urlscan.io logo urlscan.io
SecurityTrails logo

abo.spiegel.de Open in urlscan Pro
128.65.210.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wwwgmcapitalone.com/
Effective URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d...
Submission: On January 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 6 countries across 26 domains to perform 78 HTTP transactions. The main IP is 128.65.210.191, located in Frankfurt am Main, Germany and belongs to LINK11 Link11 GmbH, DE. The main domain is abo.spiegel.de. The Cisco Umbrella rank of the primary domain is 113266.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 16th 2020. Valid for: 2 years.
This is the only time abo.spiegel.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 212.32.237.101 60781 (LEASEWEB-...)
2 54.166.182.158 14618 (AMAZON-AES)
1 52.218.90.99 16509 (AMAZON-02)
2 3.126.48.135 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 185.26.99.247 44066 (DE-FIRSTC...)
1 3 104.111.239.217 16625 (AKAMAI-AS)
15 128.65.210.191 34309 (LINK11 Li...)
10 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 54.171.65.24 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 51.77.7.80 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2.18.234.190 16625 (AKAMAI-AS)
1 2600:9000:214... 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 63.33.35.188 16509 (AMAZON-02)
2 52.48.185.17 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 46.4.10.49 24940 (HETZNER-AS)
1 2 78.46.90.238 24940 (HETZNER-AS)
2 64.202.112.127 23352 (SERVERCEN...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a03:2880:f12... 32934 (FACEBOOK)
3 2.18.233.201 16625 (AKAMAI-AS)
2 3 37.157.4.41 198622 (ADFORM)
1 37.157.6.236 198622 (ADFORM)
1 2 142.250.186.38 15169 (GOOGLE)
1 54.155.94.243 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
78 31
1    212.32.237.101 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
wwwgmcapitalone.com
2    54.166.182.158 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-182-158.compute-1.amazonaws.com
v4.s.arclk.net
1    52.218.90.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
2    3.126.48.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
jsrdtrck.com
2    2606:4700:3034::ac43:c8e0 (United States)

ASN13335 (CLOUDFLARENET, US)
vipestores.com
1    185.26.99.247 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde430-2.fornex.org
ad.admitad.com
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
15    128.65.210.191 (Frankfurt am Main, Germany)

ASN34309 (LINK11 Link11 GmbH, DE)
abo.spiegel.de
10    2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    54.171.65.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-65-24.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    51.77.7.80 (France)

ASN16276 (OVH, FR)
PTR: read.apartena.net
read.apartena.net
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    2600:9000:214f:7400:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
sams.spiegel.de
1    63.33.35.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-35-188.eu-west-1.compute.amazonaws.com
sats.spiegel.de
2    52.48.185.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-185-17.eu-west-1.compute.amazonaws.com
the.sciencebehindecommerce.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal9000.redintelligence.net
2    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
ad.ad-srv.net
2    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
10    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
5994599.fls.doubleclick.net
1    54.155.94.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-94-243.eu-west-1.compute.amazonaws.com
spiegel.demdex.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
Apex Domain
Subdomains		 Transfer
18 spiegel.de
abo.spiegel.de — Cisco Umbrella Rank: 113266
sams.spiegel.de — Cisco Umbrella Rank: 74925
sats.spiegel.de — Cisco Umbrella Rank: 72281
525 KB
10 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
2 KB
10 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 475
121 KB
4 adform.net
track.adform.net — Cisco Umbrella Rank: 3624
s2.adform.net — Cisco Umbrella Rank: 5288
30 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 70719
3 KB
3 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1039
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 8
adservice.google.com — Cisco Umbrella Rank: 69
1 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2035
tr.outbrain.com — Cisco Umbrella Rank: 1915
4 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
201 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 332
11 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
spiegel.demdex.net — Cisco Umbrella Rank: 70455
5 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 12936
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6151
612 B
2 ad-srv.net
ad.ad-srv.net — Cisco Umbrella Rank: 27691
1 KB
2 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 27409
2 KB
2 sciencebehindecommerce.com
the.sciencebehindecommerce.com — Cisco Umbrella Rank: 53758
5 KB
2 apartena.net
read.apartena.net
5 KB
2 vipestores.com
vipestores.com — Cisco Umbrella Rank: 597610
3 KB
2 jsrdtrck.com
jsrdtrck.com
4 KB
2 arclk.net
v4.s.arclk.net — Cisco Umbrella Rank: 127605
3 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4141
10 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
39 KB
1 admitad.com
ad.admitad.com — Cisco Umbrella Rank: 40410
538 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
7 KB
1 wwwgmcapitalone.com
wwwgmcapitalone.com
600 B
78 26
Domain Requested by
15 abo.spiegel.de vipestores.com
abo.spiegel.de
10 www.facebook.com abo.spiegel.de
10 assets.adobedtm.com abo.spiegel.de
assets.adobedtm.com
3 track.adform.net 2 redirects hal9000.redintelligence.net
3 pixel.mathtag.com hal9000.redintelligence.net
3 connect.facebook.net v4.s.arclk.net
connect.facebook.net
3 bat.bing.com assets.adobedtm.com
bat.bing.com
abo.spiegel.de
3 www.awin1.com 1 redirects www.dwin1.com
www.awin1.com
2 5994599.fls.doubleclick.net 1 redirects hal9000.redintelligence.net
2 www.google.de abo.spiegel.de
2 www.google.com 1 redirects abo.spiegel.de
2 tr.outbrain.com amplify.outbrain.com
abo.spiegel.de
2 ad.ad-srv.net 1 redirects v4.s.arclk.net
2 hal9000.redintelligence.net 1 redirects v4.s.arclk.net
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 the.sciencebehindecommerce.com www.dwin1.com
the.sciencebehindecommerce.com
2 sams.spiegel.de assets.adobedtm.com
2 read.apartena.net assets.adobedtm.com
read.apartena.net
2 dpm.demdex.net 1 redirects abo.spiegel.de
2 vipestores.com vipestores.com
2 jsrdtrck.com v4.s.arclk.net
2 v4.s.arclk.net v4.s.arclk.net
1 adservice.google.com 5994599.fls.doubleclick.net
1 spiegel.demdex.net assets.adobedtm.com
1 s2.adform.net hal9000.redintelligence.net
1 sats.spiegel.de assets.adobedtm.com
1 www.dwin1.com v4.s.arclk.net
1 amplify.outbrain.com v4.s.arclk.net
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com assets.adobedtm.com
1 ad.admitad.com 1 redirects
1 s3-eu-west-1.amazonaws.com v4.s.arclk.net
1 wwwgmcapitalone.com 1 redirects
78 33

This site contains links to these domains. Also see Links.

Domain
www.spiegel.de
gruppenkonto.spiegel.de
www.spiegelgruppe.de
Subject Issuer Validity Valid
s.arclk.net
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-03-26 -
2022-03-08		 a year crt.sh
jsrdtrck.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-05 -
2022-11-04		 a year crt.sh
abo.spiegel.de
Sectigo RSA Domain Validation Secure Server CA		 2020-03-16 -
2022-06-14		 2 years crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
read.apartena.net
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.dwin1.com
Amazon		 2021-11-19 -
2022-12-17		 a year crt.sh
sams.spiegel.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-28 -
2022-10-29		 a year crt.sh
sats.spiegel.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-08 -
2022-10-07		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2021-07-19 -
2022-08-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
redintelligence.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
ad-srv.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Frame ID: A1331897BBB0E83B40601F72C7EC8728
Requests: 65 HTTP requests in this frame

Frame: https://www.awin1.com/alt.php?mid=21540&sv=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4
Frame ID: 4C75EA7AE0C8AD30A0B18D907D9AB3C8
Requests: 2 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Frame ID: 33D499369FB610E9B059177B84442A6A
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Frame ID: F0588243062925085C440F280E1F2B2F
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7319918797903.835
Frame ID: 2973971329CAF2AB216E999EDF8ABF34
Requests: 2 HTTP requests in this frame

Frame: https://spiegel.demdex.net/dest5.html?d_nsid=0
Frame ID: 1F1288A1FCCB3BC6E787FBEAD9FEB416
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SPIEGEL+

Page URL History Show full URLs

  1. http://wwwgmcapitalone.com/ HTTP 302
    https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
  2. https://jsrdtrck.com/click?trvid=22122&extid=01a09a09248d697cfdb169873d4875166a0f85053d.r.1642291... Page URL
  3. https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHU... Page URL
  4. https://vipestores.com/links?idw=5482&subid=1aco5oo814t7 Page URL
  5. https://vipestores.com/de/digital-services/spiegelde Page URL
  6. https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1aco5oo814t7 HTTP 302
    https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=b0f97d0141c0accf989dc40f021e84ec&cl... HTTP 302
    https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9ea... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

78
Requests

95 %
HTTPS

33 %
IPv6

26
Domains

33
Subdomains

31
IPs

6
Countries

997 kB
Transfer

2634 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wwwgmcapitalone.com/ HTTP 302
    https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0 Page URL
  2. https://jsrdtrck.com/click?trvid=22122&extid=01a09a09248d697cfdb169873d4875166a0f85053d.r.1642291897.1b17b6c399bca7e823360541c2115e67&cpc=0.0115&sourceid=60a763f050305338600b6eda&match=ron&carrier=wifi&mob_pf=windows&country=DE Page URL
  3. https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHUwMDI2c3ViaWQ9MWFjbzVvbzgxNHQ3IiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ== Page URL
  4. https://vipestores.com/links?idw=5482&subid=1aco5oo814t7 Page URL
  5. https://vipestores.com/de/digital-services/spiegelde Page URL
  6. https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1aco5oo814t7 HTTP 302
    https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=b0f97d0141c0accf989dc40f021e84ec&clickRef2=823603 HTTP 302
    https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wwwgmcapitalone.com/ HTTP 302
  • https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Request Chain 22
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642291900463 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642291900463
Request Chain 48
  • https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B HTTP 302
  • https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Request Chain 49
  • https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+ HTTP 302
  • https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Request Chain 65
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 66
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7319918797903.835 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7319918797903.835
Request Chain 72
  • https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=673709012428&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=673709012428&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1
Request Chain 74
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro HTTP 302
  • https://www.google.com/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1340975510 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1340975510&ipr=y

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
01a09a09248d697cfdb169873d4875166a0f85053d.r
v4.s.arclk.net/api/user/
Redirect Chain
  • http://wwwgmcapitalone.com/
  • https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dt...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.182.158 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-182-158.compute-1.amazonaws.com
Software
/
Resource Hash
ee8385af24afa48f3c0bc404187309ff5422adcba20e17badee7d8066b10c1ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 16 Jan 2022 00:11:38 GMT
content-type
text/html; charset=utf-8
content-length
2111
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
accept-ch
UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Sun, 16 Jan 2022 00:11:37 GMT
location
https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
server
nginx
ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.90.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:39 GMT
Last-Modified
Fri, 12 Aug 2016 15:23:54 GMT
Server
AmazonS3
x-amz-request-id
ZVYA8YAAJCKQRXVP
ETag
"dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6820
x-amz-id-2
dm4+nsfLvR5A+o/7RzuuVg53g4YGG64R6pQPr1y6+W8yBXtiEVtIzaxW5mzG4jOeMHFOMaBgMGc=
01a09a09248d697cfdb169873d4875166a0f85053d.r
v4.s.arclk.net/api/product/ 		227 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v4.s.arclk.net/api/product/01a09a09248d697cfdb169873d4875166a0f85053d.r?confirm=bd69df39c89b1fa27b081207b29e2db1&size=1920000&noframe=1&tnc_ref=n%2Fa&reftaken=feed&refEqual=false
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.182.158 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-182-158.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:38 GMT
referrer-policy
no-referrer
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
content-length
227
content-type
text/html; charset=utf-8
click
jsrdtrck.com/ 		1003 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jsrdtrck.com/click?trvid=22122&extid=01a09a09248d697cfdb169873d4875166a0f85053d.r.1642291897.1b17b6c399bca7e823360541c2115e67&cpc=0.0115&sourceid=60a763f050305338600b6eda&match=ron&carrier=wifi&mob_pf=windows&country=DE
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ee8656ab9938ec90a21d7a46914559ea38a680275d71d35b68976b1e0e095b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 16 Jan 2022 00:11:38 GMT
content-type
text/html; charset=utf-8
content-length
1003
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
double
jsrdtrck.com/ 		636 B
816 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jsrdtrck.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkdz01NDgyXHUwMDI2c3ViaWQ9MWFjbzVvbzgxNHQ3IiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7475fade415588b75411f583ce43929ed492ffb954945716881330605694ea3a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 16 Jan 2022 00:11:38 GMT
content-type
text/html; charset=utf-8
content-length
636
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
links
vipestores.com/ 		595 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vipestores.com/links?idw=5482&subid=1aco5oo814t7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c8e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 16 Jan 2022 00:11:39 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8Jd2H9VTVC%2FbeZLcKcanVrAupfRlKbaeqtP5UYspRBwrZAb7913aJ67opjWRZ7Kzrtcx%2F6GJcyDJ96YRJqZBWi9nIukOfHDiQPeT4Ih4pdET%2BMucpoSdklSFJcD5yPTK5E0cYDR3wJkVv3Hhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ce320b1189983b2-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
spiegelde
vipestores.com/de/digital-services/ 		569 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vipestores.com/de/digital-services/spiegelde
Requested by
Host: vipestores.com
URL: https://vipestores.com/links?idw=5482&subid=1aco5oo814t7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c8e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5d28522f3d3a224a0943d4ee939856d7f0f09312a9bbd82821744d5b23ef78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 16 Jan 2022 00:11:39 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNLIAt6dEuNqyB%2BbP6EcuftkXHGOtRsIUOGWzQl5h4MLpn96K%2FOeeFfG2Q4Kq0zrDM2cN3tw%2FKhkBNp3fd4ico9FvLjIcYepYfpNz5KrQgHPWVt6oQobJRvZF%2BkEfKag2s92sqVJPptNoZ%2F3yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ce320b1697083b2-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request plus-einstiegsangebot
abo.spiegel.de/de/c/microsites/pl/standard/
Redirect Chain
  • https://ad.admitad.com/g/pgmjwl8eoh693cd06475f9177bf0d8/?subid=1aco5oo814t7
  • https://www.awin1.com/awclick.php?mid=21540&id=632098&clickref=b0f97d0141c0accf989dc40f021e84ec&clickRef2=823603
  • https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Requested by
Host: vipestores.com
URL: https://vipestores.com/de/digital-services/spiegelde
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
7e3ddeba7b71b697bc5d56c1beb858d06405a19c5b395249ea5dea2f438371c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://vipestores.com/

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
expires
Sun, 16 Jan 2022 00:21:40 GMT
cache-control
max-age=600, must-revalidate
x-cache-status
MISS
content-encoding
gzip
alt-svc
clear
server
nginx
via
1.1 google

Redirect headers

Content-Length
0
Location
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Allow
GET
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Sun, 16 Jan 2022 00:11:39 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
nextgen-sp.css
abo.spiegel.de/de/r/35550911/css/responsive/ 		242 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
563994fb1b9efb27e1850f68ee2947524b0ef16cf0555890ff7965d52e0dd25b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 15:09:49 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 02:34:04 GMT
cookieconsent.min.css
abo.spiegel.de/de/r/35550911/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/cookieconsent.min.css
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
d25416547417e4eb415d306c29c4e50c6e0ed187f7f872705a5cc08be1ed756e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 13:08:18 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 03:05:20 GMT
cookieconsent.min.js
abo.spiegel.de/de/r/35550911/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/js/cookieconsent.min.js
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
0cf9e1d924ce7ccf5d4ae9a2d996cfe47106a0014ea71a9c9ae3d73afe835f1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 10:54:37 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 03:01:54 GMT
launch-e7ca7d7ca20f.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/ 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
dfed2a1da850a7bdadbe9e0e5ed7bf84c3998b9a2f468b1e6e8cb27e5398e6fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"c0317154a2452ff9c1db792286505929:1628859282.227983"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
96198
expires
Sun, 16 Jan 2022 01:11:40 GMT
29765241-420-360-p
abo.spiegel.de/de/m/1642165345895/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/m/1642165345895/29765241-420-360-p
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
48eac3fd30f6954ddf77771f40905eb953cbc988e065d4148c626ed846915b1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Fri, 14 Jan 2022 13:02:32 GMT
server
nginx
x-cache-status
HIT
content-type
image/png
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
39102
expires
Sat, 14 Jan 2023 13:05:20 GMT
15611634
abo.spiegel.de/de/m/1526481576157/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/m/1526481576157/15611634
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
b52565263f97d8926823bbcbf39939c347c29df533de3e78a07ca0610b9b599d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Wed, 16 May 2018 14:39:36 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
17272
expires
Sat, 05 Nov 2022 02:36:05 GMT
29384717-300-150-p
abo.spiegel.de/de/m/1642165504078/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/m/1642165504078/29384717-300-150-p
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
a173134924c4708f9ea71e4f490ff92b41f7a9bd4719ca424b54b62198e80f83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Fri, 14 Jan 2022 13:05:10 GMT
server
nginx
x-cache-status
HIT
content-type
image/png
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
33349
expires
Mon, 16 Jan 2023 00:01:03 GMT
29509623-300-150-p
abo.spiegel.de/de/m/1642165427746/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/m/1642165427746/29509623-300-150-p
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
8db60be922c28db592b53be8a7da7ce1556590fe358188377242ccb79038094e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Fri, 14 Jan 2022 13:03:54 GMT
server
nginx
x-cache-status
HIT
content-type
image/png
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
33189
expires
Sun, 15 Jan 2023 23:33:12 GMT
jwplayer.js
abo.spiegel.de/de/r/35550909/js/lib/jwplayer-7.2.4/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550909/js/lib/jwplayer-7.2.4/jwplayer.js
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
63d484e51dd9de676e5ad3fa5ebce0413032951f5addd9f8969aada0b13a7880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2016 11:12:09 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 02:39:55 GMT
responsive.js
abo.spiegel.de/de/r/35550909/js/ 		398 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550909/js/responsive.js
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
cb0a327f9915200c334c81e77ec6fdbf7569c725f1d3f6f5521cb8b0a18163ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 07:49:56 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 google
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
expires
Sat, 05 Nov 2022 02:53:18 GMT
logo-aboshop-desktop-tablet.png
abo.spiegel.de/de/r/35550911/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abo.spiegel.de/de/r/35550911/img/logo-aboshop-desktop-tablet.png
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
e03fb16c347106a6b99ff1b26757ca24b8afefca648975f063ecaf4f00447784

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Tue, 07 Jan 2020 10:11:44 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
content-type
image/png
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
1714
expires
Sat, 05 Nov 2022 02:37:07 GMT
SpiegelSlab4UICd-ExtraBold.woff2
abo.spiegel.de/de/r/35550911/css/font/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSlab4UICd-ExtraBold.woff2
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c

Request headers

Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin
https://abo.spiegel.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Tue, 07 Jan 2020 10:10:31 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
32624
expires
Sat, 05 Nov 2022 02:35:50 GMT
SpiegelSans4UI-Regular.woff2
abo.spiegel.de/de/r/35550911/css/font/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSans4UI-Regular.woff2
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4

Request headers

Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin
https://abo.spiegel.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Tue, 07 Jan 2020 10:10:20 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
38464
expires
Sat, 05 Nov 2022 03:04:38 GMT
SpiegelSans4UI-Bold.woff2
abo.spiegel.de/de/r/35550911/css/font/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/font/SpiegelSans4UI-Bold.woff2
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5

Request headers

Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin
https://abo.spiegel.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Tue, 07 Jan 2020 10:10:11 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
39692
expires
Sat, 05 Nov 2022 02:34:24 GMT
fontawesome-webfont.woff
abo.spiegel.de/de/r/35550911/css/font/font-awesome/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://abo.spiegel.de/de/r/35550911/css/font/font-awesome/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.65.210.191 Frankfurt am Main, Germany, ASN34309 (LINK11 Link11 GmbH, DE),
Reverse DNS
Software
nginx / Undertow 1
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://abo.spiegel.de/de/r/35550911/css/responsive/nextgen-sp.css
Origin
https://abo.spiegel.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
via
1.1 google
last-modified
Tue, 14 Oct 2014 09:41:16 GMT
server
nginx
x-powered-by
Undertow 1
x-cache-status
HIT
cache-control
max-age=31536000, must-revalidate
alt-svc
clear
content-length
65452
expires
Sat, 05 Nov 2022 02:34:33 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642291900463
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642291900463
216 B
1023 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642291900463
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
HTTP/1.1
Server
54.171.65.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-65-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
426fcdbda0edd561effc8ae41e1b126bf61939cb947b247a93ad680d8d382c65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v026-0fd7170f2.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
q8KgxtIWQU8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://abo.spiegel.de
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
209
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v026-0beba7042.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://abo.spiegel.de
X-TID
CL1nJxN0SOI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=79655FCF5C1D42160A495E15%40AdobeOrg&d_nsid=0&ts=1642291900463
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Sun, 16 Jan 2022 01:11:40 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Sun, 16 Jan 2022 01:11:40 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Sun, 16 Jan 2022 01:11:40 GMT
RCe42ee6079f764fc5bd130b1e534ddc5d-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		562 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCe42ee6079f764fc5bd130b1e534ddc5d-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8fc81bfaae09c53410ea3b71aa3f94e3f04bce34bf69af63406a6dffc15092f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
349
expires
Sun, 16 Jan 2022 01:11:40 GMT
RCb124da92a1e44ebdbba65145b6f3ace4-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		463 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCb124da92a1e44ebdbba65145b6f3ace4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
afa42a12f640a207939cbfcf63b76643cb1e3cdbdaa90d4c99d6ab3685dfc670

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
297
expires
Sun, 16 Jan 2022 01:11:40 GMT
RC11368e0e6aad43f6afe8ca290bc3d2da-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		981 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC11368e0e6aad43f6afe8ca290bc3d2da-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3d1369d73b7b1661d2c6bf8889f3994f0677ee1383843389a1e77908c17a105f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
536
expires
Sun, 16 Jan 2022 01:11:40 GMT
RCb2252bca63f0424d9dea57ee4da763fe-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		599 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RCb2252bca63f0424d9dea57ee4da763fe-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
30edfd81c377191b302397b6ec28a0ed32867af35cbe39c7ce870f5d1cc2f0ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
319
expires
Sun, 16 Jan 2022 01:11:40 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:39 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7F0D92E8E3E3457A807064F9AADD4887 Ref B: FRAEDGE1320 Ref C: 2022-01-16T00:11:40Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
RC5f0ea6df8e5d468986df67e0e6c04db4-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		922 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC5f0ea6df8e5d468986df67e0e6c04db4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e304a82f7be6185c5546182215943406505696e23da260206ca371cbf21088e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
556
expires
Sun, 16 Jan 2022 01:11:40 GMT
eatms.js
read.apartena.net/trck/etms/ 		1014 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.77.7.80 , France, ASN16276 (OVH, FR),
Reverse DNS
read.apartena.net
Software
nginx / PHP/7.2.34
Resource Hash
5b4cf55c521e7766e3a16145ea8cd325bc45298fc002e9ce63b23e9b335a206b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jan 2022 00:11:40 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Jan 2022 00:11:40 GMT
Server
nginx
X-Powered-By
PHP/7.2.34
Vary
Accept-Encoding
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload
X-HTTPS-Header
1
Content-Type
text/html; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
RC93106eb217034ace90e720b10f39ece3-source.min.js
assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/ 		542 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/76b882e99554/RC93106eb217034ace90e720b10f39ece3-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3f58ff29e518dfc03ef0cded688de7e8ae0e3718f4c0728bf83d2a093e544c5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 12:54:42 GMT
server
AkamaiNetStorage
etag
"cdde6b6226c7281592610bcb253a79e7:1628859282.976181"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://abo.spiegel.de
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
334
expires
Sun, 16 Jan 2022 01:11:40 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1036667778
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
692d71431b0089388672b6ddc8978982c7bc89c12828146c983ef4e332fd9860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39814
x-xss-protection
0
expires
Sun, 16 Jan 2022 00:11:40 GMT
5279339.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5279339.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 16 Jan 2022 00:11:39 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A5C93E8D96174F25B73BDE3D24087FF7 Ref B: FRAEDGE1320 Ref C: 2022-01-16T00:11:40Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5279339&tm=al001&Ver=2&mid=8c35023b-b248-4211-91d5-47fae6c65c02&sid=e1034940766011ecba5ff3a2281b655b&vid=e1034e40766011ec98c473125149f8dc&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=SPIEGEL%2B&p=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&r=https%3A%2F%2Fvipestores.com%2F&lt=1264&pt=1642291899158,,,,,135,136,142,142,159,148,159,1062,1062,1064,1254,1254,1264,,,&pn=0,0&evt=pageLoad&msclkid=N&sv=1&rn=83522
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BD8AFBA1A1F1418C8C5C6AC68A3FF058 Ref B: FRAEDGE1320 Ref C: 2022-01-16T00:11:40Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
eatms.js
read.apartena.net/trck/etms/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no&referrer=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Requested by
Host: read.apartena.net
URL: https://read.apartena.net/trck/etms/eatms.js?campaign_id=225&pixel=etms&cmp_choices=no
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.77.7.80 , France, ASN16276 (OVH, FR),
Reverse DNS
read.apartena.net
Software
nginx / PHP/7.2.34
Resource Hash
eac892d018c210174ffbe6065512bc944fda678275effebf7daca079c4da578c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubdomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Connection
keep-alive
Pragma
no-cache
Last-Modified
Sun, 16 Jan 2022 00:11:40 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-HTTPS-Header
1
Expires
Mon, 26 Jul 1997 05:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1036667778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14835
x-xss-protection
0
server
cafe
etag
2630088915750441828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 00:11:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
UhpklKhV0u29+Cu00NRV7tEugtbFr8mPJ28dlvB5HqtJX+0h72bZg79gDwfLK6ppg6TX/V4my92GHT8gorynzA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 16 Jan 2022 00:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Oct 2021 12:12:10 GMT
Server
AkamaiNetStorage
ETag
"973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3150
Expires
Sun, 16 Jan 2022 00:31:40 GMT
21540.js
www.dwin1.com/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/21540.js
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6663f1bb0fc2e62591af7d37d35dae587eeb29af7b3565e6beca954f23d6e543

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SIYdF4loCziFPx4IarRPUy7CD7JbaAF6
content-encoding
gzip
etag
W/"005832146012c112b280ee01034d6c65"
age
116
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Mon, 20 Dec 2021 16:49:09 GMT
server
AmazonS3
date
Sun, 16 Jan 2022 00:10:18 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
cache-control
max-age=600, s-maxage=600
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
hwGDs0ZkoTUb1Fr68e1Ny2jEa0yNKIE8rhlNQjoRbWHcqUeJr7Q5Qw==
468291950412468
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/468291950412468?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
353a2117ea0b90c5e2b65f42ef2b311c1434c2d3114f45f7d1c65c9c6b09f40f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89398
x-xss-protection
0
pragma
public
x-fb-debug
SJwCDCtttEO3o6KM8MktDZvR2deuhb7TuPNzIpyGv36y7v3uWrhRcV/joms33MM0UhZLR1a/Btz2TGr0wP0sKg==
x-frame-options
DENY
date
Sun, 16 Jan 2022 00:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
id
sams.spiegel.de/ 		48 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sams.spiegel.de/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=79655FCF5C1D42160A495E15%40AdobeOrg&mid=43815091044385423360093228687558777693&ts=1642291900636
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
fa01cc98e00dc937c5279e0cc7c07b2bdd101e5c3e4e6f520e5f35608f854254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abo.spiegel.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-7rqsl
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://abo.spiegel.de
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
delivery
sats.spiegel.de/rest/v1/ 		363 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sats.spiegel.de/rest/v1/delivery?client=spiegelverlagrudolfa&sessionId=14ae7fc9472f4f6099d7503a1d5de01d&version=2.4.1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.35.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-35-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7e936e6cffb3fe7b83cf2f181415d778708fbf4c9614a4a2ac24026d2dabf279

Request headers

Referer
https://abo.spiegel.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://abo.spiegel.de
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
3e53cda6e5fa5a798a711b587ef25516
alt.php
www.awin1.com/ Frame 4C75 		155 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/alt.php?mid=21540&sv=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/21540.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8bd74b21c5a1eada284eb2479b0ca1d168bd192f607c93763218c4fce2ca0469
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/

Response headers

Content-Type
text/html
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sun, 16 Jan 2022 00:11:40 GMT
Content-Length
141
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
d9core
the.sciencebehindecommerce.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.sciencebehindecommerce.com/d9core
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/21540.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.185.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-185-17.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
2bb3c94c48fce3eb430616e2b81b263893bb4b9072f48a9b603aca1b020d2087

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:39 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
the.sciencebehindecommerce.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3610
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?random=1642291900653&cv=9&fst=1642291900653&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7f955b7daeb0eb95995c66a65f7c1b8d7cfe2623fe28c33af5eca421ace6b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1160
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
retarget
hal9000.redintelligence.net/ Frame 33D4
Redirect Chain
  • https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B
  • https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
175b0684fc688531b634f2dec8ac82d7bbda3a3808ea885935c1eeedef6b0f34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
800
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
retarget
ad.ad-srv.net/ Frame F058
Redirect Chain
  • https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+
  • https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
26 B
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/retarget?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/01a09a09248d697cfdb169873d4875166a0f85053d.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjAxMTYwMDExIiwiZCI6Ind3d2dtY2FwaXRhbG9uZS5jb20ifQ.-lLbVNFb9VMz7T_-1uroCucZkpLiW7F-V_hdvSTIDW0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Length
26
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
?version=1&cat=22337&a=58123&event=view&items=SPIEGEL+&redirected=1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00bf784a92253a49c50216eea8b47eb721
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:41 GMT
content-encoding
gzip
X-TraceId
10fe371afdf1f1488b037b410f0df809
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00bf784a92253a49c50216eea8b47eb721&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&optOut=false&bust=01986528988172891
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:41 GMT
Cache-Control
no-cache
X-TraceId
314a3e36a3ec6115f5aea6ebcae9b09c
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
109763999395282
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/109763999395282?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce15ebcf03c0e2b8839dbd16cded7b11e1071bbe8fc4d01675de30f865e2955a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89243
x-xss-protection
0
pragma
public
x-fb-debug
ks+XgO6LG8yUkYjglgd9k1qeONkkqUSg+1Dzn14wuF3SjdPxCAAJsg8nyh1UJgI1AFc/9JXtEz1vQ6jmAQnR4Q==
x-frame-options
DENY
date
Sun, 16 Jan 2022 00:11:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1036667778/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1036667778/?random=1642291900653&cv=9&fst=1642291200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&async=1&fmt=3&is_vtc=1&random=2676641672&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1036667778/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1036667778/?random=1642291900653&cv=9&fst=1642291200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&ref=https%3A%2F%2Fvipestores.com%2F&tiba=SPIEGEL%2B&async=1&fmt=3&is_vtc=1&random=2676641672&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=UserProperties&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291900712&cd[%24user_type]=no_paidAccess&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&es=user_properties&tm=3&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 16 Jan 2022 00:11:40 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=PageView&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291900715&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 16 Jan 2022 00:11:40 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=109763999395282&ev=PageView&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291900715&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 16 Jan 2022 00:11:40 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=ViewShopContent&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291900716&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 16 Jan 2022 00:11:40 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=109763999395282&ev=ViewShopContent&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291900718&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 16 Jan 2022 00:11:40 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291900718&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 16 Jan 2022 00:11:40 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=109763999395282&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291900719&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&rqm=GET
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 16 Jan 2022 00:11:40 GMT
lgc
the.sciencebehindecommerce.com/ 		0
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the.sciencebehindecommerce.com/lgc
Requested by
Host: the.sciencebehindecommerce.com
URL: https://the.sciencebehindecommerce.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.185.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-185-17.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://abo.spiegel.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://abo.spiegel.de
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
js
pixel.mathtag.com/event/ Frame 33D4 		597 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0 /
Resource Hash
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Server
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Sun, 16 Jan 2022 00:11:39 GMT
js
pixel.mathtag.com/event/ Frame 33D4 		597 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0 /
Resource Hash
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Sun, 16 Jan 2022 00:11:39 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame 33D4
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
H2
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:40 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 09:57:08 GMT
server
nginx
etag
W/"613888f4-13bd1"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Sun, 16 Jan 2022 00:11:40 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
activityi;dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
5994599.fls.doubleclick.net/ Frame 2973
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755...
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...
456 B
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7319918797903.835?
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
6f57d928c4f13aa98cfd7c1371da4cd0160c6905df80086f35c8be2646c09212
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jan 2022 00:11:40 GMT
expires
Sun, 16 Jan 2022 00:11:40 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
365
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jan 2022 00:11:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7319918797903.835?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
21540.gif
www.awin1.com/m/ Frame 4C75 		43 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/m/21540.gif
Requested by
Host: www.awin1.com
URL: https://www.awin1.com/alt.php?mid=21540&sv=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.awin1.com/alt.php?mid=21540&sv=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jan 2022 00:11:40 GMT
Allow
GET
ETag
21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
max-age=0
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
s49780093203177
sams.spiegel.de/b/ss/spiegel.ng.spieg.main,spiegel.spieg.abo/10/JS-2.22.0-LBWB/ 		490 B
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sams.spiegel.de/b/ss/spiegel.ng.spieg.main,spiegel.spieg.abo/10/JS-2.22.0-LBWB/s49780093203177?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=16%2F0%2F2022%200%3A11%3A40%200%200&d.&nsid=0&jsonv=1&.d&sdid=05D9EA7637BE6981-3F878E2C737DCE1C&mid=43815091044385423360093228687558777693&aamlh=6&ce=UTF-8&pageName=sp.abo%20%3E%20product%20%3E%20%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&g=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&r=https%3A%2F%2Fvipestores.com%2F&c.&apl=4.0&inList=3.0&getValOnce=3.0&getPreviousValue=3.0&cm.&ssf=0&.cm&opt.&sell=N&.opt&.c&cc=EUR&server=abo.spiegel.de&v0=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&events=event400%2Cevent1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=D%3DpageName&h1=sp%7Cabo&v2=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&h2=abo.spiegel.de%7Cde%7Cc%7Cmicrosites%7Cpl&v3=web&v4=shop&v5=product&c7=from_ext_other&v7=SPIEGEL%2B&c8=Abo&v8=abo.spiegel.de&c9=%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&v9=%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&v11=vipestores.com&v12=https%3A%2F%2Fvipestores.com%2F&v15=D%3Dc9&v16=all_tracking&v19=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot&c32=2022-01-16T00%3A11%3A40.505Z&v33=desktop&v35=01%3A11&v36=new_visitor&c50=event400%2Cevent1&c61=has_visitorAPI&c62=has_ssoID&c70=default&c71=page_data_ready%7Cgeneric%7C&c73=04_abo.spiegel.de%7C27.2.0%7C2021-08-11T20%3A25%3A49Z&c74=production%7C2021-08-13T12%3A54%3A27Z&c75=v1.7.22b_spabo&v146=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&v147=D%3Dv0&v148=D%3Dv145&v149=D%3Dv146&v175=logged_out&v185=D%3Dmid&v200=D%3DUser-Agent&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=79655FCF5C1D42160A495E15%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
f6074b69a8370086d15c4eab19e7a72bddfbd6a5111edb2a3e49e64ca112aeaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-aam-tid
8s7g31JARro=
date
Sun, 16 Jan 2022 00:11:40 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
vary
*
content-length
490
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v026-092eae008.edge-irl1.demdex.com UNKNOWN
pragma
no-cache
last-modified
Mon, 17 Jan 2022 00:11:40 GMT
server
jag
xserver
anedge-cdfbd77b-7pqx7
etag
3526795001726074880-4619702105497682074
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sat, 15 Jan 2022 00:11:40 GMT
img
pixel.mathtag.com/misc/ Frame 33D4 		43 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 00:11:40 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 16 Jan 2022 00:11:39 GMT
dest5.html
spiegel.demdex.net/ Frame 1F12 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spiegel.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cc10f7b4369d/7eab295f26ec/launch-e7ca7d7ca20f.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.94.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-94-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Sun, 16 Jan 2022 00:11:41 GMT
DCS
dcs-prod-irl1-1-v026-0a04b13a7.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 20 Dec 2021 14:08:57 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
mPl2VVvpQXs=
transfer-encoding
chunked
Connection
keep-alive
dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7319...
adservice.google.com/ddm/fls/z/ Frame 2973 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7319918797903.835
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLPg-4r-tPUCFUer3godhU0Ktg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7319918797903.835?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/Serving/TrackPoint/ Frame 33D4
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=673709012428&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintel...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=673709012428&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.red...
111 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=673709012428&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=58113&version=1&event=view&cat=22329&segment=microsites&items=SPIEGEL%2B&redirected=1
Protocol
H2
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
186
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:41 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=673709012428&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D58113%26version%3D1%26event%3Dview%26cat%3D22329%26segment%3Dmicrosites%26items%3DSPIEGEL%252B%26redirected%3D1
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=Adobe-Audience-Manager-Segment&cd[segID]=19570004&noscript=1
Requested by
Host: abo.spiegel.de
URL: https://abo.spiegel.de/de/c/microsites/pl/standard/plus-einstiegsangebot?awc=21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4&sara_ecid=aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sun, 16 Jan 2022 00:11:41 GMT
/
www.google.de/pagead/1p-user-list/1036667778/ Frame 1F12
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro
  • https://www.google.com/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1340975510
  • https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1340975510&ipr=y
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1340975510&ipr=y
Protocol
H3
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spiegel.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jan 2022 00:11:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1036667778/?value=0&guid=ON&script=0&data=aam=seg1Euro&is_vtc=1&random=1340975510&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468291950412468&ev=Microdata&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291902215&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5CtSPIEGEL%2B%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=4&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sun, 16 Jan 2022 00:11:42 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=109763999395282&ev=Microdata&dl=https%3A%2F%2Fabo.spiegel.de%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot%3Fawc%3D21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4%26sara_ecid%3Daff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14&rl=https%3A%2F%2Fvipestores.com%2F&if=false&ts=1642291902217&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5CtSPIEGEL%2B%5Cn%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.1.1642291900711.1074547718&it=1642291900626&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://abo.spiegel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 00:11:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sun, 16 Jan 2022 00:11:42 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onsecuritypolicyviolation object| onslotchange object| cookieconsent object| SARAs_data object| adobeTrackingData function| webpackJsonpjwplayer function| jwplayer function| FlickityTransformer object| App function| initJwPlayer function| $ function| jQuery object| Modernizr object| jQuery19105426774010842454 function| WOW function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded object| currentVideoPlayer object| d function| equalizeHeights object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| uetq function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| UET function| UET_init function| UET_push object| ueto_f5a386993f object| eaTmsReferrer object| google_tag_manager object| dataLayer function| gtag object| google_tag_data function| fbq function| _fbq function| obApi object| eaTms object| eaConvSys object| AWIN undefined| zx_products undefined| o object| D9v function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| cookieWrite function| cookieRead string| g function| inList number| a string| send object| d9PendingXDR object| s_i_spiegel.ng.spieg.main_spiegel.spieg.abo

37 Cookies

Domain/Path Name / Value
.wwwgmcapitalone.com/ Name: sid
Value: decaec4a-7660-11ec-a959-3880523d1c79
v4.s.arclk.net/ Name: checkme
Value: bd69df39c89b1fa27b081207b29e2db1b789
jsrdtrck.com/ Name: ClickDataNG
Value: H4sIAAAAAAAA_7RU227cNhD9FWGeEkDQkrpQl0AIXKdoi9hBgTj1S4GCIke77GpJYUjt2k3y74UucRYF-pi3IedwLmfO8DOckbxxFhrgCUsYxBCeR4SGxeCn7uGbrZw9IwXU0PRy8BiDGow6_qbnh1K5wrmK56GEGLQMCA0XeZrWvKqrGJQ8jdLs7YxOU56mMRh_-_vNSyxyQQbjFkCellkMNA04n1gMhNoQqnCP4eA0NEUM3k2kFr-IYZBWG7vf0NvpEw3QAMTg-h5pQWZFHkNH0qrDhl18K_IQwuib3e5sRvTBEfpEudNuMPbo3xp9aYu8Sv-cGEuFnzqj2_80rZwP0LCEcV7MJZ_RTitzo3x2U_ie73YiQqueoYFPH99BDBOZqwL-9qQDqeOSfuH4baCz0e1C3FoBPgWjW8YlqyWr07zSoi5Vrzsu6qrMdF6VBRdCsr4qWJHphJKXcZQJ73jZCZXVdadkiVWaZYIVOVcp5wWKcs2hRtWu7WxdL5Qb3QomS5H1rGAZK7KsEox1ArVcYScZ1KElZ7coksggtRfTmw3gur_Gvr0Yq93Fbyg32UDP7bufIQYz3mhN6D00kPIyEXnCC55wdu0T63Anj3SzRxuggXv3jxkGuSsSFr16XMNHHx4izhL2Jno0VuRvoieRv45uxnHAR-zem7ArsjLJRPTq_a8P93dxNJgjRr-gOrrX0e2B3Al3dZmwJBd1mpQ8-ih7SWZ7BfOgeySktRqNZ6PwZWXc3MFWyCxE_8f3VZub6chd_PJ2zfQS4SeSVl-HvHcah-uLD_KE61mt6eDW0eho3rx5t8aZjzQvo7ugF3Eu_EIDC8OE-7WM2WXCev_lC8xaJbThdlbdtj1k9sbejVdXgaT1Uq3r6qGx0zDEoCYf3Amaz9smwKodiAGfApKVw_JV_CjNQgxnBg38nzhnP4cGyNnZTKGBWZKznS32tymd85Wlr1__DQAA__8A66t_GwUAAA==
jsrdtrck.com/ Name: ClickDataNgFall
Value: H4sIAAAAAAAA_7RU227cNhD9FWGeEkDQkrpQl0AIXKdoi9hBgTj1S4GCIke77GpJYUjt2k3y74UucRYF-pi3IedwLmfO8DOckbxxFhrgCUsYxBCeR4SGxeCn7uGbrZw9IwXU0PRy8BiDGow6_qbnh1K5wrmK56GEGLQMCA0XeZrWvKqrGJQ8jdLs7YxOU56mMRh_-_vNSyxyQQbjFkCellkMNA04n1gMhNoQqnCP4eA0NEUM3k2kFr-IYZBWG7vf0NvpEw3QAMTg-h5pQWZFHkNH0qrDhl18K_IQwuib3e5sRvTBEfpEudNuMPbo3xp9aYu8Sv-cGEuFnzqj2_80rZwP0LCEcV7MJZ_RTitzo3x2U_ie73YiQqueoYFPH99BDBOZqwL-9qQDqeOSfuH4baCz0e1C3FoBPgWjW8YlqyWr07zSoi5Vrzsu6qrMdF6VBRdCsr4qWJHphJKXcZQJ73jZCZXVdadkiVWaZYIVOVcp5wWKcs2hRtWu7WxdL5Qb3QomS5H1rGAZK7KsEox1ArVcYScZ1KElZ7coksggtRfTmw3gur_Gvr0Yq93Fbyg32UDP7bufIQYz3mhN6D00kPIyEXnCC55wdu0T63Anj3SzRxuggXv3jxkGuSsSFr16XMNHHx4izhL2Jno0VuRvoieRv45uxnHAR-zem7ArsjLJRPTq_a8P93dxNJgjRr-gOrrX0e2B3Al3dZmwJBd1mpQ8-ih7SWZ7BfOgeySktRqNZ6PwZWXc3MFWyCxE_8f3VZub6chd_PJ2zfQS4SeSVl-HvHcah-uLD_KE61mt6eDW0eho3rx5t8aZjzQvo7ugF3Eu_EIDC8OE-7WM2WXCev_lC8xaJbThdlbdtj1k9sbejVdXgaT1Uq3r6qGx0zDEoCYf3Amaz9smwKodiAGfApKVw_JV_CjNQgxnBg38nzhnP4cGyNnZTKGBWZKznS32tymd85Wlr1__DQAA__8A66t_GwUAAA==
vipestores.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InRBcFVWaGRqc01LdmNxQXN0RTNER0E9PSIsInZhbHVlIjoiQXlyZWl0UmxKTkFUR2VqKzN3TWNRWWF6aEVEOHMwMmlSckNFNGgvak95RU8reUpzRWZvbEFOb3FueDBNbWo4VCIsIm1hYyI6IjNkNjI0NjkxZmNkYjJkYzE1MjE5MjNjZjMzMGViMmE4YWJmMTJmZTFkMWQ1OWIxNWY4Y2FhMzdlMTMyMjJmNWEifQ%3D%3D
vipestores.com/ Name: vipstores_session
Value: eyJpdiI6Ijdub0RrdEQ5UmZBalArSWhCTFhvTlE9PSIsInZhbHVlIjoiUFU3ZWltMDcyUlpDa1U4dWJqMnh3YkxNMWhEcFNMcnR3ekh1UVdoWGl1KzBJNjhFdS91ck85SGVrWFdrZ3hCNiIsIm1hYyI6ImU5MWM1OGI4YmQ5ZGZiMTJlNjdhMDBkZWRhYWFhNTI0OWYyZTk0YWVjMDMxOTQyOTBkN2I2YWE1ZDllNWZjNmEifQ%3D%3D
.ad.admitad.com/ Name: UID
Value: v=3|id=6c7d7de78a58130355c133de0e8c23d5|expr=1705363899|type=0|business_expr=1644883899
.ad.admitad.com/ Name: UID2
Value: v=3|id=6c7d7de78a58130355c133de0e8c23d5|expr=1705363899|type=0|business_expr=1644883899
.awin1.com/ Name: aw21540
Value: 632098|0|0|1642291899|b0f97d0141c0accf989dc40f021e84ec|aw|0
.awin1.com/ Name: bId
Value: HLEX_61e362bbf8c596.03644856
.spiegel.de/ Name: at_check
Value: true
.bing.com/ Name: MUID
Value: 2DE6D42737E86A9828A5C509363A6B12
.spiegel.de/ Name: _uetsid
Value: e1034940766011ecba5ff3a2281b655b
.spiegel.de/ Name: _uetvid
Value: e1034e40766011ec98c473125149f8dc
.spiegel.de/ Name: _gcl_au
Value: 1.1.1114663998.1642291901
.demdex.net/ Name: demdex
Value: 38013012009356002460668193982180383531
.spiegel.de/ Name: AMCVS_79655FCF5C1D42160A495E15%40AdobeOrg
Value: 1
.spiegel.de/ Name: _aw_m_21540
Value: 21540_1642291899_fa9eaadacbe2a1d98da0a526d79976a4
.spiegel.de/ Name: s_ecid
Value: MCMID%7C43815091044385423360093228687558777693
.spiegel.de/ Name: AMCV_79655FCF5C1D42160A495E15%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19009%7CMCMID%7C43815091044385423360093228687558777693%7CMCAAMLH-1642896700%7C6%7CMCAAMB-1642896700%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1642299100s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.spiegel.de/ Name: _fbp
Value: fb.1.1642291900711.1074547718
.ad-srv.net/ Name: kdb0xdq3ls8m_uid
Value: 529baf6ffc9d9068
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 2603357a2842c0da
.facebook.com/ Name: fr
Value: 0Il14hMKTfdR1R9nB..Bh42K8...1.0.Bh42K8.
.spiegel.de/ Name: mbox
Value: session#14ae7fc9472f4f6099d7503a1d5de01d#1642293761|PC#14ae7fc9472f4f6099d7503a1d5de01d.37_0#1705536701
.spiegel.de/ Name: sara_gpv_page
Value: sp.abo%20%3E%20product%20%3E%20%2Fde%2Fc%2Fmicrosites%2Fpl%2Fstandard%2Fplus-einstiegsangebot
.spiegel.de/ Name: sara_cid_any
Value: aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
.spiegel.de/ Name: sara_cid_ext
Value: aff_pd_pfe8MOYeWydTZ1CPFbiVqkS6ZARks14
.sciencebehindecommerce.com/ Name: _D9J
Value: 463b7deb3fbf45069aec6040d94201fe
.spiegel.de/ Name: s_cc
Value: true
.mathtag.com/ Name: uuid
Value: 3a5e61e3-62bc-4400-82b8-538c502b9e38
.doubleclick.net/ Name: IDE
Value: AHWqTUn3iHEjEniKhfcP-Yu2-4iKzZtv97Miu1k42yNdsnVFkT6LwnUiAtWbWbI_NCU
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.spiegel.de/ Name: sara_aam_uuid
Value: 38013012009356002460668193982180383531
abo.spiegel.de/ Name: outbrain_cid_fetch
Value: true
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 2350315523790173709

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
abo.spiegel.de
ad.ad-srv.net
ad.admitad.com
adservice.google.com
amplify.outbrain.com
assets.adobedtm.com
bat.bing.com
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
jsrdtrck.com
pixel.mathtag.com
read.apartena.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sams.spiegel.de
sats.spiegel.de
spiegel.demdex.net
the.sciencebehindecommerce.com
tr.outbrain.com
track.adform.net
v4.s.arclk.net
vipestores.com
www.awin1.com
www.dwin1.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
wwwgmcapitalone.com
104.111.239.217
128.65.210.191
142.250.186.162
142.250.186.38
15.236.176.210
185.26.99.247
2.18.233.201
2.18.234.190
212.32.237.101
2600:9000:214f:7400:f:8ce2:fb80:93a1
2606:4700:3034::ac43:c8e0
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:810::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a02:26f0:6c00:28a::1e80
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.48.135
37.157.4.41
37.157.6.236
46.4.10.49
51.77.7.80
52.218.90.99
52.48.185.17
54.155.94.243
54.166.182.158
54.171.65.24
63.33.35.188
64.202.112.127
78.46.90.238
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0cf9e1d924ce7ccf5d4ae9a2d996cfe47106a0014ea71a9c9ae3d73afe835f1f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
175b0684fc688531b634f2dec8ac82d7bbda3a3808ea885935c1eeedef6b0f34
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
2bb3c94c48fce3eb430616e2b81b263893bb4b9072f48a9b603aca1b020d2087
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30edfd81c377191b302397b6ec28a0ed32867af35cbe39c7ce870f5d1cc2f0ba
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
353a2117ea0b90c5e2b65f42ef2b311c1434c2d3114f45f7d1c65c9c6b09f40f
3c5d28522f3d3a224a0943d4ee939856d7f0f09312a9bbd82821744d5b23ef78
3d1369d73b7b1661d2c6bf8889f3994f0677ee1383843389a1e77908c17a105f
3f58ff29e518dfc03ef0cded688de7e8ae0e3718f4c0728bf83d2a093e544c5a
426fcdbda0edd561effc8ae41e1b126bf61939cb947b247a93ad680d8d382c65
48eac3fd30f6954ddf77771f40905eb953cbc988e065d4148c626ed846915b1f
4d6c6f668fd088065d6a927c86bb45d992bcd715910c609334b5596bf3b63c4c
563994fb1b9efb27e1850f68ee2947524b0ef16cf0555890ff7965d52e0dd25b
5ae09d76b53ed5bcfa3504a4e3ef0f5cec6adb284355efb88f619d85504f2bb4
5b4cf55c521e7766e3a16145ea8cd325bc45298fc002e9ce63b23e9b335a206b
5b65d13b2accf59d8acec406cc63ae2279aaa06dec9bd373bcec8744b6a80be5
5ee8656ab9938ec90a21d7a46914559ea38a680275d71d35b68976b1e0e095b7
63d484e51dd9de676e5ad3fa5ebce0413032951f5addd9f8969aada0b13a7880
6663f1bb0fc2e62591af7d37d35dae587eeb29af7b3565e6beca954f23d6e543
692d71431b0089388672b6ddc8978982c7bc89c12828146c983ef4e332fd9860
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6f57d928c4f13aa98cfd7c1371da4cd0160c6905df80086f35c8be2646c09212
7475fade415588b75411f583ce43929ed492ffb954945716881330605694ea3a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e3ddeba7b71b697bc5d56c1beb858d06405a19c5b395249ea5dea2f438371c2
7e936e6cffb3fe7b83cf2f181415d778708fbf4c9614a4a2ac24026d2dabf279
8bd74b21c5a1eada284eb2479b0ca1d168bd192f607c93763218c4fce2ca0469
8db60be922c28db592b53be8a7da7ce1556590fe358188377242ccb79038094e
8fc81bfaae09c53410ea3b71aa3f94e3f04bce34bf69af63406a6dffc15092f0
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
a173134924c4708f9ea71e4f490ff92b41f7a9bd4719ca424b54b62198e80f83
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
afa42a12f640a207939cbfcf63b76643cb1e3cdbdaa90d4c99d6ab3685dfc670
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b52565263f97d8926823bbcbf39939c347c29df533de3e78a07ca0610b9b599d
cb0a327f9915200c334c81e77ec6fdbf7569c725f1d3f6f5521cb8b0a18163ba
ce15ebcf03c0e2b8839dbd16cded7b11e1071bbe8fc4d01675de30f865e2955a
d25416547417e4eb415d306c29c4e50c6e0ed187f7f872705a5cc08be1ed756e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
dfed2a1da850a7bdadbe9e0e5ed7bf84c3998b9a2f468b1e6e8cb27e5398e6fe
e03fb16c347106a6b99ff1b26757ca24b8afefca648975f063ecaf4f00447784
e304a82f7be6185c5546182215943406505696e23da260206ca371cbf21088e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
eac892d018c210174ffbe6065512bc944fda678275effebf7daca079c4da578c
ee8385af24afa48f3c0bc404187309ff5422adcba20e17badee7d8066b10c1ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6074b69a8370086d15c4eab19e7a72bddfbd6a5111edb2a3e49e64ca112aeaa
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f7f955b7daeb0eb95995c66a65f7c1b8d7cfe2623fe28c33af5eca421ace6b4c
fa01cc98e00dc937c5279e0cc7c07b2bdd101e5c3e4e6f520e5f35608f854254