timer
S1701519324.417867,VS0,VE0
render.dynamic.js
static.emsservice.de/molten/live/
8 KB
3 KB
Script
General
Full URL
https://static.emsservice.de/molten/live/render.dynamic.js?
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.13 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-13.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cb305d4e4a38aecc9bd5dae4ccb92cf983ff2582d9a2541ea6b489cea9792a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
content-length
2263
last-modified
Wed, 13 Sep 2023 13:21:30 GMT
server
AmazonS3
etag
"ec7bd615919ca57c4f5eddbc30fb45fb"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=23159
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JY5Djfa7nIxrT-hBZtiYSRmTtwVad23039dhLY21esySrQrG86scug==
expires
Sat, 02 Dec 2023 18:41:23 GMT
render.wp.js
static.emsservice.de/molten/live/
6 KB
3 KB
Script
General
Full URL
https://static.emsservice.de/molten/live/render.wp.js?
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.13 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-13.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e9f8ff23866bd848fe7ef4a4a38d85ced44742a5aad5c9f0b53f68bc5ea836b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
content-length
2209
last-modified
Wed, 13 Sep 2023 13:21:30 GMT
server
AmazonS3
etag
"ab75fa298a8192aa7bfffde5e8e41031"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=28126
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ne57f1AkSFMR5Ukh69oWIpXV2MgbgmihaxT2rny0KO79bnw7fYmZOg==
expires
Sat, 02 Dec 2023 20:04:10 GMT
render.fp.js
static.emsservice.de/molten/live/
7 KB
2 KB
Script
General
Full URL
https://static.emsservice.de/molten/live/render.fp.js?
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.13 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-13.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
158276d6ff64e9501a1e8ed6cf20e2d1f154425de149dbe5fbcbbdb60a326610

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
content-length
2071
last-modified
Wed, 22 Nov 2023 15:03:41 GMT
server
AmazonS3
etag
"7a352230d82b4ac7cc5012b96a9badb7"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=24942
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MtkvYUXM4G_Zr6Hm7XmFGRVgIXA4VLnQWnZh5JgSSW8BYid_1cfM0A==
expires
Sat, 02 Dec 2023 19:11:06 GMT
render.layer.js
static.emsservice.de/molten/live/
3 KB
2 KB
Script
General
Full URL
https://static.emsservice.de/molten/live/render.layer.js?
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.13 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-13.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
787420847ce82c0b7469a668d8f3b733d1af6e7c3e08f82c8476f863d5205bf0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
content-length
1351
last-modified
Wed, 09 Aug 2023 12:59:34 GMT
server
AmazonS3
etag
"b2269124662b1705c5d2db579f18952e"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=26139
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
zWR5cp1J2znpuED3uBZgrYsetpCrVcN3jKllhfIqpgn0Ed_ZcIQBAw==
expires
Sat, 02 Dec 2023 19:31:03 GMT
10225449,10225452,10225447,10225450,10225446,10225451,11228691,10225448
ad.yieldlab.net/yp/
154 B
651 B
Script
General
Full URL
https://ad.yieldlab.net/yp/10225449,10225452,10225447,10225450,10225446,10225451,11228691,10225448?t=consent%3Dyes%26clienttc%3D%26&pvid=1&pubref=https%3A%2F%2Flohraspcdn.tak028.top%2F&ids=&ts=0.7398240366612974&
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.50.98 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-50-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:15:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
124
Expires
Fri, 01 Dec 2023 12:15:24 GMT
12956915,12956960,12957005,11228691,12957050
ad.yieldlab.net/yp/
154 B
651 B
Script
General
Full URL
https://ad.yieldlab.net/yp/12956915,12956960,12957005,11228691,12957050?t=consent%3Dyes%26clienttc%3D%26&pvid=1&pubref=https%3A%2F%2Flohraspcdn.tak028.top%2F&ids=&ts=0.5589379406484831&
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.50.98 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-50-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:15:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
124
Expires
Fri, 01 Dec 2023 12:15:24 GMT
9859438,9859439,10751042,9859440,15687977,9859450,15687985,15687989,15687994,9859451
ad.yieldlab.net/yp/
154 B
651 B
Script
General
Full URL
https://ad.yieldlab.net/yp/9859438,9859439,10751042,9859440,15687977,9859450,15687985,15687989,15687994,9859451?t=consent%3Dyes%26clienttc%3D%26&pvid=1&pubref=https%3A%2F%2Flohraspcdn.tak028.top%2F&ids=&ts=0.779581542070757&
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.50.98 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-50-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:15:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
124
Expires
Fri, 01 Dec 2023 12:15:24 GMT
11761245,11761246,11761247,11761248
ad.yieldlab.net/yp/
154 B
651 B
Script
General
Full URL
https://ad.yieldlab.net/yp/11761245,11761246,11761247,11761248?t=consent%3Dyes%26clienttc%3D%26&pvid=1&pubref=https%3A%2F%2Flohraspcdn.tak028.top%2F&ids=&ts=0.8357029694392122&
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.50.98 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-50-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:15:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
124
Expires
Fri, 01 Dec 2023 12:15:24 GMT
targeting
adalliance.profiles.tagger.opecloud.com/v1/
74 B
255 B
Fetch
General
Full URL
https://adalliance.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Flohraspcdn.tak028.top%2F&fpid=cc74cc3c-6579-4e76-8621-117128ff828a&gdpr_applies=0&consent_string=undefined
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.220.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-220-34.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0bc54bd137d3a83cacf3e110995445b197f442b55ec880aa0027adcd372ac32e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://lohraspcdn.tak028.top
date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
targeting
adalliance.profiles.tagger.opecloud.com/v1/
74 B
254 B
Fetch
General
Full URL
https://adalliance.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Flohraspcdn.tak028.top%2F&fpid=cc74cc3c-6579-4e76-8621-117128ff828a&gdpr_applies=0&consent_string=undefined
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.220.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-220-34.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b7d6003f223402927ad31632703d9cf321b6337768f2313c28e37bd3f0c88d44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://lohraspcdn.tak028.top
date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
pbfs.gif
tagger.opecloud.com/adition/
Redirect Chain
  • https://adalliance.tagger.opecloud.com/adalliance/v2/pixel.gif?url=https%3A%2F%2Flohraspcdn.tak028.top%2F&ref=&tref=&tz=10&screen=1600x1200x24&visiturl=https%3A%2F%2Flohraspcdn.tak028.top%2F&dcRegi...
  • https://adalliance.tagger.opecloud.com/adalliance/v2/pixel.gif?e=%5B%5D&tref=&url=https%3A%2F%2Flohraspcdn.tak028.top%2F&tz=10&trackability-redirect=true&visiturl=https%3A%2F%2Flohraspcdn.tak028.to...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fadalliance.tagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dadalliance%26state%3D2-SBzpPEfb8hWGdwbVoaMPWJk%252FwSaL3jOiHOhwbsA%253D%26puid%3D%24UID
  • https://adalliance.tagger.opecloud.com/appnexus/pbfs.gif?source=adalliance&state=2-SBzpPEfb8hWGdwbVoaMPWJk%2FwSaL3jOiHOhwbsA%3D&puid=4626605611139248764
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-q80lSpAyfTXl6NrXaDf6eALw%252FjHScxIB9TBrRps%253D%26source%3Dadalliance&puid=%25%25TDID%25%25
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=fosdutz&ttd_tpi=1&gdpr=0&ttd_puid=2-q80lSpAyfTXl6NrXaDf6eALw%252FjHScxIB9TBrRps%253D%26source%3Dadalliance&puid=%25%25TDID%25%25
  • https://tagger.opecloud.com/tradedesk/pbfs.gif?puid=616f09f1-a7cc-4d99-b3d1-b23f8c14160b&state=2-q80lSpAyfTXl6NrXaDf6eALw%2FjHScxIB9TBrRps%3D&source=adalliance
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-O9J2NSVv%2BQVvxz20kWfFJBfwSKH5o1PAgVfxO6M%3D&source=adalliance
  • https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm=&state=2-O9J2NSVv%2BQVvxz20kWfFJBfwSKH5o1PAgVfxO6M%3D&source=adalliance&google_tc=
  • https://tagger.opecloud.com/dbm/opecs.gif?state=2-O9J2NSVv%2BQVvxz20kWfFJBfwSKH5o1PAgVfxO6M%3D&source=adalliance&google_gid=CAESEGy2YEBulSj_a6tJgBI-gdA&google_cver=1
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Ftagger.opecloud.com%2Fadition%2Fpbfs.gif%3Fsource%3Dadalliance%26state%3D2-BYOuuBqg8Py27EeqbVneadaQQGEmTTRQsD%252FZ%252BKQ%253D%26puid...
  • https://tagger.opecloud.com/adition/pbfs.gif?source=adalliance&state=2-BYOuuBqg8Py27EeqbVneadaQQGEmTTRQsD%2FZ%2BKQ%3D&puid=7307969858682484885
35 B
211 B
Image
General
Full URL
https://tagger.opecloud.com/adition/pbfs.gif?source=adalliance&state=2-BYOuuBqg8Py27EeqbVneadaQQGEmTTRQsD%2FZ%2BKQ%3D&puid=7307969858682484885
Protocol
H2
Server
18.157.190.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-190-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:15:26 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
51
expires
0

Redirect headers

Location
https://tagger.opecloud.com/adition/pbfs.gif?source=adalliance&state=2-BYOuuBqg8Py27EeqbVneadaQQGEmTTRQsD%2FZ%2BKQ%3D&puid=7307969858682484885
Date
Sat, 02 Dec 2023 12:15:26 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
categories
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 7353
6 KB
3 KB
Fetch
General
Full URL
https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=31256
Requested by
Host: sp-spiegel-de.spiegel.de
URL: https://sp-spiegel-de.spiegel.de/Notice.cfd37.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-102.jfk52.r.cloudfront.net
Software
/
Resource Hash
46e760fc451ec1d97dbb15df7f60d42432c0ead75672f72531e7087aa0fb3d88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sp-spiegel-de.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:31:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
2630
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
ysb6_COON1LKJItB8BVOPcsDzh2rNf6PsRXG7thA36Zl4fyo-W5DYA==
bounce
ib.adnxs.com/ Frame 23DF
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
644 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
H2
Server
68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:15:24 GMT
an-x-request-uuid
b15ba817-ffeb-4e89-bdde-2f9cc91b8ee2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:15:24 GMT
an-x-request-uuid
c62a1e45-46d2-418f-9275-c568b27fbf3f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
2x2
ad.yieldlab.net/d/7053371/5459/ Frame 1537
22 B
406 B
Script
General
Full URL
https://ad.yieldlab.net/d/7053371/5459/2x2?ts=1392398602&consent=
Requested by
Host: ad.yieldlab.net
URL: https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.4598679276892821&type=h
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.50.98 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-50-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
977db676822d169898477bb8d00fad87112543cb4ad505a1cc6a864a0fe7cad5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.4598679276892821&type=h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:15:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
en-US
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Dec 2023 12:15:24 GMT
m
ad.yieldlab.net/ Frame 1537
0
400 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=739302&ext_id=1&gdpr_consent=
Requested by
Host: ad.yieldlab.net
URL: https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.4598679276892821&type=h
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.50.98 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-50-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.yieldlab.net/d/7053789/631/2x2?ts=0.4598679276892821&type=h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Dec 2023 12:15:24 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Fri, 01 Dec 2023 12:15:24 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
36847
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 01 Dec 2024 02:01:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
72 B
87 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lohraspcdn.tak028.top
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f0e6bc5d81b7d95c2486d82c2af19cf7a6f95da8f0696e355fd7df1c28161b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Sat, 02 Dec 2023 12:15:24 GMT
truncated
/ Frame 7353
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
077ba938ff318757207c5d86d31e78a8836d1d342c8ba8b3b2cc2557eb495839

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7353
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd6cb9c3211dc5164c313cb9139107b3a5dfc6d614873f0e9289325f79c5920c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7353
32 KB
32 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c

Request headers

Referer
Origin
https://sp-spiegel-de.spiegel.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ Frame 7353
38 KB
38 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4

Request headers

Referer
Origin
https://sp-spiegel-de.spiegel.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ Frame 7353
39 KB
39 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5

Request headers

Referer
Origin
https://sp-spiegel-de.spiegel.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
font/woff2
default.js
ups.xplosion.de/loader/86497/
Redirect Chain
  • https://dyn.emetriq.de/loader/86497/default.js?_&0.5225388964064022&
  • https://ups.xplosion.de/loader/86497/default.js?_&0.5225388964064022&
867 B
1 KB
Script
General
Full URL
https://ups.xplosion.de/loader/86497/default.js?_&0.5225388964064022&
Protocol
H2
Server
52.17.229.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-229-147.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8ca54f5e05f284f2494a48a83c9b3a9d0361888b207c63245a16a23be8e140e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Dec 2023 12:15:25 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
867
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"

Redirect headers

location
https://ups.xplosion.de:443/loader/86497/default.js?_&0.5225388964064022&
date
Sat, 02 Dec 2023 12:15:25 GMT
server
awselb/2.0
content-length
134
content-type
text/html
3493
config.aps.amazon-adsystem.com/configs/
505 B
782 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3493
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.102.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-102-29.iah50.r.cloudfront.net
Software
CloudFront /
Resource Hash
76bbd19c29bfbfc3c79cfda2fbf2423ab49284c76dea62016e0c1a7451531daf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:54:47 GMT
via
1.1 988141e0ff778c1ba978caf9801f2648.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAH50-C3
age
1237
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
OtbO3DXhuivIbEKunUfSb-kcL5IrMH9UxYwCDynKirCGG6O_mfVwCg==
config
c.amazon-adsystem.com/cdn/prod/
0
307 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3493&u=https%3A%2F%2Flohraspcdn.tak028.top
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:23 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
access-control-allow-origin
https://lohraspcdn.tak028.top
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
CTnU5CxknwxoowZXxP68tbqv_NasF74exr7p8Cy8UVza1hUTH48ROw==
bid
aax.amazon-adsystem.com/e/dtb/
23 B
469 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3493&u=https%3A%2F%2Flohraspcdn.tak028.top%2F&pid=MR2Fb5DxgOtFb&cb=0&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22skyscraper_1%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_4%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_5%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_6%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_7%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22superbanner_8%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22skyscraper_3%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6032%2C22337032985%2Fspon_dt%2Fhomepage%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.138.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-138-29.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 29117767a034875a8b49afd641f25d82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P2
x-amz-rid
9XGBSEF4P60NER9RMN00
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://lohraspcdn.tak028.top
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CU2rnEvRTwBVMkLDrvP_YrBYEcDMZQhW_krrEqg6cCBqI3BX9Lrn3g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:25 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
6gUKZjucagNFecr0J9OXk_xAJQzmEGeylxuBR-WrGXrtm9o3MZccQQ==
p.min.js
cdn.xplosion.de/adp/profiling/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://cdn.xplosion.de/adp/profiling/1.0.0/p.min.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212d:b400:e:29d5:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f192b52f249f5c4fad0cf86aa4cb0cce6b55d6ec72f706eacf8bb5defb6d317

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
lVWdVlgr0qFDIbVhvuXuxya2BcB5zCGX
content-encoding
gzip
via
1.1 4f2fa846cf96fadcaf206a3a64d2fe9e.cloudfront.net (CloudFront)
date
Sat, 02 Dec 2023 02:53:07 GMT
last-modified
Mon, 20 Nov 2023 13:45:06 GMT
server
AmazonS3
x-amz-cf-pop
IAH50-C3
age
33739
x-amz-server-side-encryption
AES256
etag
W/"0c81a4ff07585e457c47fc3a43e4c08b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
UwuFop-XeOvgWuhTLCZn5JU-RJ_XqYeS22asCL0yD0GXQYLFxIrgpA==
ads
securepubads.g.doubleclick.net/gampad/
1 KB
392 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=102943082262027&correlator=806768678237022&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&gdpr=0&iu_parts=6032%3A22337032985%2Cspon_dt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C800x250%7C728x600%7C970x250%2C160x600%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701519325574&lmt=1701519325&adxs=280%2C1300&adys=237%2C245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flohraspcdn.tak028.top%2F&vis=1&psz=1020x-1%7C300x-1&msz=0x-1%7C160x-1&fws=644%2C644&ohw=1600%2C1600&ga_vid=1040639610.1701519326&ga_sid=1701519326&ga_hid=1589073293&ga_fc=false&dlt=1701519321996&idt=2760&prev_scp=pos%3D1%26adPositionName%3Dwallpaper_1%26slotid%3Dwp1%26optout%3D0%7Cpos%3D1%26adPositionName%3Dskyscraper_1%26slotid%3Dsk1%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cust_params=ind%3Dyes%26scrw%3Dl%26zm%3D100%26ab%3Dl%26anchor%3D0%26host%3Dtak028.top%26idrep%3Dja_windows_desktop%26kw%3Dnextgen%26bb%3Dno%26gallery%3Dno%26logcrt%3D0%26logap%3D0%26logjp%3D0%26logcwi%3D0%26dabu%3D0%26fp%3Ds%26spmtp%3Dcenterpage%26exclude%3Ddouble%26logamz%3D1%26emq_g_rt%3D%26emq_a_rt%3D%26emq_s_rt%3D%26emq_bi_rt%3D%26emq_bs_rt%3D%26emq_re_rt%3D%26emq_ne_rt%3D%26emq_in_rt%3D%26emq_li_rt%3D%26emq_bus_rt%3D%26emq_fam_rt%3D%26emq_hf_rt%3D%26emq_hg_rt%3D%26emq_fs_rt%3D%26emq_all_rt%3D%26logyl%3D1%26pegasus%3D0%26j4%3D2%26j5%3D10%252C12%252C15%252C6%26dp4%3D3%26bj4%3D2%26bj5%3D6%252C10%252C12%252C15%26dp5a%3D4%26dp5%3D4%26dp5b%3D3%26dp5c%3D3%26dp5d%3D3%26ipteid%3D67c6c15d-6e5a-45f5-9b17-b41cd0ccfc6f&adks=872976239%2C352836094&frm=20
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e8b428c514492875c000b58e5a8b9879e74b76edbe48f923cbd2647770dc076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
361
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lohraspcdn.tak028.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b97c43bc35c5ef474004478e5e093ba73e2c2e8d2a0e6c6d4171fdcdb9fc4c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12274
x-xss-protection
0
container.html
99ad941381cf234693393f4b704148af.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CDE
6 KB
3 KB
Document
General
Full URL
https://99ad941381cf234693393f4b704148af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lohraspcdn.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 12:15:25 GMT
expires
Sun, 01 Dec 2024 12:15:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
data
ups.xplosion.de/
1 KB
2 KB
Script
General
Full URL
https://ups.xplosion.de/data?title=DER%20SPIEGEL%20%7C%20Online-Nachrichten&hostSiteUrl=https%3A%2F%2Flohraspcdn.tak028.top%2F&userAgent=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&userLang=en-US&color=24&os=Win32&timezone=10&screen=1200x1600&agent_class=browser&event_id=page_view&gdpr=0&gdpr_policy=4&gdpr_consent=undefined&gdpr_success=1&gdpr_path=v2&gdpr_is_ifr=false&gdpr_cmp_loc_2=true&gdpr_applies=0&gdpr_cmp_status=loaded&gdpr_event_status=tcloaded&_rfs=1&_sid=86497&_ver=1.0.0&_seg=jsonp&_=702856824164
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.229.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-229-147.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f593798651fa1f09d237678eb4efa79b818e67a55bbb15f1ed3dc0f6a9ce2e34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Dec 2023 12:15:25 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
1429
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 12:15:25 GMT
ads
securepubads.g.doubleclick.net/gampad/
2 KB
210 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=102943082262027&correlator=806768678237022&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&gdpr=0&iu_parts=6032%3A22337032985%2Cspon_dt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C800x250%7C970x250%2C200x200%2C320x50%7C728x90%7C800x250%7C970x250%2C320x50%7C728x90%7C800x250%7C200x200%7C970x250%2C320x50%7C728x90%7C800x250%7C200x200%7C970x250%2C320x50%7C728x90%7C800x250%7C970x250%2C320x50%7C728x90%7C800x250%7C970x250%2C123x234&fluid=height%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2C0&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dcbbc77bb2242872a%3AT%3D1701519325%3ART%3D1701519325%3AS%3DALNI_MYomaIbuyeDJzHHpZG-5nuwp2S4kg&gpic=UID%3D00000a024d881ad4%3AT%3D1701519325%3ART%3D1701519325%3AS%3DALNI_MaaXK0ci70VusIBnxKjHWtFBi5JLw&abxe=1&dt=1701519325755&lmt=1701519325&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C0&adys=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C28686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C1&ucis=3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flohraspcdn.tak028.top%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=644%2C644%2C644%2C644%2C644%2C644%2C644%2C644&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1040639610.1701519326&ga_sid=1701519326&ga_hid=1589073293&ga_fc=false&dlt=1701519321996&idt=2760&prev_scp=pos%3D3%26adPositionName%3Dsuperbanner_3%26slotid%3Dsb3%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D31%26adPositionName%3Dmarktplatz_1%26optout%3D0%7Cpos%3D4%26adPositionName%3Dsuperbanner_4%26slotid%3Dsb4%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D5%26adPositionName%3Dsuperbanner_5%26slotid%3Dsb5%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D6%26adPositionName%3Dsuperbanner_6%26slotid%3Dsb6%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D7%26adPositionName%3Dsuperbanner_7%26slotid%3Dsb7%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D8%26adPositionName%3Dsuperbanner_8%26slotid%3Dsb8%26optout%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cpos%3D121%26adPositionName%3Dbrandlift_1%26optout%3D0&cust_params=ind%3Dyes%26scrw%3Dl%26zm%3D100%26ab%3Dk%26anchor%3D0%26host%3Dtak028.top%26idrep%3Dja_windows_desktop%26kw%3Dnextgen%26bb%3Dno%26gallery%3Dno%26logcrt%3D0%26logap%3D0%26logjp%3D0%26logcwi%3D0%26dabu%3D0%26fp%3Ds%26spmtp%3Dcenterpage%26exclude%3Ddouble%26emq_g_rt%3D%26emq_a_rt%3D%26emq_s_rt%3D%26emq_bi_rt%3D%26emq_bs_rt%3D%26emq_re_rt%3D%26emq_ne_rt%3D%26emq_in_rt%3D%26emq_li_rt%3D%26emq_bus_rt%3D%26emq_fam_rt%3D%26emq_hf_rt%3D%26emq_hg_rt%3D%26emq_fs_rt%3D%26emq_all_rt%3D%26logyl%3D1%26pegasus%3D0%26j4%3D2%26j5%3D10%252C12%252C15%252C6%26dp4%3D3%26bj4%3D2%26bj5%3D6%252C10%252C12%252C15%26dp5a%3D4%26dp5%3D4%26dp5b%3D3%26dp5c%3D3%26dp5d%3D3%26ipteid%3D67c6c15d-6e5a-45f5-9b17-b41cd0ccfc6f%26clientseg%3Dfg%252Cfh%252Chz%252C3w%252Cu%252Cv2%252C52%252Cnl%252Cnm%252Cq0%26clienttc%3D%26czp%3D14202%26cst%3DNew%2520York%26logamz%3D3&adks=2933506286%2C671742417%2C2933506257%2C1998842777%2C1998842782%2C2933506258%2C2933506261%2C1921587896&frm=20
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e81a5683d3a5b9b608c8c9dd1b634c04061855e897c3ac3f9d3c768ea223810f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lohraspcdn.tak028.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
302 B
149 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=102943082262027&correlator=806768678237022&eid=31078987%2C31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&gdpr=0&iu_parts=6032%3A22337032985%2Cspon_dt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&eri=1&sc=1&cookie=ID%3Dcbbc77bb2242872a%3AT%3D1701519325%3ART%3D1701519325%3AS%3DALNI_MYomaIbuyeDJzHHpZG-5nuwp2S4kg&gpic=UID%3D00000a024d881ad4%3AT%3D1701519325%3ART%3D1701519325%3AS%3DALNI_MaaXK0ci70VusIBnxKjHWtFBi5JLw&abxe=1&dt=1701519325774&lmt=1701519325&adxs=0&adys=28686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flohraspcdn.tak028.top%2F&vis=1&psz=1600x-1&msz=0x-1&fws=644&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1040639610.1701519326&ga_sid=1701519326&ga_hid=1589073293&ga_fc=false&dlt=1701519321996&idt=2760&prev_scp=pos%3D1%26adPositionName%3Doop_1%26slotid%3Doop1%26optout%3D0&cust_params=ind%3Dyes%26scrw%3Dl%26zm%3D100%26ab%3Dk%26anchor%3D0%26host%3Dtak028.top%26idrep%3Dja_windows_desktop%26kw%3Dnextgen%26bb%3Dno%26gallery%3Dno%26logcrt%3D0%26logap%3D0%26logjp%3D0%26logcwi%3D0%26dabu%3D0%26fp%3Ds%26spmtp%3Dcenterpage%26exclude%3Ddouble%26emq_g_rt%3D%26emq_a_rt%3D%26emq_s_rt%3D%26emq_bi_rt%3D%26emq_bs_rt%3D%26emq_re_rt%3D%26emq_ne_rt%3D%26emq_in_rt%3D%26emq_li_rt%3D%26emq_bus_rt%3D%26emq_fam_rt%3D%26emq_hf_rt%3D%26emq_hg_rt%3D%26emq_fs_rt%3D%26emq_all_rt%3D%26logyl%3D1%26pegasus%3D0%26j4%3D2%26j5%3D10%252C12%252C15%252C6%26dp4%3D3%26bj4%3D2%26bj5%3D6%252C10%252C12%252C15%26dp5a%3D4%26dp5%3D4%26dp5b%3D3%26dp5c%3D3%26dp5d%3D3%26ipteid%3D67c6c15d-6e5a-45f5-9b17-b41cd0ccfc6f%26clientseg%3Dfg%252Cfh%252Chz%252C3w%252Cu%252Cv2%252C52%252Cnl%252Cnm%252Cq0%26clienttc%3D%26czp%3D14202%26cst%3DNew%2520York%26logamz%3D3&adks=4225619084&frm=20
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d124584f55f232701ec30df53d5ea1c3b92985f44ceabb1d816560ade91f9e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lohraspcdn.tak028.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F49
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lohraspcdn.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
144410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:08:35 GMT
expires
Fri, 29 Nov 2024 20:08:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2E65
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3ec9b5c7d9e9a3e1ec5e6bc5b55edff26154e4cdfb6c4fa2ebfe8b6bef58cfb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jPwqjVx1rZVNhFv8h8nvZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lohraspcdn.tak028.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jPwqjVx1rZVNhFv8h8nvZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 12:15:25 GMT
expires
Sat, 02 Dec 2023 12:15:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6F49
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
57888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 20:10:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2E65
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=102943082262027&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 6F49
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ZK-J5Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:15:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
event
adalliance.dcapi.tagger.opecloud.com/ingest/ Frame
0
0
Preflight
General
Full URL
https://adalliance.dcapi.tagger.opecloud.com/ingest/event?fpid=cc74cc3c-6579-4e76-8621-117128ff828a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.146.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-146-233.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.8 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://lohraspcdn.tak028.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://lohraspcdn.tak028.top
access-control-max-age
1800
content-length
0
date
Sat, 02 Dec 2023 12:15:26 GMT
server
akka-http/10.2.8
custom-no-tagger
adalliance.tagger.opecloud.com/adalliance/v2/
35 B
412 B
Image
General
Full URL
https://adalliance.tagger.opecloud.com/adalliance/v2/custom-no-tagger?type=emetriqSegments&url=https%3A%2F%2Flohraspcdn.tak028.top%2F&ref=&tref=&id=&cmpstatus=gdprdoesnotapply&fpid=cc74cc3c-6579-4e76-8621-117128ff828a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.190.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-190-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
950716303d22b34eb1526bc6aab7e65223899e8d3538938a271a9084bcd51bb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 12:15:26 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
p3p
CP="ADMa OUR IND DSP NON COR"
cache-control
no-cache, no-store, must-revalidate
content-length
52
expires
0
event
adalliance.dcapi.tagger.opecloud.com/ingest/
2 B
170 B
XHR
General
Full URL
https://adalliance.dcapi.tagger.opecloud.com/ingest/event?fpid=cc74cc3c-6579-4e76-8621-117128ff828a
Requested by
Host: lohraspcdn.tak028.top
URL: https://lohraspcdn.tak028.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.146.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-146-233.eu-central-1.compute.amazonaws.com
Software
akka-http/10.2.8 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://lohraspcdn.tak028.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://lohraspcdn.tak028.top
date
Sat, 02 Dec 2023 12:15:26 GMT
access-control-allow-credentials
true
server
akka-http/10.2.8
content-length
2
content-type
text/plain; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=102943082262027&bg=!ISKlIm3NAAY3kmNgF5I7ADQBe5WfONA3b2QXBbLAEa-rpiWi6wryCCFZF4TQqG4r53skHBfQf_gsgUQs4B95qNtmeoZ7AgAAAFZSAAAAA2gBB5kCw4zp1hsAEhI39k0gNsrT6vyC2vUXHpYYphYvq1y8ZOEmJl7uuihn3nxqjix0QcsvxUBo0oZHm6kn_GuiQIbBa-BulNMSy4YH8ZzV4amgkTUS8OVnYLU3SZSJgYdYCW12ohN5HvNGCxXIdAGmgmcFW3TMfR0tgWThsCu1Kw57cMVOg3sb5B9zzZsFJSrMacLsaLawDY9ApsyoWWGmESOxdpR-08qOn82QwFNRVDv3hVyY-6Uyk08LoM1ObeLDx7RVNmNRXig6w6h9AAlC1surwpCs28gOhfuKzslXxFXohf6NxwDvrIFevdhmu5lyQTSZBbGbR6t7CRV4ACQ0FHrx87RRGRCUsey8mwQBQUIDIChgcL8o48KMR2b4-agtWc9A924jiB6nUf_b8IdKPBZLta7SmdYPyD3c2SOw2OonnDkzwILY_trnFl_-uzY-EGCqF9g1WreZ9trHWSgaCgMylLFSj3h3yjxSKQEgCNNNaa_KZ-WiwdHP0MhDB3mjGlORs5RguEg8QB621yBJX3R-VxXLa9bi-zYzQ5KEAj2L3ojsARYvPWKTez7FwFwtL-Q-quB5XjmXind2lEB1YHu5eFgK35otHow-I_ePF9lnJ4bPYbbL04Y1kQOFk_Bfcsk-PTeIZI82Cbkqnpk1cr2IOn34ZkJwBuYFMEGZNcXXiK3k6DVCq5-eWf_55eSeJyMuUjFZGcq7rsor5w_mKsW7dJB4fdwOqjRtYXFRfc8NZUNgkLAdtQyHxeFK-FsQ8qkUuVxwxJDxr3yare4pVj94WeroLFLuvGwRklN5T_3-Ogz9BF61TVflQk_pa3IEPIL5MW6ugx9yA_aPJccsXT_Imu3HoGYnFaiAzq14VTMpW23DOkhQ5EK3as6j4r7miqxGpwo_fiBgIahk8NKQDPg7nYcZfYJlZ54vw8GaWmpJaObbyH9h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lohraspcdn.tak028.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| event object| documentPictureInPicture function| _typeof function| __tcfapi undefined| match undefined| minVersion undefined| version undefined| ua undefined| isOSSupported boolean| isBrowserSupported object| webpackChunksource object| SARAs_data object| polygon object| GujAd object| GujAdPositions function| IHLRGdd function| UABPreloaded object| gnovhCln object| gnovhClne object| gnovhClni boolean| gnovhlsn object| gnovhd33Flags string| gnovh13cRnd boolean| videoScriptIsAlreadyExecuted function| UABPVreloaded function| callNextAdTag object| gnovhdda2tc object| Alpine number| lastVolume object| _sp_queue object| _sp_ boolean| gnovh1a5sdl boolean| gnovh1a5sdln string| gnovhdda2genat string| gnovhdda2sthash string| gnovhdda2Domain boolean| gnovh280forceimp object| gnovhsc boolean| gnovh675Body boolean| gnovh3deDetect object| gnovhd69Mobile object| gnovhdda21 object| gnovhdda2o1 object| gnovhdda2o1a object| gnovhdda2o2 object| gnovhdda2o3 object| gnovhdda2o3a object| gnovhdda22 number| gnovhdda2d3 object| gnovhdda24 object| gnovhdda25 boolean| gnovh4c2ij object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| targetGlobalSettings object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| track_tag object| events function| handler function| EngagementTracker object| stats function| PodWatcher object| _sp_wp_jsonp function| AppMeasurement_Module_AudienceManagement function| DIL function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s boolean| gnovhaefTrack object| MoltenBundle object| MoltenTopRequire boolean| PrivacyLoaded object| AdALoaderV2 object| $AC boolean| MoltenTopLoaded boolean| AdADMPLoaded function| ope boolean| GUJAD_DEBUG object| EmsAd object| EmsGuj object| autoNative2 object| opeCustomEvents object| autoNative object| googletag object| yl object| apstag function| BlockAdBlock object| blockAdBlock object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _enqAdpParam object| _aps boolean| apstagLOADED object| apscustom object| _EQLService object| _EQPScript number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| _EQPService object| google_image_requests

16 Cookies

Domain/Path Name / Value
.tak028.top/ Name: AMCVS_79655FCF5C1D42160A495E15%40AdobeOrg
Value: 1
.tak028.top/ Name: AMCV_79655FCF5C1D42160A495E15%40AdobeOrg
Value: -130454370%7CMCIDTS%7C19694%7CMCMID%7C38132319256070368618562618808118511290%7CMCAID%7CNONE%7CMCOPTOUT-1701526523s%7CNONE%7CvVersion%7C5.5.0
lohraspcdn.tak028.top/ Name: uuidpd
Value: 304c8768-a495-4d39-adac-e98e67a2bf8a
lohraspcdn.tak028.top/ Name: consentUUID
Value: 57b21986-c56a-42ce-87e7-4551705fe261
te.technical-service.net/ Name: tecm
Value: "eprFUTyW3sDeRNBkKvwc2g2peclDzjVRhbSzfKZgoL8NFYIexU7NGg3Uc-Cm1dbozR7CxiqTLVizP_bhnVmDn9e-5arFGj_S_S6M2fqUVI5KBm3txXLol34sRIzeke2wQWnS40XocrHpq8p0GlxWrzF51IS545Yv1Tda7LmtJRwBvKWklBLsLQnfG6iEvUNz4iJgC-cvzG7SRN_2rIOOFQatI2lKV4erZqggX-gR2nEbfdt7GELRwFrZmdmBZQVv60tAm0_7VuJemZHYQS_dRhPi-J494N4YvpeQc8yk3OoY_JpmovSFU3rjzHnJ_2du6UM1MF8C9NFPBWkjC-QgnW1p05jvTqGWmjJ5Q7Vah0KgR5r6rinFezgHE5EHmPUMdyP0npDrpS3--jaouOub63Ft_hduaWmLZKuuaLGMO3buJPC28EG8gmKXutZa13BIuxF6Vp2BTSA98-DRb3biyJFjqXkaMAkRJv9p5eIjimn8gNlH2-KKrYoA3cg="
.technical-service.net/ Name: tevs
Value: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAA
.technical-service.net/ Name: tthc
Value: 67c6c15d-6e5a-45f5-9b17-b41cd0ccfc6f
.adnxs.com/ Name: uuid2
Value: 4626605611139248764
.yieldlab.net/ Name: id
Value: 123ce614-f98f-4455-b353-bc8e7038131a
.adsrvr.org/ Name: TDID
Value: 616f09f1-a7cc-4d99-b3d1-b23f8c14160b
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwi8lNaG4865PBAFOAE.
.doubleclick.net/ Name: IDE
Value: AHWqTUmgj-CRqNjJjx5LpRmANI3SBB9z1AZooXd6sjl8UQf3YTq-XMEK4I2j2AV9_a0
.tak028.top/ Name: __gads
Value: ID=cbbc77bb2242872a:T=1701519325:RT=1701519325:S=ALNI_MYomaIbuyeDJzHHpZG-5nuwp2S4kg
.tak028.top/ Name: __gpi
Value: UID=00000a024d881ad4:T=1701519325:RT=1701519325:S=ALNI_MaaXK0ci70VusIBnxKjHWtFBi5JLw
.adfarm1.adition.com/ Name: UserID1
Value: 7307969858682484885
.tagger.opecloud.com/ Name: ope_uid
Value: 2-Rfq0ldZOEMEiAn+2k2Gh2bcMfco1DGc55o/clTcOZA/gIt456AUgwS1CXQVP3P90s/kHdQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=2592000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

99ad941381cf234693393f4b704148af.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.yieldlab.net
adalliance.dcapi.tagger.opecloud.com
adalliance.profiles.tagger.opecloud.com
adalliance.tagger.opecloud.com
assets.adobedtm.com
bilder-a.akamaihd.net
c.amazon-adsystem.com
cdn.opecloud.com
cdn.privacy-mgmt.com
cdn.prod.www.spiegel.de
cdn.xplosion.de
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
dsp.adfarm1.adition.com
dyn.emetriq.de
ib.adnxs.com
interactive.spiegel.de
lohraspcdn.tak028.top
match.adsrvr.org
omny.fm
pagead2.googlesyndication.com
sams.spiegel.de
secure.adnxs.com
securepubads.g.doubleclick.net
sp-spiegel-de.spiegel.de
static.emsservice.de
tagger.opecloud.com
te.technical-service.net
tpc.googlesyndication.com
ups.xplosion.de
www.google.com
zipservice.adalliance.io
142.250.72.98
151.101.65.108
18.157.190.96
18.158.12.134
18.158.220.34
18.164.124.81
18.173.138.29
18.200.183.204
18.238.55.102
18.238.64.130
23.199.50.98
23.223.209.35
23.49.248.13
2600:141b:1c00:209e::1e80
2600:141b:1c00:30::1739:5a6d
2600:141b:1c00:30::1739:5a70
2600:9000:212d:b400:e:29d5:db00:93a1
2606:4700:10::6814:6a3e
2607:f8b0:4006:81e::2001
2607:f8b0:4006:820::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:806::2001
2607:f8b0:4020:807::2004
35.71.131.137
5.9.114.33
52.17.229.147
52.57.146.233
62.204.58.112
63.140.62.135
68.67.179.87
85.114.159.118
99.86.102.118
99.86.102.29
01ad95c30ab8bafb85c61826be949d9625c509f0d6ccb4ca921cfac5d87509d6
027ec9d50e541956f8be140fbc8c2b214ae44ae9405db409730311814eb9e9c9
065a0f4caeadf4edd6516b5f852483cbe5c881370b4eececa4c01f02244b276a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077ba938ff318757207c5d86d31e78a8836d1d342c8ba8b3b2cc2557eb495839
08c1caa3c9865973b486795b763065327d37f241e30f43064f7779c45560a814
0a05847c3f2f5a4c4931a1fbcfca2dcd37d5d60ba1090f20a8cc3e896bf92dea
0bc54bd137d3a83cacf3e110995445b197f442b55ec880aa0027adcd372ac32e
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f27bf250b76a9086dab149430370668a431e1ec8dfc28d1e91662a24fc6e3d9
10ff0d60bfd122c6111c16a95dce08e3ac4c0c2625e9dc89df5fc1bfc20fffa3
158276d6ff64e9501a1e8ed6cf20e2d1f154425de149dbe5fbcbbdb60a326610
1b0d621a1d45347b1080e4a35bed3fa307c5555251bfb6bc9c6e44724d8ad873
1b3b64353ca4f6878606cecdc4c99899031e956763ca27dade44f46f2db74893
1cd21742d03ce8fdc56a66e00db3b7f360212099ab033e6b1d335b8d056f5de3
1dfd4b968aabfe1058b714f8c54de85cec9eb55cec9d51548b4c646cb4e3463b
1e8b428c514492875c000b58e5a8b9879e74b76edbe48f923cbd2647770dc076
307c29ce6b7e955c2895c6f771e4bd221bbc8caed8acdbaa7d58598b25ce161b
32f9db0a1a05fd7e7bdbc75f42c15a5beae9053150de7c005f02c7a8397daae4
331d866a911b6978849e8239e720b1e82e43014aadb74978cab4e5d3b2b78671
337b55f5dca7e0300948455aede7ca245935b0652c0e5cbec49d801599ba5ebf
34e62b970ab1831e45441dd0711026f99216315b038935e1040b658bc8ed0a14
35c913b9dbe8c4b180b31096741ef3114bce57f9f37edecc87f74f179af64c4f
35e1ca516492f5d721502a1f38f387fb0459469d57573c7137f0dd9018cd1207
3a4f5b30d1ff0314a95a2ce26ab2fe6fa1c42027bd350f3ea62c936c6b82520b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
4285ac395a438cdc6ba800a527f32d7872c3f6de7ed3deac592f521390a7d1e6
4641263e04dff132a7f1e4d225ed41f609a718b875d9749c30cef4c81c17799e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469690dfd142afa3744ab4911e65e2379d6add7844a25db8aaaf0e65f749db8e
46e760fc451ec1d97dbb15df7f60d42432c0ead75672f72531e7087aa0fb3d88
4986cfef70f57a3c524b749439a2b5b35be0f0fd2b18280dabe09bb721ce3c43
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c
4ed5ab0855b6eb557dc4fc3349c8e3201842db7cc0c006fef8186eff6d528289
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560264c04c8234afbce89f4b26d6009ee64d5d18cad14992f9a473fee1ec152c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5
5eb17b019e3f8dab490647d1727b304a04516859089e7562362eab3f8e765e00
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624aa195716c9815c3236f3fef49383dbced2596c7430bb4069ec4e323e30239
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b685658dd4cecaeab3aea68dede5fc08f0f8d8b199180f93006e20882b18082
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6f37ab119551d439d8d282dff2a6927fa9e95beb49115819403dfedda20edaaf
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76bbd19c29bfbfc3c79cfda2fbf2423ab49284c76dea62016e0c1a7451531daf
787420847ce82c0b7469a668d8f3b733d1af6e7c3e08f82c8476f863d5205bf0
7f943470ac510b922aca5671c2f7629dd56daf7941e16724df80f0c3c8768c06
8109d7f45b41af473bc04a75c7875a2cdefc989d1fd201173dd173141bae95a7
813947ddc6405f4e35f985440cb938198a83d8d895a62ace5076b267b3120dc3
83d499d63224ad99634f9bbc0914f3a2393da23359a7e2dc950457ce13014d7f
8ca54f5e05f284f2494a48a83c9b3a9d0361888b207c63245a16a23be8e140e4
8d8281f67004dd29f3ee6ae1ec40489f79b4e6c6f98d6e2042ded26126148d2b
8f0e6bc5d81b7d95c2486d82c2af19cf7a6f95da8f0696e355fd7df1c28161b0
8f192b52f249f5c4fad0cf86aa4cb0cce6b55d6ec72f706eacf8bb5defb6d317
8f7eaea2c1460c5447d090193cec088be298fcc777cfd4ee6aa006dfa64d358a
950716303d22b34eb1526bc6aab7e65223899e8d3538938a271a9084bcd51bb9
96027e0b03463d27e3c6f815149f5ce075dccfeb06b6f7935aa876b40b6664ef
977db676822d169898477bb8d00fad87112543cb4ad505a1cc6a864a0fe7cad5
a03b7af602fa9d955c4954c02f4bb2fa03311083bf4e138f77eebb471b2fd935
a1eda44c9643b8bf60f6b2ade0ebb9a90a84918ff441c604c56f64b9c2dedb77
a3ec9b5c7d9e9a3e1ec5e6bc5b55edff26154e4cdfb6c4fa2ebfe8b6bef58cfb
a7b743e5d7796ad3eb7e0ea605632a74342b228d6ebccab817db387cabfc78d2
a8743628c7b7732ffaa9cb69c3ed9f906f378a2710d43371f0a10c08b37fc52f
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9
ae2e8470977c2f977f5255093f2167fed30305361a29a1c9c229afef2aed6ac9
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b473d7a28d1e4a207f1d6a480b340cc686e2304f061584a66fd604ed17671a68
b74ea72c4f6103c31606e7918ea026b8b14c4b4579910f08440a815f0620ec7b
b7d6003f223402927ad31632703d9cf321b6337768f2313c28e37bd3f0c88d44
b82b44bf65db27b74faae64a4194920919d08f0fb311d56da55d5f9d27cb3e3e
b97c43bc35c5ef474004478e5e093ba73e2c2e8d2a0e6c6d4171fdcdb9fc4c0e
be94a6295277a3ec39c70cdfba958062d07d07e1ad61d1e35e679ba9d1970b18
c054a1f854b682947214e3245f5721f4e9dea0dc4669e3ec480521599beb1060
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c6a94dbcbc21076862a94ff3b6411e14b2199db566e97ba427f0a84e570a4a95
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180
c8021c17932ea41e5e8fd0db9af0202110f5156eab8f2473eb2eb3e650c5e2d0
c8781a2a3d250e769c7264d57b2836a9e180d5452e9212d6d51d1ea4093ffd45
c931dec2166efa07832b7cdb52ff3e3f00ffe7a3c3563b4db8b762a1e096a08e
cb305d4e4a38aecc9bd5dae4ccb92cf983ff2582d9a2541ea6b489cea9792a65
ccd368d2cc4e1eb0f3a2b0bb1be416ff3bd3e21c0900154c21eb9cbddbad472e
cedfeb84a0e11cefe16ab868b41073a69738ba53e3ef3b5f6707d04fdd69f5d1
d124584f55f232701ec30df53d5ea1c3b92985f44ceabb1d816560ade91f9e6b
d50f6218faf85af9ffb233e0bde4297df1790d99d2f2935fba38c3ca6490f002
d998fb5f5c9aff497598fcf5704f1c5f4731cdb9b0fdb4c930311baaa41e0aaf
d9f1dcff795fb3edeb001c9e566ccb85edfc7e174cd0cc0e4d05766bd534eb2a
db0133036797b0b58666bdd362d018ebcee660fc31e94e93659e03572bb77676
db038ead1a7102425b895809d65ca3e6d9521ff4399229497ae9a575f3cfaf30
df73f4b9c8590be28d0b642b1b10b224f13fc1497089b57e78b829c7c78a3e75
e13911b55e63800e1fd4fd89ba3a333107c7b04d7906b385da4ee38d4a105588
e259ff19f7a1d952eec7d0035c8d685ee6305fb56d17d697f5d9ec65b860484a
e34e3767438924f7a921fe6e947f831717a0f9905343f5941b2fb108fe8762d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4074b6be25e680791d8ef9e54295e41a798a6f67344bb0db5a73d86173aef52
e461ec99a1d40286ccdb0e737880e244c8e6dbb509f2a62e117a74e8a2c03065
e623198d33f383cf5bc971100ea3596389d1c94d417841fd9fd3b90831e78612
e806a31ac93e0747c4b8314d0a159aff85f4882862e84fcab4f9b7e408443671
e81a5683d3a5b9b608c8c9dd1b634c04061855e897c3ac3f9d3c768ea223810f
e9f8ff23866bd848fe7ef4a4a38d85ced44742a5aad5c9f0b53f68bc5ea836b4
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492
effea39115f8e678dcd549082abcbe0402c7729cee6591e8dec3ce27857fab27
f593798651fa1f09d237678eb4efa79b818e67a55bbb15f1ed3dc0f6a9ce2e34
f90a5f8301aeffcf946f92c5059191703f269d82bdd5be8302b8cc8be963cc6a
f9d890f6c6e525a34f5268ed07841bb790109871ff780db21cbfe8348be7f98d
fd6cb9c3211dc5164c313cb9139107b3a5dfc6d614873f0e9289325f79c5920c
ff3e82c0365229a9f962f063a601da8eee495129132628a8a9c5a6e13eab98ce