urlscan.io logo urlscan.io
SecurityTrails logo

abo.spiegel.de Open in urlscan Pro
128.65.210.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://capitalxone.com/
Effective URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c...
Submission: On January 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 6 countries across 26 domains to perform 78 HTTP transactions. The main IP is 128.65.210.191, located in Frankfurt am Main, Germany and belongs to LINK11 Link11 GmbH, DE. The main domain is abo.spiegel.de. The Cisco Umbrella rank of the primary domain is 154602.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 16th 2020. Valid for: 2 years.
This is the only time abo.spiegel.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 81.17.18.197 51852 (PLI-AS)
2 52.20.219.89 14618 (AMAZON-AES)
1 52.218.41.235 16509 (AMAZON-02)
2 3.126.48.135 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 185.26.99.247 44066 (DE-FIRSTC...)
1 3 104.92.94.3 16625 (AKAMAI-AS)
15 128.65.210.191 34309 (LINK11 Li...)
10 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
1 2 54.229.240.78 16509 (AMAZON-02)
2 15.188.95.229 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 51.77.7.80 16276 (OVH)
1 18.203.190.43 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2.21.142.172 16625 (AKAMAI-AS)
1 2600:9000:215... 16509 (AMAZON-02)
2 70.42.32.159 13789 (INTERNAP-...)
2 52.50.85.221 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 138.201.63.165 24940 (HETZNER-AS)
1 2 138.201.220.30 24940 (HETZNER-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a03:2880:f12... 32934 (FACEBOOK)
3 2.18.233.201 16625 (AKAMAI-AS)
1 54.220.215.179 16509 (AMAZON-02)
2 3 37.157.5.142 198622 (ADFORM)
1 37.157.2.247 198622 (ADFORM)
1 2 142.250.186.38 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
78 31
1    81.17.18.197 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
capitalxone.com
2    52.20.219.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-219-89.compute-1.amazonaws.com
v4.s.arclk.net
1    52.218.41.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
2    3.126.48.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
jsrdtrck.com
2    2606:4700:3033::6815:daf (United States)

ASN13335 (CLOUDFLARENET, US)
vipestores.com
1    185.26.99.247 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde430-2.fornex.org
ad.admitad.com
3    104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com
www.awin1.com
15    128.65.210.191 (Frankfurt am Main, Germany)

ASN34309 (LINK11 Link11 GmbH, DE)
abo.spiegel.de
10    2a02:26f0:fb:59e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    54.229.240.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-240-78.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
sams.spiegel.de
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    51.77.7.80 (France)

ASN16276 (OVH, FR)
PTR: read.apartena.net
read.apartena.net
1    18.203.190.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-190-43.eu-west-1.compute.amazonaws.com
sats.spiegel.de
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2.21.142.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-172.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    2600:9000:2156:3400:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
2    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    52.50.85.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-85-221.eu-west-1.compute.amazonaws.com
the.sciencebehindecommerce.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    138.201.63.165 (Neulussheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal9000.redintelligence.net
2    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
ad.ad-srv.net
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
10    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    54.220.215.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-215-179.eu-west-1.compute.amazonaws.com
spiegel.demdex.net
3    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
5994599.fls.doubleclick.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
Apex Domain
Subdomains		 Transfer
18 spiegel.de
abo.spiegel.de — Cisco Umbrella Rank: 154602
sams.spiegel.de — Cisco Umbrella Rank: 81114
sats.spiegel.de — Cisco Umbrella Rank: 77747
525 KB
10 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
2 KB
10 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 497
121 KB
4 adform.net
track.adform.net — Cisco Umbrella Rank: 3933
s2.adform.net — Cisco Umbrella Rank: 5692
30 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 91857
3 KB
3 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1240
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
1 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2353
tr.outbrain.com — Cisco Umbrella Rank: 2115
4 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
201 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
11 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
spiegel.demdex.net — Cisco Umbrella Rank: 80000
5 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14385
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5557
612 B
2 ad-srv.net
ad.ad-srv.net — Cisco Umbrella Rank: 30986
1 KB
2 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
2 KB
2 sciencebehindecommerce.com
the.sciencebehindecommerce.com — Cisco Umbrella Rank: 62157
5 KB
2 apartena.net
read.apartena.net
5 KB
2 vipestores.com
vipestores.com
3 KB
2 jsrdtrck.com
jsrdtrck.com
4 KB
2 arclk.net
v4.s.arclk.net — Cisco Umbrella Rank: 159391
3 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4559
10 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
39 KB
1 admitad.com
ad.admitad.com — Cisco Umbrella Rank: 36717
539 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
7 KB
1 capitalxone.com
capitalxone.com
590 B
78 26
Domain Requested by
15 abo.spiegel.de vipestores.com
abo.spiegel.de
10 www.facebook.com abo.spiegel.de
10 assets.adobedtm.com abo.spiegel.de
assets.adobedtm.com
3 track.adform.net 2 redirects hal9000.redintelligence.net
3 pixel.mathtag.com hal9000.redintelligence.net
3 connect.facebook.net v4.s.arclk.net
connect.facebook.net
3 bat.bing.com assets.adobedtm.com
bat.bing.com
abo.spiegel.de
3 www.awin1.com 1 redirects www.dwin1.com
www.awin1.com
2 5994599.fls.doubleclick.net 1 redirects hal9000.redintelligence.net
2 www.google.de abo.spiegel.de
2 www.google.com 1 redirects abo.spiegel.de
2 ad.ad-srv.net 1 redirects v4.s.arclk.net
2 hal9000.redintelligence.net 1 redirects v4.s.arclk.net
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 the.sciencebehindecommerce.com www.dwin1.com
the.sciencebehindecommerce.com
2 tr.outbrain.com amplify.outbrain.com
abo.spiegel.de
2 read.apartena.net assets.adobedtm.com
read.apartena.net
2 sams.spiegel.de assets.adobedtm.com
2 dpm.demdex.net 1 redirects abo.spiegel.de
2 vipestores.com vipestores.com
2 jsrdtrck.com v4.s.arclk.net
2 v4.s.arclk.net v4.s.arclk.net
1 adservice.google.com 5994599.fls.doubleclick.net
1 s2.adform.net hal9000.redintelligence.net
1 spiegel.demdex.net assets.adobedtm.com
1 www.dwin1.com v4.s.arclk.net
1 amplify.outbrain.com v4.s.arclk.net
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com assets.adobedtm.com
1 sats.spiegel.de assets.adobedtm.com
1 ad.admitad.com 1 redirects
1 s3-eu-west-1.amazonaws.com v4.s.arclk.net
1 capitalxone.com 1 redirects
78 33

This site contains links to these domains. Also see Links.

Domain
www.spiegel.de
gruppenkonto.spiegel.de
www.spiegelgruppe.de
Subject Issuer Validity Valid
s.arclk.net
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-03-26 -
2022-03-08		 a year crt.sh
jsrdtrck.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-05 -
2022-11-04		 a year crt.sh
abo.spiegel.de
Sectigo RSA Domain Validation Secure Server CA		 2020-03-16 -
2022-06-14		 2 years crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
sams.spiegel.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-28 -
2022-10-29		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
read.apartena.net
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
sats.spiegel.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-08 -
2022-10-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-27 -
2022-01-25		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.dwin1.com
Amazon		 2021-11-19 -
2022-12-17		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2021-07-19 -
2022-08-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
redintelligence.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
ad-srv.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Frame ID: 1A4702CD568CEA9618D4926BD8F9CEB9
Requests: 65 HTTP requests in this frame

Frame: https://www.awin1.com/alt.php?mid=21540&sv=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7
Frame ID: 03B39CF85CD08A65BC1EB977FCAA7AEE
Requests: 2 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Frame ID: B4B7135E07B7507645A517AD70D1B4A0
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Frame ID: A1F333E570E493FEA3A34DE39B59F013
Requests: 1 HTTP requests in this frame

Frame: https://spiegel.demdex.net/dest5.html?d_nsid=0
Frame ID: DF4DE53A5BBE93ABAC14574A06792EDE
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8766406585912.048
Frame ID: F82B52C81E1664937F78F6AF8A8D6E0A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SPIEGEL+

Page URL History Show full URLs

  1. http://capitalxone.com/ HTTP 302
    https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
  2. https://jsrdtrck.com/click?trvid=22122&extid=0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r.1642464... Page URL
  3. https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHU... Page URL
  4. https://vipestores.com/links?idw=5482&subid=1irujpos0xp5 Page URL
  5. https://vipestores.com/de/digital-services/spiegelde Page URL
  6. https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1irujpos0xp5 HTTP 302
    https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=709b33f34ffec6ced3a32ad649fd395b&cl... HTTP 302
    https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

78
Requests

95 %
HTTPS

33 %
IPv6

26
Domains

33
Subdomains

31
IPs

6
Countries

996 kB
Transfer

2634 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capitalxone.com/ HTTP 302
    https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs Page URL
  2. https://jsrdtrck.com/click?trvid=22122&extid=0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r.1642464566.1fd6f58ad67a1cd514991a1f0878efa4&cpc=0.0073&sourceid=617353e0c9d25e066f5b0d77&match=ron&carrier=wifi&mob_pf=windows&country=DE Page URL
  3. https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHUwMDI2c3ViaWQ9MWlydWpwb3MweHA1IiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ== Page URL
  4. https://vipestores.com/links?idw=5482&subid=1irujpos0xp5 Page URL
  5. https://vipestores.com/de/digital-services/spiegelde Page URL
  6. https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1irujpos0xp5 HTTP 302
    https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=709b33f34ffec6ced3a32ad649fd395b&clickRef2=823603 HTTP 302
    https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://capitalxone.com/ HTTP 302
  • https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Request Chain 22
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642464570104 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642464570104
Request Chain 50
  • https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B HTTP 302
  • https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Request Chain 51
  • https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+ HTTP 302
  • https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Request Chain 67
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 68
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8766406585912.048 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8766406585912.048
Request Chain 72
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?value=0&guid=ON&script=0&data=aam=seg10Euro HTTP 302
  • https://www.google.com/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg10Euro&is_vtc=1&random=3434118150 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg10Euro&is_vtc=1&random=3434118150&ipr=y
Request Chain 74
  • https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=127093463124&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=127093463124&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r
v4.s.arclk.net/api/user/
Redirect Chain
  • http://capitalxone.com/
  • https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.219.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-219-89.compute-1.amazonaws.com
Software
/
Resource Hash
68c52443c82d5a3a0211c1d701c586c1ff2858ab9e41b05036ce999b3cefced4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 18 Jan 2022 00:09:28 GMT
content-type
text/html; charset=utf-8
content-length
2107
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
accept-ch
UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Tue, 18 Jan 2022 00:09:27 GMT
location
https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
server
nginx
ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.41.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:29 GMT
Last-Modified
Fri, 12 Aug 2016 15:23:54 GMT
Server
AmazonS3
x-amz-request-id
0ZE9GFSSJAP9WXHQ
ETag
"dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6820
x-amz-id-2
u0ksV81uOWO+YLsq9z3FMgFQlY4oBkcEgNgH/Mr+sfWOVRMWTLQP93NZzIByfNxuBqi5B2UMi2k=
0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r
v4.s.arclk.net/api/product/ 		227 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v4.s.arclk.net/api/product/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?confirm=a47e5356c5ddbb11f9a6d199cedc45c4&size=1920000&noframe=1&tnc_ref=n%2Fa&reftaken=feed&refEqual=false
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.219.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-219-89.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:28 GMT
referrer-policy
no-referrer
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
content-length
227
content-type
text/html; charset=utf-8
click
jsrdtrck.com/ 		1003 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jsrdtrck.com/click?trvid=22122&extid=0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r.1642464566.1fd6f58ad67a1cd514991a1f0878efa4&cpc=0.0073&sourceid=617353e0c9d25e066f5b0d77&match=ron&carrier=wifi&mob_pf=windows&country=DE
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2c667da498f95109037c477f51d8ed338ddf203da642632ebb1306c68aad93bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 18 Jan 2022 00:09:28 GMT
content-type
text/html; charset=utf-8
content-length
1003
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
double
jsrdtrck.com/ 		636 B
816 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHUwMDI2c3ViaWQ9MWlydWpwb3MweHA1IiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a891eef42d2c51ce235c581976224bc73aa6b9d2b036a3fa31d6b3ff0d299517

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 18 Jan 2022 00:09:28 GMT
content-type
text/html; charset=utf-8
content-length
636
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
links
vipestores.com/ 		595 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vipestores.com/links?idw=5482&subid=1irujpos0xp5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 18 Jan 2022 00:09:28 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8dkDFBarq86FA8Q2ifQdeLznIQCGclhG79zoCC%2Fs3UkYp9KammRH5boaGHAmsdAbtMRmNCGwTjvHUFuVvoAxseN71L%2BQgyursz5iAo4kesBNu6Xy8TQyUfYyhQe3OIHDDBaiNhGjv%2B5QlsWJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cf398428c0f59cb-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
spiegelde
vipestores.com/de/digital-services/ 		569 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vipestores.com/de/digital-services/spiegelde
Requested by
Host: vipestores.com
URL: https://vipestores.com/links?idw=5482&subid=1irujpos0xp5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 18 Jan 2022 00:09:28 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiyJffVGM4tM9jYYYVXb4UNiVlUxFUhnMh7o%2BIGN9%2BqMs5g2uJ4ZodY%2FYs6JTo%2F1wmWaqJPziBgRREo%2BeMulsVtkLI8Nm15KcP1jLvOhfcbYO11UWznznVBBy5c7fjeK0OCq4KXUZoxJQ6IGoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cf39842ec7659cb-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request plus-einstiegsangebot
abo.spiegel.de/de/c/microsites/pl/standard/
Redirect Chain
  • https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1irujpos0xp5
  • https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=709b33f34ffec6ced3a32ad649fd395b&clickRef2=823603
  • https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Requested by
Host: vipestores.com
URL: https://vipestores.com/de/digital-services/spiegelde
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
6034f033a6f3c1bd44f83d55639ae696d3c1eee0b2b83f5e8c915ec5bf7dc195

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://vipestores.com/

Response headers

date
Tue, 18 Jan 2022 00:09:29 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
expires
Tue, 18 Jan 2022 00:19:29 GMT
cache-control
max-age=600, must-revalidate
x-cache-status
MISS
content-encoding
gzip
alt-svc
clear
server
nginx
via
1.1 google

Redirect headers

Content-Length
0
Location
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Allow
GET
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Tue, 18 Jan 2022 00:09:28 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
nextgen-sp.css
abo.spiegel.de/de/r/35550911/css/responsive/ 		242 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
563994fb1b9efb27e1850f68ee2947524b0ef16cf0555890ff7965d52e0dd25b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:29 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 15:09:49 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 02:52:32 GMT
cookieconsent.min.css
abo.spiegel.de/de/r/35550911/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/cookieconsent.min.css
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
d25416547417e4eb415d306c29c4e50c6e0ed187f7f872705a5cc08be1ed756e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:29 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 13:08:18 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 03:05:20 GMT
cookieconsent.min.js
abo.spiegel.de/de/r/35550911/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/js/cookieconsent.min.js
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
0cf9e1d924ce7ccf5d4ae9a2d996cfe47106a0014ea71a9c9ae3d73afe835f1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:29 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 10:54:37 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 02:53:38 GMT
launch-e7ca7d7ca20f.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/ 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
dfed2a1da850a7bdadbe9e0e5ed7bf84c3998b9a2f468b1e6e8cb27e5398e6fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"c0317154a2452ff9c1db792286505929:1628859282.227983"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
96198
expires
Tue, 18 Jan 2022 01:09:30 GMT
29765241-420-360-p
abo.spiegel.de/de/m/1642165345895/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/m/1642165345895/29765241-420-360-p
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
48eac3fd30f6954ddf77771f40905eb953cbc988e065d4148c626ed846915b1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Fri, 14 Jan 2022 13:02:32 GMT
server
nginx
x-cache-status
HIT
content-type
image/png
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
39102
expires
Sat, 14 Jan 2023 13:02:36 GMT
15611634
abo.spiegel.de/de/m/1526481576157/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/m/1526481576157/15611634
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
b52565263f97d8926823bbcbf39939c347c29df533de3e78a07ca0610b9b599d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Wed, 16 May 2018 14:39:36 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
17272
expires
Sat, 05 Nov 2022 03:08:29 GMT
29384717-300-150-p
abo.spiegel.de/de/m/1642165504078/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/m/1642165504078/29384717-300-150-p
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
a173134924c4708f9ea71e4f490ff92b41f7a9bd4719ca424b54b62198e80f83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Fri, 14 Jan 2022 13:05:10 GMT
server
nginx
x-cache-status
HIT
content-type
image/png
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
33349
expires
Wed, 18 Jan 2023 00:01:11 GMT
29509623-300-150-p
abo.spiegel.de/de/m/1642165427746/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/m/1642165427746/29509623-300-150-p
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
8db60be922c28db592b53be8a7da7ce1556590fe358188377242ccb79038094e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Fri, 14 Jan 2022 13:03:54 GMT
server
nginx
x-cache-status
HIT
content-type
image/png
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
33189
expires
Wed, 18 Jan 2023 00:01:11 GMT
jwplayer.js
abo.spiegel.de/de/r/35550909/js/lib/jwplayer-7.2.4/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550909/js/lib/jwplayer-7.2.4/jwplayer.js
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
63d484e51dd9de676e5ad3fa5ebce0413032951f5addd9f8969aada0b13a7880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2016 11:12:09 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 03:05:39 GMT
responsive.js
abo.spiegel.de/de/r/35550909/js/ 		398 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550909/js/responsive.js
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
cb0a327f9915200c334c81e77ec6fdbf7569c725f1d3f6f5521cb8b0a18163ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 07:49:56 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 02:36:48 GMT
logo-aboshop-desktop-tablet.png
abo.spiegel.de/de/r/35550911/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/r/35550911/img/logo-aboshop-desktop-tablet.png
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
e03fb16c347106a6b99ff1b26757ca24b8afefca648975f063ecaf4f00447784

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Tue, 07 Jan 2020 10:11:44 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
content-type
image/png
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
1714
expires
Sat, 05 Nov 2022 03:01:54 GMT
SpiegelSlab4UICd-ExtraBold.woff2
abo.spiegel.de/de/r/35550911/css/font/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSlab4UICd-ExtraBold.woff2
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c

Request headers

Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin
https://abo.spiegel.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Tue, 07 Jan 2020 10:10:31 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
32624
expires
Sat, 05 Nov 2022 02:52:37 GMT
SpiegelSans4UI-Regular.woff2
abo.spiegel.de/de/r/35550911/css/font/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSans4UI-Regular.woff2
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4

Request headers

Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin
https://abo.spiegel.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Tue, 07 Jan 2020 10:10:20 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
38464
expires
Sat, 05 Nov 2022 03:04:38 GMT
SpiegelSans4UI-Bold.woff2
abo.spiegel.de/de/r/35550911/css/font/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSans4UI-Bold.woff2
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5

Request headers

Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin
https://abo.spiegel.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Tue, 07 Jan 2020 10:10:11 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
39692
expires
Sat, 05 Nov 2022 03:02:34 GMT
fontawesome-webfont.woff
abo.spiegel.de/de/r/35550911/css/font/font-awesome/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/font/font-awesome/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin
https://abo.spiegel.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
via
1.1 google
last-modified
Tue, 14 Oct 2014 09:41:16 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
65452
expires
Sat, 05 Nov 2022 03:04:17 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642464570104
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642464570104
216 B
1023 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642464570104
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
HTTP/1.1
Server
54.229.240.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-240-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b77e7cd6cd167f6a6ef05e5718bc3124d5eb06a48d5d8d5eae40bb1da7936c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v026-06a894a95.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
2jSirgVMTRc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://abo.spiegel.de
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
209
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v026-09d2da899.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://abo.spiegel.de
X-TID
vZRPcFlRT+s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642464570104
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Tue, 18 Jan 2022 01:09:30 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Tue, 18 Jan 2022 01:09:30 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Tue, 18 Jan 2022 01:09:30 GMT
id
sams.spiegel.de/ 		48 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sams.spiegel.de/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=79655FCF5C1D42160A495E15%40AdobeOrg&mid=53140655773112735081478399076561701156&ts=1642464570278
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
c7a1123bd4524e8d0a428d70cc70937a818702f23394e0e16aef289246a25e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abo.spiegel.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-dttl8
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://abo.spiegel.de
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
RCe42ee6079f764fc5bd130b1e534ddc5d-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		562 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCe42ee6079f764fc5bd130b1e534ddc5d-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8fc81bfaae09c53410ea3b71aa3f94e3f04bce34bf69af63406a6dffc15092f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
349
expires
Tue, 18 Jan 2022 01:09:30 GMT
RCb124da92a1e44ebdbba65145b6f3ace4-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		463 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCb124da92a1e44ebdbba65145b6f3ace4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
afa42a12f640a207939cbfcf63b76643cb1e3cdbdaa90d4c99d6ab3685dfc670

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
297
expires
Tue, 18 Jan 2022 01:09:30 GMT
RC11368e0e6aad43f6afe8ca290bc3d2da-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		981 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC11368e0e6aad43f6afe8ca290bc3d2da-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3d1369d73b7b1661d2c6bf8889f3994f0677ee1383843389a1e77908c17a105f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
536
expires
Tue, 18 Jan 2022 01:09:30 GMT
RCb2252bca63f0424d9dea57ee4da763fe-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		599 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCb2252bca63f0424d9dea57ee4da763fe-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
30edfd81c377191b302397b6ec28a0ed32867af35cbe39c7ce870f5d1cc2f0ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
319
expires
Tue, 18 Jan 2022 01:09:30 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:29 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4C0E4E34DD4E431C9E52AC0F9D16CD6E Ref B: FRAEDGE1216 Ref C: 2022-01-18T00:09:30Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
RC5f0ea6df8e5d468986df67e0e6c04db4-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		922 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC5f0ea6df8e5d468986df67e0e6c04db4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e304a82f7be6185c5546182215943406505696e23da260206ca371cbf21088e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
556
expires
Tue, 18 Jan 2022 01:09:30 GMT
eatms.js
read.apartena.net/trck/etms/ 		1014 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.77.7.80 , France, ASN16276 (OVH, FR),
Reverse DNS
read.apartena.net
Software
nginx / PHP/7.2.34
Resource Hash
5b4cf55c521e7766e3a16145ea8cd325bc45298fc002e9ce63b23e9b335a206b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 00:09:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jan 2022 00:09:30 GMT
Server
nginx
X-Powered-By
PHP/7.2.34
Vary
Accept-Encoding
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload
X-HTTPS-Header
1
Content-Type
text/html; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
RC93106eb217034ace90e720b10f39ece3-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		542 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC93106eb217034ace90e720b10f39ece3-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3f58ff29e518dfc03ef0cded688de7e8ae0e3718f4c0728bf83d2a093e544c5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
334
expires
Tue, 18 Jan 2022 01:09:30 GMT
delivery
sats.spiegel.de/rest/v1/ 		363 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sats.spiegel.de/rest/v1/delivery?client=spiegelverlagrudolfa&sessionId=60d7c91bea9c4037872112922b30d2b0&version=2.4.1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.190.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-190-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
58f8bcd26128abfbf72043570aea99c1c0cd78129419617d86314ea6ca66d830

Request headers

Referer
https://abo.spiegel.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://abo.spiegel.de
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
fc7a3b758d9e50f4b2115f14a6ce3eda
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1036667778
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0d165a1ad59e18a25a0ecd9e47d90c4e6e185c1c9b3ac57c2c7ff0bedbcb3f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39816
x-xss-protection
0
expires
Tue, 18 Jan 2022 00:09:30 GMT
5279339.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5279339.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 18 Jan 2022 00:09:29 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5FEEA9AE9F5A4B24A5D81355745DFF5C Ref B: FRAEDGE1216 Ref C: 2022-01-18T00:09:30Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5279339&tm=al001&Ver=2&mid=4aa734ed-0eb0-49f9-bb89-b8ffd9614728&sid=e8449ad077f211ecb9c069a5188135f4&vid=e844b38077f211eca235856631d7e589&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=SPIEGEL%2B&p=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&r=https%3A%2F%2Fvipestores.com%2F&lt=1542&pt=1642464568830,,,,,126,126,137,137,161,145,161,1104,1105,1109,1531,1531,1542,,,&pn=0,0&evt=pageLoad&msclkid=N&sv=1&rn=420878
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4BAE237274A5424E9679E4ACE6629CFA Ref B: FRAEDGE1216 Ref C: 2022-01-18T00:09:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
eatms.js
read.apartena.net/trck/etms/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no&referrer=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Requested by
Host: read.apartena.net
URL: https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.77.7.80 , France, ASN16276 (OVH, FR),
Reverse DNS
read.apartena.net
Software
nginx / PHP/7.2.34
Resource Hash
eac892d018c210174ffbe6065512bc944fda678275effebf7daca079c4da578c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Connection
keep-alive
Pragma
no-cache
Last-Modified
Tue, 18 Jan 2022 00:09:30 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-HTTPS-Header
1
Expires
Mon, 26 Jul 1997 05:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1036667778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14835
x-xss-protection
0
server
cafe
etag
2630088915750441828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 00:09:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
P64XcSCI5PTt1l/+X50TLxqnD2LEiMOmHBPJgXPDh3i5U6TYfHHXMyqRQo2okTHnMZhdcYqIXivU3HdoXiMXzA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 18 Jan 2022 00:09:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Oct 2021 12:12:10 GMT
Server
AkamaiNetStorage
ETag
"973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3150
Expires
Tue, 18 Jan 2022 00:29:30 GMT
21540.js
www.dwin1.com/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/21540.js
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6663f1bb0fc2e62591af7d37d35dae587eeb29af7b3565e6beca954f23d6e543

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SIYdF4loCziFPx4IarRPUy7CD7JbaAF6
content-encoding
gzip
etag
W/"005832146012c112b280ee01034d6c65"
age
259
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Mon, 20 Dec 2021 16:49:09 GMT
server
AmazonS3
date
Tue, 18 Jan 2022 00:05:11 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=600, s-maxage=600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
bUkn_TIaNhWoR4OcV9ClZ2ysV1OZPTB2jB9IsjjP0EGzvxabCqnnOg==
468291950412468
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/468291950412468?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55dca4e47860232460eaac2efcb9d76383f2206dfd28a58f016b18e752b32cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89397
x-xss-protection
0
pragma
public
x-fb-debug
hZ1hkSMAjx165F78VcOrMklK6DernSzhd83qzAU/+hG+WzYUdOUbMlMGzhyUUP3axjrs92H1dSU9kvnzvdDaoQ==
x-frame-options
DENY
date
Tue, 18 Jan 2022 00:09:30 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00bf784a92253a49c50216eea8b47eb721
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
X-TraceId
ed6c71a6568b51dfbf6163f2f650cf8a
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00bf784a92253a49c50216eea8b47eb721&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&optOut=false&bust=06162582127673293
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Cache-Control
no-cache
X-TraceId
5afad658e8dfa0dde0d37fecaad07285
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
alt.php
www.awin1.com/ Frame 03B3 		155 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/alt.php?mid=21540&sv=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/21540.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8bd74b21c5a1eada284eb2479b0ca1d168bd192f607c93763218c4fce2ca0469
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/

Response headers

Content-Type
text/html
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 18 Jan 2022 00:09:30 GMT
Content-Length
141
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
d9core
the.sciencebehindecommerce.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.sciencebehindecommerce.com/d9core
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/21540.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.85.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-85-221.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
21202603d9e657adea80c8a46e458a0880854daad6648d69440f84d95962d56a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:29 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
the.sciencebehindecommerce.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3609
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?random=1642464570544&cv=9&fst=1642464570544&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d52848b481780dacf9e2e59e0a814d7f1767db7847cb1969bfa9d5b70614c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1157
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
retarget
hal9000.redintelligence.net/ Frame B4B7
Redirect Chain
  • https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B
  • https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9c862cd1a608cea35ab890c204273f51f25810f2bd56293654724dd84dc3a3ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
803
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
retarget
ad.ad-srv.net/ Frame A1F3
Redirect Chain
  • https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+
  • https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
26 B
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/0115381be8efc99ba5dcc0b7316d6a8cf00358c4f1.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTgwMDA5IiwiZCI6ImNhcGl0YWx4b25lLmNvbSJ9.0HEUK04jLaQCRCUZJJ8iNfhTPu631hmpc1gmRvwYVGs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Length
26
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
109763999395282
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/109763999395282?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46eb96ce0282630a45500eb9392c35cfd52a6286d1a82559beb418ab3684e3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89243
x-xss-protection
0
pragma
public
x-fb-debug
C/XU9OW86qVztV/pEx8pX1FGOvuflQQ9PJZXNsCPxHWOuIWWtMfEehsHbp6n0j1hX/Eox97QndnYrbhT331IjA==
x-frame-options
DENY
date
Tue, 18 Jan 2022 00:09:30 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
21540.gif
www.awin1.com/m/ Frame 03B3 		43 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/m/21540.gif
Requested by
Host: www.awin1.com
URL: https://www.awin1.com/alt.php?mid=21540&sv=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.awin1.com/alt.php?mid=21540&sv=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 00:09:30 GMT
Allow
GET
ETag
21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
max-age=0
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
/
www.google.com/pagead/1p-user-list/1036667778/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1036667778/?random=1642464570544&cv=9&fst=1642464000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&async=1&fmt=3&is_vtc=1&random=879402508&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1036667778/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1036667778/?random=1642464570544&cv=9&fst=1642464000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&async=1&fmt=3&is_vtc=1&random=879402508&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=UserProperties&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464570604&cd[%24user_type]=no_paidAccess&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&es=user_properties&tm=3&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 18 Jan 2022 00:09:30 GMT
/
www.facebook.com/tr/ 		44 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=PageView&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464570608&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 18 Jan 2022 00:09:30 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=109763999395282&ev=PageView&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464570609&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 18 Jan 2022 00:09:30 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=ViewShopContent&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464570609&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 18 Jan 2022 00:09:30 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=109763999395282&ev=ViewShopContent&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464570610&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 18 Jan 2022 00:09:30 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464570611&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 18 Jan 2022 00:09:30 GMT
/
www.facebook.com/tr/ 		44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=109763999395282&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464570612&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 18 Jan 2022 00:09:30 GMT
s09575567147924
sams.spiegel.de/b/ss/spiegel.ng.spieg.main,spiegel.spieg.abo/10/JS-2.22.0-LBWB/ 		491 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sams.spiegel.de/b/ss/spiegel.ng.spieg.main,spiegel.spieg.abo/10/JS-2.22.0-LBWB/s09575567147924?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=18%2F0%2F2022%200%3A9%3A30%202%200&d.&nsid=0&jsonv=1&.d&sdid=666CE175E9BA92A4-0A07AB1B96C1C581&mid=53140655773112735081478399076561701156&aamlh=6&ce=UTF-8&pageName=sp.abo%20%3E%20product%20%3E%20%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&g=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&r=https%3A%2F%2Fvipestores.com%2F&c.&apl=4.0&inList=3.0&getValOnce=3.0&getPreviousValue=3.0&cm.&ssf=0&.cm&opt.&sell=N&.opt&.c&cc=EUR&server=abo.spiegel.de&v0=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&events=event400%2Cevent1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=D%3DpageName&h1=sp%7Cabo&v2=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&h2=abo.spiegel.de%7Cde%7Cc%7Cmicrosites%7Cpl&v3=web&v4=shop&v5=product&c7=from_ext_other&v7=SPIEGEL%2B&c8=Abo&v8=abo.spiegel.de&c9=%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&v9=%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&v11=vipestores.com&v12=https%3A%2F%2Fvipestores.com%2F&v15=D%3Dc9&v16=all_tracking&v19=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&c32=2022-01-18T00%3A09%3A30.353Z&v33=desktop&v35=01%3A09&v36=new_visitor&c50=event400%2Cevent1&c61=has_visitorAPI&c62=has_ssoID&c70=default&c71=page_data_ready%7Cgeneric%7C&c73=04_abo.spiegel.de%7C27.2.0%7C2021-08-11T20%3A25%3A49Z&c74=production%7C2021-08-13T12%3A54%3A27Z&c75=v1.7.22b_spabo&v146=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&v147=D%3Dv0&v148=D%3Dv145&v149=D%3Dv146&v175=logged_out&v185=D%3Dmid&v200=D%3DUser-Agent&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=79655FCF5C1D42160A495E15%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
05c9cd530f89c3dffa0a18778f10577e4a0ebd65a1465c5a835fadc484d709ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-aam-tid
XshDHwN6Rjg=
date
Tue, 18 Jan 2022 00:09:30 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
vary
*
content-length
491
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v026-09d2da899.edge-irl1.demdex.com UNKNOWN
pragma
no-cache
last-modified
Wed, 19 Jan 2022 00:09:30 GMT
server
jag
xserver
anedge-cdfbd77b-4qqtp
etag
3527165808515416064-4619850408859043471
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 17 Jan 2022 00:09:30 GMT
js
pixel.mathtag.com/event/ Frame B4B7 		597 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x30 config:1.0.0 /
Resource Hash
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Server
MT3 4133 baa842e master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Tue, 18 Jan 2022 00:09:29 GMT
js
pixel.mathtag.com/event/ Frame B4B7 		597 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x14 config:1.0.0 /
Resource Hash
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Server
MT3 4133 baa842e master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Tue, 18 Jan 2022 00:09:29 GMT
dest5.html
spiegel.demdex.net/ Frame DF4D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spiegel.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.215.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-215-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 18 Jan 2022 00:09:30 GMT
DCS
dcs-prod-irl1-2-v026-0f18d6584.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 20 Dec 2021 14:26:35 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
4KDwegq0RYM=
transfer-encoding
chunked
Connection
keep-alive
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame B4B7
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
H2
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 09:57:08 GMT
server
nginx
etag
W/"613888f4-13bd1"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Tue, 18 Jan 2022 00:09:30 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
activityi;dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
5994599.fls.doubleclick.net/ Frame F82B
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...
456 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8766406585912.048?
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
93d3df36befde4193685326af9d4393fd87fede719d3cdff00eef1e979c47a62
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jan 2022 00:09:30 GMT
expires
Tue, 18 Jan 2022 00:09:30 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
366
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jan 2022 00:09:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8766406585912.048?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lgc
the.sciencebehindecommerce.com/ 		0
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the.sciencebehindecommerce.com/lgc
Requested by
Host: the.sciencebehindecommerce.com
URL: https://the.sciencebehindecommerce.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.85.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-85-221.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://abo.spiegel.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://abo.spiegel.de
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=Adobe-Audience-Manager-Segment&cd[segID]=19570006&noscript=1
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 18 Jan 2022 00:09:30 GMT
dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8766...
adservice.google.com/ddm/fls/z/ Frame F82B 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8766406585912.048
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_YsKqBuvUCFRKIewodSNgFuA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8766406585912.048?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1036667778/ Frame DF4D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?value=0&guid=ON&script=0&data=aam=seg10Euro
  • https://www.google.com/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg10Euro&is_vtc=1&random=3434118150
  • https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg10Euro&is_vtc=1&random=3434118150&ipr=y
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg10Euro&is_vtc=1&random=3434118150&ipr=y
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H3
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spiegel.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg10Euro&is_vtc=1&random=3434118150&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/misc/ Frame B4B7 		43 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 00:09:30 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 00:09:29 GMT
/
track.adform.net/Serving/TrackPoint/ Frame B4B7
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=127093463124&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintel...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=127093463124&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.red...
111 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=127093463124&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:31 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
186
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 00:09:30 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=127093463124&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=Microdata&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464572107&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5CtSPIEGEL%2B%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=4&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 18 Jan 2022 00:09:32 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=109763999395282&ev=Microdata&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642464572110&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5CtSPIEGEL%2B%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1642464570603.1127216415&it=1642464570514&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:09:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 18 Jan 2022 00:09:32 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| cookieconsent object| SARAs_data object| adobeTrackingData function| webpackJsonpjwplayer function| jwplayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| DIL function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| FlickityTransformer object| App function| initJwPlayer function| $ function| jQuery object| Modernizr object| jQuery19107462234368072858 function| WOW function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded object| currentVideoPlayer object| d object| uetq function| equalizeHeights function| UET function| UET_init function| UET_push object| ueto_ca59dd419f object| eaTmsReferrer object| google_tag_manager object| dataLayer function| gtag object| google_tag_data function| fbq function| _fbq function| obApi object| eaTms object| eaConvSys function| cookieWrite function| cookieRead string| g function| inList number| a object| AWIN undefined| zx_products undefined| o object| D9v function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| s_i_spiegel.ng.spieg.main_spiegel.spieg.abo string| send object| d9PendingXDR

37 Cookies

Domain/Path Name / Value
.capitalxone.com/ Name: sid
Value: e5a0c31c-77f2-11ec-9e19-d6e80b54cec5
v4.s.arclk.net/ Name: checkme
Value: a47e5356c5ddbb11f9a6d199cedc45c4b789
jsrdtrck.com/ Name: ClickDataNG
Value: H4sIAAAAAAAA_7RU247bNhD9FWGeEoCQSV0oW4EQbDdFW2Q3KJBN96VAQZEjm7FMCkPK3m2Sfy90ycYo0Me-UZzDuZw5R1_gjBSsd1CDSHnKgUF8HhBqziCM7cP3s_bujBTRQN2pPiAD3Vt9_M1MDy2Nnwcf-NNQAgOjIkItZJEVsijlloFWp0HZvZvQWSayjIENt7_fvOQiH1W0fgYUWZUzoLHH6YszIDSWUMd7jAdvoC4ZBD-SnuOSQa-csW6_otevT9RDDcDAdx3SjMzLgkFLyunDip1jC_IQ4xDqzeZsBwzRE4ZU-9Omt-4Y3lpzacpim_05cp7JMLbWNP8aWvsQoeYp53P3eEY3LswN6tmP8Ue925EInX6GGj59fAcMRrJXDXwOZCLp41x-5vhtpLM1zUzc0gE-RWsaLkSZb0WLW-z0bteq0mjN2yoX0ki11R3nebnVRSdSSl_WIVPRGdmVW2VkpYQ2pSh2O6FEx7fVFjtVLDX0oJtlnHXqmXJrGimqvMyR653JSuRSdmXLTVUtsJOK-tCQd2sWRWSRmovt7Arw7V9D11ysM_4SVpQfXaTn5t3PwMAON8YQhgA1ZKJKZZGKUqR5dh2Ty3LHgHSzRxehhnv_t-17tSlTnrx6XNInHx4SwVP-Jnm0ThZvkidZvE5uhqHHR2zf27gp8yrNZfLq_a8P93cs6e0Rk19QH_3r5PZA_oSbXZXytJC7LK1E8lF1iuz6CqZFd0hISzcGz1bji2X8NMHayCTE8McPq00-a8lfwvx2qfSS4SdSzlynvPcG--uLD-qEy7deysGtp8HT5LzJW8PER1ZUyV00szhnfqGGmWHC_dLGFLJxuf_6FSatErp4O6ludQ_ZvXV3w9VVJOWC0otdA9Ru7HsGegzRn6D-sjoBFu0AA3yKSE7186_i_9IsMDhzqOG_xDnFBdRA3k3HDGqYJDmd8_n8fUvnYmHp27d_AgAA___5P9fyGwUAAA==
jsrdtrck.com/ Name: ClickDataNgFall
Value: H4sIAAAAAAAA_7RU247bNhD9FWGeEoCQSV0oW4EQbDdFW2Q3KJBN96VAQZEjm7FMCkPK3m2Sfy90ycYo0Me-UZzDuZw5R1_gjBSsd1CDSHnKgUF8HhBqziCM7cP3s_bujBTRQN2pPiAD3Vt9_M1MDy2Nnwcf-NNQAgOjIkItZJEVsijlloFWp0HZvZvQWSayjIENt7_fvOQiH1W0fgYUWZUzoLHH6YszIDSWUMd7jAdvoC4ZBD-SnuOSQa-csW6_otevT9RDDcDAdx3SjMzLgkFLyunDip1jC_IQ4xDqzeZsBwzRE4ZU-9Omt-4Y3lpzacpim_05cp7JMLbWNP8aWvsQoeYp53P3eEY3LswN6tmP8Ue925EInX6GGj59fAcMRrJXDXwOZCLp41x-5vhtpLM1zUzc0gE-RWsaLkSZb0WLW-z0bteq0mjN2yoX0ki11R3nebnVRSdSSl_WIVPRGdmVW2VkpYQ2pSh2O6FEx7fVFjtVLDX0oJtlnHXqmXJrGimqvMyR653JSuRSdmXLTVUtsJOK-tCQd2sWRWSRmovt7Arw7V9D11ysM_4SVpQfXaTn5t3PwMAON8YQhgA1ZKJKZZGKUqR5dh2Ty3LHgHSzRxehhnv_t-17tSlTnrx6XNInHx4SwVP-Jnm0ThZvkidZvE5uhqHHR2zf27gp8yrNZfLq_a8P93cs6e0Rk19QH_3r5PZA_oSbXZXytJC7LK1E8lF1iuz6CqZFd0hISzcGz1bji2X8NMHayCTE8McPq00-a8lfwvx2qfSS4SdSzlynvPcG--uLD-qEy7deysGtp8HT5LzJW8PER1ZUyV00szhnfqGGmWHC_dLGFLJxuf_6FSatErp4O6ludQ_ZvXV3w9VVJOWC0otdA9Ru7HsGegzRn6D-sjoBFu0AA3yKSE7186_i_9IsMDhzqOG_xDnFBdRA3k3HDGqYJDmd8_n8fUvnYmHp27d_AgAA___5P9fyGwUAAA==
vipestores.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlVVbGZGemlCbVJzeHNHMmJOUUlRSEE9PSIsInZhbHVlIjoiTWpzR3RLL0RaUVJhOUY2M1ZIWDhKSCtoS2dJdTFaWGpXOHdKYjdpNGJjS21keVRoMVdCRlM2WjgxY0ZqS0JXNCIsIm1hYyI6IjgxZWQwNGUzMjFjMjFjZjVjOTRhZmVhYmIwOWFjNTU2MGM2ZTcwYzA1NjhlMDgwZWRjN2NjNzgxZjhkNzY3NTQifQ%3D%3D
vipestores.com/ Name: vipstores_session
Value: eyJpdiI6IjNWZ0VFU0xuTUZOOUp1amU5aFFibXc9PSIsInZhbHVlIjoianlvMjVRaXN1MnpDWDZOclk4RENXYnpnVHN3THJvUTF0Vm9SOUhHcitBMnhhc2hjeStGdUZNWXZidS9FdEtIQyIsIm1hYyI6ImExOGM3YzYyZTNlMGVhNDBkNWE3OThhZWVhYTYyMWE3OWUwMjc3OWE2OWQ2ZGIyOTdkM2Y2NWE5OGIxZmYyZTEifQ%3D%3D
.ad.admitad.com/ Name: UID
Value: v=3|id=d6f67160cb4143129c83af91551b05bd|expr=1705536568|type=0|business_expr=1645056568
.ad.admitad.com/ Name: UID2
Value: v=3|id=d6f67160cb4143129c83af91551b05bd|expr=1705536568|type=0|business_expr=1645056568
.awin1.com/ Name: aw21540
Value: 632098|0|0|1642464568|709b33f34ffec6ced3a32ad649fd395b|aw|0
.awin1.com/ Name: bId
Value: HLEX_61e6053893ec28.89161536
.demdex.net/ Name: demdex
Value: 47337168343210563382056601578223339858
.spiegel.de/ Name: AMCVS_79655FCF5C1D42160A495E15%40AdobeOrg
Value: 1
.spiegel.de/ Name: at_check
Value: true
.spiegel.de/ Name: s_ecid
Value: MCMID%7C53140655773112735081478399076561701156
.spiegel.de/ Name: AMCV_79655FCF5C1D42160A495E15%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19011%7CMCMID%7C53140655773112735081478399076561701156%7CMCAAMLH-1643069370%7C6%7CMCAAMB-1643069370%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1642471770s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.bing.com/ Name: MUID
Value: 0B79FACCB4156B741160EBFCB5C76A4E
.spiegel.de/ Name: _uetsid
Value: e8449ad077f211ecb9c069a5188135f4
.spiegel.de/ Name: _uetvid
Value: e844b38077f211eca235856631d7e589
.spiegel.de/ Name: _gcl_au
Value: 1.1.642801756.1642464570
.spiegel.de/ Name: mbox
Value: session#60d7c91bea9c4037872112922b30d2b0#1642466431|PC#60d7c91bea9c4037872112922b30d2b0.37_0#1705709371
.spiegel.de/ Name: sara_gpv_page
Value: sp.abo%20%3E%20product%20%3E%20%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot
.spiegel.de/ Name: sara_cid_any
Value: aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
.spiegel.de/ Name: sara_cid_ext
Value: aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
.spiegel.de/ Name: _aw_m_21540
Value: 21540_1642464568_f163f5aa55bc9d7e1f72a3c7c7e85fe7
.spiegel.de/ Name: _fbp
Value: fb.1.1642464570603.1127216415
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 65413d5d8246437e
.ad-srv.net/ Name: kdb0xdq3ls8m_uid
Value: d4ad8dbe5666c756
.spiegel.de/ Name: s_cc
Value: true
.facebook.com/ Name: fr
Value: 0Se3kUVTBc3g0xWKT..Bh5gU6...1.0.Bh5gU6.
.spiegel.de/ Name: sara_aam_uuid
Value: 47337168343210563382056601578223339858
.sciencebehindecommerce.com/ Name: _D9J
Value: 7f7b6c1aa81640f0a3d99a86c6d59545
.doubleclick.net/ Name: IDE
Value: AHWqTUkR3qd6Pz05zDp1P099kp8RmpN745kwONQ93Zn-UJ5ep8e3mFt4PpKlgvKolhw
.mathtag.com/ Name: uuid
Value: 8b3b61e6-053a-4300-8564-439a764adcb4
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
abo.spiegel.de/ Name: outbrain_cid_fetch
Value: true
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5926378035587865642

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
abo.spiegel.de
ad.ad-srv.net
ad.admitad.com
adservice.google.com
amplify.outbrain.com
assets.adobedtm.com
bat.bing.com
capitalxone.com
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
jsrdtrck.com
pixel.mathtag.com
read.apartena.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sams.spiegel.de
sats.spiegel.de
spiegel.demdex.net
the.sciencebehindecommerce.com
tr.outbrain.com
track.adform.net
v4.s.arclk.net
vipestores.com
www.awin1.com
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.92.94.3
128.65.210.191
138.201.220.30
138.201.63.165
142.250.186.38
142.250.74.194
15.188.95.229
18.203.190.43
185.26.99.247
2.18.233.201
2.21.142.172
2600:9000:2156:3400:f:8ce2:fb80:93a1
2606:4700:3033::6815:daf
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:808::2003
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a02:26f0:fb:59e::1e80
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.48.135
37.157.2.247
37.157.5.142
51.77.7.80
52.20.219.89
52.218.41.235
52.50.85.221
54.220.215.179
54.229.240.78
70.42.32.159
81.17.18.197
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
05c9cd530f89c3dffa0a18778f10577e4a0ebd65a1465c5a835fadc484d709ff
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0cf9e1d924ce7ccf5d4ae9a2d996cfe47106a0014ea71a9c9ae3d73afe835f1f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d52848b481780dacf9e2e59e0a814d7f1767db7847cb1969bfa9d5b70614c6a
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
21202603d9e657adea80c8a46e458a0880854daad6648d69440f84d95962d56a
2c667da498f95109037c477f51d8ed338ddf203da642632ebb1306c68aad93bd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30edfd81c377191b302397b6ec28a0ed32867af35cbe39c7ce870f5d1cc2f0ba
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3d1369d73b7b1661d2c6bf8889f3994f0677ee1383843389a1e77908c17a105f
3f58ff29e518dfc03ef0cded688de7e8ae0e3718f4c0728bf83d2a093e544c5a
46eb96ce0282630a45500eb9392c35cfd52a6286d1a82559beb418ab3684e3d2
48eac3fd30f6954ddf77771f40905eb953cbc988e065d4148c626ed846915b1f
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c
55dca4e47860232460eaac2efcb9d76383f2206dfd28a58f016b18e752b32cc1
563994fb1b9efb27e1850f68ee2947524b0ef16cf0555890ff7965d52e0dd25b
58f8bcd26128abfbf72043570aea99c1c0cd78129419617d86314ea6ca66d830
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4
5b4cf55c521e7766e3a16145ea8cd325bc45298fc002e9ce63b23e9b335a206b
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5
6034f033a6f3c1bd44f83d55639ae696d3c1eee0b2b83f5e8c915ec5bf7dc195
63d484e51dd9de676e5ad3fa5ebce0413032951f5addd9f8969aada0b13a7880
6663f1bb0fc2e62591af7d37d35dae587eeb29af7b3565e6beca954f23d6e543
68c52443c82d5a3a0211c1d701c586c1ff2858ab9e41b05036ce999b3cefced4
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8bd74b21c5a1eada284eb2479b0ca1d168bd192f607c93763218c4fce2ca0469
8db60be922c28db592b53be8a7da7ce1556590fe358188377242ccb79038094e
8fc81bfaae09c53410ea3b71aa3f94e3f04bce34bf69af63406a6dffc15092f0
93d3df36befde4193685326af9d4393fd87fede719d3cdff00eef1e979c47a62
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
9c862cd1a608cea35ab890c204273f51f25810f2bd56293654724dd84dc3a3ec
a173134924c4708f9ea71e4f490ff92b41f7a9bd4719ca424b54b62198e80f83
a891eef42d2c51ce235c581976224bc73aa6b9d2b036a3fa31d6b3ff0d299517
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
afa42a12f640a207939cbfcf63b76643cb1e3cdbdaa90d4c99d6ab3685dfc670
b0d165a1ad59e18a25a0ecd9e47d90c4e6e185c1c9b3ac57c2c7ff0bedbcb3f6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b52565263f97d8926823bbcbf39939c347c29df533de3e78a07ca0610b9b599d
b77e7cd6cd167f6a6ef05e5718bc3124d5eb06a48d5d8d5eae40bb1da7936c10
c7a1123bd4524e8d0a428d70cc70937a818702f23394e0e16aef289246a25e84
cb0a327f9915200c334c81e77ec6fdbf7569c725f1d3f6f5521cb8b0a18163ba
d25416547417e4eb415d306c29c4e50c6e0ed187f7f872705a5cc08be1ed756e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
dfed2a1da850a7bdadbe9e0e5ed7bf84c3998b9a2f468b1e6e8cb27e5398e6fe
e03fb16c347106a6b99ff1b26757ca24b8afefca648975f063ecaf4f00447784
e304a82f7be6185c5546182215943406505696e23da260206ca371cbf21088e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
eac892d018c210174ffbe6065512bc944fda678275effebf7daca079c4da578c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623