recherchetumblr.sueddeutsche.de Open in urlscan Pro
66.6.33.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://recherchetumblr.sueddeutsche.de/
Effective URL:
http://recherchetumblr.sueddeutsche.de/
Submission: On May 06 via automatic, source certstream-suspicious (May 6th 2019, 9:20:09 pm UTC)

Summary HTTP 46 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 46 HTTP transactions. The main IP is 66.6.33.22, located in New York, United States and belongs to YAHOO-3 - Oath Holdings Inc., US. The main domain is recherchetumblr.sueddeutsche.de.

This is the only time recherchetumblr.sueddeutsche.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.6.32.22 66.6.32.22	26101 (YAHOO-3) (YAHOO-3 - Oath Holdings Inc.)
3	66.6.33.22 66.6.33.22	26101 (YAHOO-3) (YAHOO-3 - Oath Holdings Inc.)
19	152.199.19.43 152.199.19.43	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a00:1450:400... 2a00:1450:4001:81e::2014	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	208.82.72.242 208.82.72.242	205411 (BOREUS) (BOREUS)
1	159.180.84.14 159.180.84.14	33047 (INSTART) (INSTART - Instart Logic)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a05:d018:77f... 2a05:d018:77f:6c01:3fbe:8e42:aaf8:e4c2	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
1	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE - Google LLC)
4	67.27.157.124 67.27.157.124	3356 (LEVEL3) (LEVEL3 - Level 3 Parent)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	104.244.42.129 104.244.42.129	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2a00:1288:7c:... 2a00:1288:7c:800::5001	43428 (YAHOO-ULS) (YAHOO-ULS)
2 2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
46	16

1 66.6.32.22 (New York, United States) 1 redirects

ASN26101 (YAHOO-3 - Oath Holdings Inc., US)

recherchetumblr.sueddeutsche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.6.33.22 (New York, United States)

ASN26101 (YAHOO-3 - Oath Holdings Inc., US)

recherchetumblr.sueddeutsche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 152.199.19.43 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

assets.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
66.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

social-button.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.82.72.242 (San Jose, United States) 1 redirects

ASN205411 (BOREUS, DE)
PTR: lb-tools-jetzt-http.dns.boreus.de

jetzt.sueddeutsche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.180.84.14 (United States)

ASN33047 (INSTART - Instart Logic, Inc, US)

www.jetzt.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:77f:6c01:3fbe:8e42:aaf8:e4c2 (Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

gwp.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net

ad.de.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.27.157.124 (United States)

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)

polpix.sueddeutsche.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.129 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:7c:800::5001 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)

px.srvcs.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland) 2 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	tumblr.com assets.tumblr.com static.tumblr.com 66.media.tumblr.com px.srvcs.tumblr.com	1022 KB
5	facebook.com 2 redirects staticxx.facebook.com www.facebook.com	1 KB
5	sueddeutsche.de 2 redirects recherchetumblr.sueddeutsche.de jetzt.sueddeutsche.de	22 KB
4	sueddeutsche.com polpix.sueddeutsche.com
3	twitter.com platform.twitter.com twitter.com	28 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	12 KB
2	facebook.net connect.facebook.net	58 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
2	appspot.com social-button.appspot.com	2 KB
1	doubleclick.net ad.de.doubleclick.net	701 B
1	nuggad.net gwp.nuggad.net	751 B
1	jetzt.de www.jetzt.de
46	13

	Domain	Requested by
9	assets.tumblr.com	recherchetumblr.sueddeutsche.de assets.tumblr.com
8	66.media.tumblr.com	recherchetumblr.sueddeutsche.de
4	polpix.sueddeutsche.com	recherchetumblr.sueddeutsche.de
4	recherchetumblr.sueddeutsche.de	1 redirects assets.tumblr.com
3	staticxx.facebook.com	connect.facebook.net
2	www.facebook.com	2 redirects
2	platform.twitter.com	social-button.appspot.com platform.twitter.com
2	connect.facebook.net	recherchetumblr.sueddeutsche.de connect.facebook.net
2	www.google-analytics.com	recherchetumblr.sueddeutsche.de
2	de.ioam.de	1 redirects recherchetumblr.sueddeutsche.de
2	static.tumblr.com	recherchetumblr.sueddeutsche.de
2	social-button.appspot.com	recherchetumblr.sueddeutsche.de
1	px.srvcs.tumblr.com	recherchetumblr.sueddeutsche.de
1	twitter.com	recherchetumblr.sueddeutsche.de
1	ad.de.doubleclick.net	recherchetumblr.sueddeutsche.de
1	ajax.googleapis.com	recherchetumblr.sueddeutsche.de
1	gwp.nuggad.net	recherchetumblr.sueddeutsche.de
1	script.ioam.de	recherchetumblr.sueddeutsche.de
1	www.jetzt.de	recherchetumblr.sueddeutsche.de
1	jetzt.sueddeutsche.de	1 redirects
1	fonts.googleapis.com	recherchetumblr.sueddeutsche.de
46	21

This site contains links to these domains. Also see Links.

Domain
www.sueddeutsche.de
66.media.tumblr.com
twitter.com
www.facebook.com
tumblr.com
www.tumblr.com
arturkim.com

Subject Issuer	Validity	Valid
*.jetzt.de Thawte TLS RSA CA G1	`2019-03-26` - `2021-06-24`	2 years	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
*.media.tumblr.com DigiCert SHA2 Secure Server CA	`2018-12-07` - `2019-06-05`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
twitter.com DigiCert SHA2 High Assurance Server CA	`2018-10-31` - `2019-11-05`	a year	crt.sh
*.edge.tumblr.com DigiCert SHA2 High Assurance Server CA	`2019-04-16` - `2019-05-31`	a month	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://recherchetumblr.sueddeutsche.de/
Frame ID: F48EEE79D9675C70C59960172452EA29
Requests: 36 HTTP requests in this frame

Frame: https://assets.tumblr.com/analytics.html?dfab06320413a6a34dbca419c4c70f2c
Frame ID: 4993703DEED5AAFF773C57F2149F8B1F
Requests: 1 HTTP requests in this frame

Frame: https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Frame ID: E97D8060EEBB7CAAD02D20E7AE90A87D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=http%3A%2F%2Frecherchetumblr.sueddeutsche.de&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 0226CC5541BA565167D6722D3DEA7843
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: EE916C0DB542CB45BDD1BCB78043955B
Requests: 1 HTTP requests in this frame

Frame: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f
Frame ID: 84F49E9063F6AB392EFF4C12144A037F
Requests: 2 HTTP requests in this frame

Frame: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f
Frame ID: 84EB89BA195020F99A64D67BD75E9B20
Requests: 2 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: BF0CAE8C1BC086E8668CA4D0931C6536
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 28FF92100D466A90D3F0F4B2C3CAD455
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://recherchetumblr.sueddeutsche.de/ HTTP 302
http://recherchetumblr.sueddeutsche.de/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^Backbone$/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

INFOnline (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^szmvars$/i
env /^iam_data$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Backbone$/i

Page Statistics

46
Requests

52 %
HTTPS

47 %
IPv6

13
Domains

21
Subdomains

16
IPs

4
Countries

1194 kB
Transfer

3041 kB
Size

17
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sueddeutsche.de/

Search URL Search Domain Scan URL

URL: https://66.media.tumblr.com/fb7edd2d136c6380676bd1a94dcd777e/tumblr_n6qm8jcZ1D1tbd6kyo1_1280.jpg

Search URL Search Domain Scan URL

URL: https://66.media.tumblr.com/127da49b2f3f7e8a0d5fa8302e3949a0/tumblr_n5t9aj69Sm1tbd6kyo1_1280.jpg

Search URL Search Domain Scan URL

URL: https://66.media.tumblr.com/513cee9e5811bb1f7504ce969614f94b/tumblr_n5t8vy72h11tbd6kyo1_1280.jpg

Search URL Search Domain Scan URL

URL: https://66.media.tumblr.com/8a8b2c70a4ebefa433f91b06d0966e50/tumblr_n5rj9980nu1tbd6kyo1_640.jpg

Search URL Search Domain Scan URL

URL: https://66.media.tumblr.com/abc737c0abed825e118bb0bcba3c6717/tumblr_n5o22e7Bff1tbd6kyo1_640.jpg

Search URL Search Domain Scan URL

URL: https://66.media.tumblr.com/ba46168ebf210838274edd615b961654/tumblr_n5o0t7iVSv1tbd6kyo1_640.jpg

Search URL Search Domain Scan URL

URL: http://www.sueddeutsche.de/thema/Die_Recherche
Title: Die Recherche

Search URL Search Domain Scan URL

URL: http://www.sueddeutsche.de/thema/Europa-Recherche
Title: europäischen Idee

Search URL Search Domain Scan URL

URL: https://twitter.com/DieRecherche
Title: hier

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DieRecherche
Title: DieRecherche-Seite

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ihre.sz
Title: Fan der Süddeutschen Zeitung

Search URL Search Domain Scan URL

URL: http://www.sueddeutsche.de/impressum
Title: Impressum

Search URL Search Domain Scan URL

URL: https://twitter.com/dierecherche
Title: Twitter

Search URL Search Domain Scan URL

URL: http://tumblr.com/
Title: Tumblr

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/theme/10375
Title: Minimal Theme

Search URL Search Domain Scan URL

URL: http://arturkim.com/
Title: Artur Kim

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://recherchetumblr.sueddeutsche.de/ HTTP 302
http://recherchetumblr.sueddeutsche.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://jetzt.sueddeutsche.de/js/ext/iqm/adam.js HTTP 301
https://www.jetzt.de/

Request Chain 21

http://de.ioam.de/tx.io?st=sueddeut&cp=spracheDE%2FformatTXT%2FerzeugerRED%2FhomepageNO%2FauslieferungONL%2FappNO%2FpaidNO%2FinhaltTHEMA%2FmerkmalNACHRICHTEN%2FressortPOLITIK%2FportalSZ&pt=CP&ps=lin&er=N22&rf=&r2=&ur=recherchetumblr.sueddeutsche.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=0018&i2=00181398383e9b9755cd0a4f9&ep=1578773336&vr=414&id=s9k4qs&i3=nocookie&n1=1&dntt=0&lt=1557177593299&ev=&cs=gzrn4m&mo=1 HTTP 302
http://de.ioam.de/tx.io?st=sueddeut&cp=spracheDE%2FformatTXT%2FerzeugerRED%2FhomepageNO%2FauslieferungONL%2FappNO%2FpaidNO%2FinhaltTHEMA%2FmerkmalNACHRICHTEN%2FressortPOLITIK%2FportalSZ&pt=CP&ps=lin&er=N22&rf=&r2=&ur=recherchetumblr.sueddeutsche.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=0018&i2=00181398383e9b9755cd0a4f9&ep=1578773336&vr=414&id=s9k4qs&i3=nocookie&n1=1&dntt=0&lt=1557177593299&ev=&cs=gzrn4m&mo=1&sr=71

Request Chain 25

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 26

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=471115235&utmhn=recherchetumblr.sueddeutsche.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mein%20St%C3%BCck%20Europa&utmhid=979142834&utmr=-&utmp=%2F&utmht=1557177593495&utmac=UA-19474199-10&utmcc=__utma%3D189868584.1513714780.1557177593.1557177593.1557177593.1%3B%2B__utmz%3D189868584.1557177593.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1472869749&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=471115235&utmhn=recherchetumblr.sueddeutsche.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mein%20St%C3%BCck%20Europa&utmhid=979142834&utmr=-&utmp=%2F&utmht=1557177593495&utmac=UA-19474199-10&utmcc=__utma%3D189868584.1513714780.1557177593.1557177593.1557177593.1%3B%2B__utmz%3D189868584.1557177593.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1472869749&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 27

http://connect.facebook.net/de_DE/all.js HTTP 307
https://connect.facebook.net/de_DE/all.js

Request Chain 33

http://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9 HTTP 307
https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9

Request Chain 39

http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f HTTP 307
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f

Request Chain 40

http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f HTTP 307
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f

Request Chain 43

https://www.facebook.com/connect/ping?client_id=1449034028649816&domain=recherchetumblr.sueddeutsche.de&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df3d56248cd816d%26domain%3Drecherchetumblr.sueddeutsche.de%26origin%3Dhttp%253A%252F%252Frecherchetumblr.sueddeutsche.de%252Ff269c66f6142b94%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Request Chain 44

https://www.facebook.com/connect/ping?client_id=1449034028649816&domain=recherchetumblr.sueddeutsche.de&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df32f363a848f864%26domain%3Drecherchetumblr.sueddeutsche.de%26origin%3Dhttp%253A%252F%252Frecherchetumblr.sueddeutsche.de%252Ff269c66f6142b94%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
recherchetumblr.sueddeutsche.de/
Redirect Chain

https://recherchetumblr.sueddeutsche.de/
http://recherchetumblr.sueddeutsche.de/

75 KB
20 KB

379ms
222ms

Document
text/html

66.6.33.22
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

66.6.33.22 New York, United States, ASN26101 (YAHOO-3 - Oath Holdings Inc., US),

Reverse DNS

Software

openresty /

Resource Hash

c1d7022a90f63e08e9ffae59a215485c67b281c81eed0723c17d7daca8a20f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: recherchetumblr.sueddeutsche.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: openresty
Date: Mon, 06 May 2019 21:19:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 18902
Connection: keep-alive
Vary: Accept-Encoding X-UA-Device, Accept, Accept-Encoding
X-Rid: 2bc4673c9b84fdcc59524c4906f79dc1
P3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Tumblr-User: meinstueckeuropa
X-Tumblr-Pixel-0: https://px.srvcs.tumblr.com/impixu?T=1557177592&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL3JlY2hlcmNoZXR1bWJsci5zdWVkZGV1dHNjaGUuZGUvIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIn0=&U=DPPNABEKJP&K=7667d07c336d42b849c50f4bf13046590ea1af0a51481b2a5e0b83e3e45232d3--https://px.srvcs.tumblr.com/impixu?T=1557177592&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly9yZWNoZXJjaGV0dW1ibHIuc3VlZGRldXRzY2hlLmRlLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyIsInBvc3RzIjpbeyJwb3N0aWQiOiI4Nzk3MTM2MjcwMiIsImJsb2dpZCI6IjE4NTc3Mzk3NyIsInNv
X-Tumblr-Pixel-1: dXJjZSI6MzN9LHsicG9zdGlkIjoiODY1NzMwODE2MzciLCJibG9naWQiOiIxODU3NzM5NzciLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6Ijg2MTk0NDE2OTY3IiwiYmxvZ2lkIjoiMTg1NzczOTc3Iiwic291cmNlIjozM30seyJwb3N0aWQiOiI4NjE5NDA1OTUyMiIsImJsb2dpZCI6IjE4NTc3Mzk3NyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiODYwOTIyNzMxNDciLCJibG9naWQiOiIxODU3NzM5NzciLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6Ijg2MDI1NzI3Mjg3IiwiYmxvZ2lkIjoiMTg1NzczOTc3Iiwic291cmNlIjozM30seyJwb3N0aWQiOiI4NTkwNzg2MDk4MiIsImJsb2dpZCI6IjE4NTc3Mzk3NyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIj
X-Tumblr-Pixel-2: oiODU5MTM3Mzk0ODIiLCJibG9naWQiOiIxODU3NzM5NzciLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6Ijg1OTExMDQwMDUyIiwiYmxvZ2lkIjoiMTg1NzczOTc3Iiwic291cmNlIjozM30seyJwb3N0aWQiOiI4NTkwMTQyNDg1MiIsImJsb2dpZCI6IjE4NTc3Mzk3NyIsInNvdXJjZSI6MzN9XX0=&U=IOEMCBHOLC&K=9abf7567964aff5f64339fa623b2011fd3e18a523342c03c8773a729f1eeebf0
X-Tumblr-Pixel: 3
Link: <https://66.media.tumblr.com/avatar_af13c0e87a59_128.pnj>; rel=icon
X-UA-Compatible: IE=Edge,chrome=1
Content-Encoding: gzip
X-UA-Device: desktop
Accept-Ranges: bytes

Redirect headers

status: 302
server: openresty
date: Mon, 06 May 2019 21:19:52 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-rid: 2a8cd54802028d429cb3a41385ad9c46
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
x-frame-options: deny
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=0
location: http://recherchetumblr.sueddeutsche.de/#_=_
x-ua-compatible: IE=Edge,chrome=1
x-ua-device: desktop
vary: X-UA-Device, Accept

GET
H/1.1 200
OK pre_tumblelog.js Show response
assets.tumblr.com/assets/scripts/ 3 KB
2 KB 70ms
14ms Script
application/javascript 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F4E) /

Resource Hash

cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Age: 19555737
X-Cache: HIT
Strict-Transport-Security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
Content-Length: 1371
Last-Modified: Wed, 19 Sep 2018 08:56:43 GMT
Server: ECAcc (frc/8F4E)
Etag: W/"5ba20f4b-c3e"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Timing-Allow-Origin: *
Expires: Sun, 15 Aug 2038 08:04:52 GMT

GET
H/1.1 200
OK index.build.css
assets.tumblr.com/client/prod/standalone/blog-network-npf/ 6 KB
2 KB 70ms
14ms Stylesheet
text/css 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=3fc451676906e0ce74d518ae00bb3233

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F24) /

Resource Hash

382a6c4590d55d43ec87e012339537053841a3e0010cef842094516e3c1e5eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:51 GMT
Content-Encoding: gzip
Age: 9350014
X-Cache: HIT
Strict-Transport-Security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
Content-Length: 1798
Last-Modified: Fri, 18 Jan 2019 16:05:45 GMT
Server: ECAcc (frc/8F24)
Etag: W/"5c41f959-19f4"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Timing-Allow-Origin: *
Expires: Mon, 19 Apr 2038 05:09:29 GMT

GET
H/1.1 200
OK social-button.css
social-button.appspot.com/ 433 B
581 B 199ms
191ms Stylesheet
text/css 2a00:1450:4001:81e::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://social-button.appspot.com/social-button.css
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81e::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5b76accc97cf49e2071e45aa621bcea29a5fc684ea25babbb14145f6fa26f544

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Server: Google Frontend
ETag: "B9EIPA"
Transfer-Encoding: chunked
Content-Type: text/css
X-Cloud-Trace-Context: c13f6cfe1b0cf6cedf4a97bed1c589c1
Cache-Control: public, max-age=600
Expires: Mon, 06 May 2019 21:29:53 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 484 B
824 B 22ms
15ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Waiting+for+the+Sunrise

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

8e82cc6ed07bbed995c84a62b88ec3c688c62de8c6c7f60d0d27cc38c95ee3f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 May 2019 21:19:52 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 06 May 2019 21:19:52 GMT

GET
H2

200

/ Show response
www.jetzt.de/
Redirect Chain

http://jetzt.sueddeutsche.de/js/ext/iqm/adam.js
https://www.jetzt.de/

0
0

154ms
51ms

Script
text/html

159.180.84.14
Instart Logic

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jetzt.de/
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.14 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Location: https://www.jetzt.de/
Date: Mon, 06 May 2019 21:19:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 32 KB
10 KB 62ms
18ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.9 0018
Resource Hash: 3b303fbe9e5600f04c310f1b3aa3a7a7afa753489115d24b526f01fb7f88f87c

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 May 2019 21:19:53 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.9 0018
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: privat, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Mon, 06 May 2019 23:19:53 GMT

GET
H/1.1 200
OK tumblelog_post_message_queue.js Show response
assets.tumblr.com/assets/scripts/ 355 B
779 B 69ms
14ms Script
application/javascript 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8FC2) /

Resource Hash

ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Age: 7677053
X-Cache: HIT
Strict-Transport-Security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
Content-Length: 204
Last-Modified: Fri, 25 Jan 2019 06:53:54 GMT
Server: ECAcc (frc/8FC2)
Etag: W/"5c4ab282-163"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 30 Mar 2038 20:26:48 GMT

GET
H/1.1 200
OK stylesheet.css
assets.tumblr.com/fonts/gibson/ 2 KB
1 KB 68ms
14ms Stylesheet
text/css 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8EA6) /

Resource Hash

0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Age: 25771167
X-Cache: HIT
Strict-Transport-Security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
Content-Length: 655
Last-Modified: Tue, 19 Jun 2018 08:54:26 GMT
Server: ECAcc (frc/8EA6)
Etag: W/"5b28c4c2-97e"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Timing-Allow-Origin: *
Expires: Tue, 26 Oct 2038 06:35:22 GMT

GET
H/1.1 200
OK tumblr_static_tumblrheader.jpg
static.tumblr.com/21d8bbab5157d5e3a984c3982b04e855/oxerg3f/kShmixlb6/ 37 KB
38 KB 76ms
14ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.tumblr.com/21d8bbab5157d5e3a984c3982b04e855/oxerg3f/kShmixlb6/tumblr_static_tumblrheader.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8E91) /
Resource Hash: df5b9c9734275ce55e27eb24b1492381150e40455672ee27c446fb0a91fdfa61

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Last-Modified: Thu, 28 Feb 2013 12:57:07 GMT
Server: ECAcc (frc/8E91)
Age: 2586124
Etag: "53eaf70967f6ab1a4860e735c83cac5d"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
Content-Length: 38229

GET
H/1.1 200
OK tumblr_static_aoq5a8588mww4gkgokc4ccw4o.jpg
static.tumblr.com/b00952d963c9545ecd15af94a46408c4/gayixhi/fgNn5gz0k/ 47 KB
48 KB 77ms
14ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.tumblr.com/b00952d963c9545ecd15af94a46408c4/gayixhi/fgNn5gz0k/tumblr_static_aoq5a8588mww4gkgokc4ccw4o.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FBA) /
Resource Hash: 1fec807f60fa9ef3278d51432da34424bb50baef97452e1d9cf5bfa95a7aca14

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Last-Modified: Mon, 12 May 2014 16:26:45 GMT
Server: ECAcc (frc/8FBA)
Age: 4285
Etag: "81c9017a9c5dd04b8f9be7512b3a6fd7"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
Content-Length: 48133
x-amz-meta-idata: v=1;i=l7iQTb3g+4hWzNfpJ+hQGw==;d=4bw1Cf2hjWfIQs1iA02vg0WdYbdkyUksBk1rrPkcqGI1R73sXqg42eaVhSAPFqYdobdAnmizIu3FL4jEQs8W5g==

GET
H2 200 tumblr_n6qm8jcZ1D1tbd6kyo1_500.jpg
66.media.tumblr.com/fb7edd2d136c6380676bd1a94dcd777e/ 53 KB
53 KB 102ms
17ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66.media.tumblr.com/fb7edd2d136c6380676bd1a94dcd777e/tumblr_n6qm8jcZ1D1tbd6kyo1_500.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FF1) /
Resource Hash: 258f1e2180e16e7b31481048068339e7c8224667f6dbcda30f3c87af4e660e53

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:54 GMT
age: 120
x-frames: 1
x-cache: HIT
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 54420
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: ECAcc (frc/8FF1)
etag: "c039b145a8d2f1d291f1bef19c83b6be-1498089600-7047a06"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK rc Show response
gwp.nuggad.net/ 3 KB
751 B 102ms
35ms Script
application/javascript 2a05:d018:77f:6c01:3fbe:8e42:aaf8:e4c2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://gwp.nuggad.net/rc?nuggn=223088769&nuggsid=541253052&nuggrid=http%3A%2F%2Frecherchetumblr.sueddeutsche.de%2F&nuggtg=N399UD0A0001
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 2a05:d018:77f:6c01:3fbe:8e42:aaf8:e4c2 , Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: 84cd91978cd2bcee3e2c066e30681b199d30a55caec1dd043b864e32756decab

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID ADMa OTPa OUR NOR"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 454

GET
H2 200 tumblr_n5t9aj69Sm1tbd6kyo1_500.jpg
66.media.tumblr.com/127da49b2f3f7e8a0d5fa8302e3949a0/ 105 KB
105 KB 103ms
30ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66.media.tumblr.com/127da49b2f3f7e8a0d5fa8302e3949a0/tumblr_n5t9aj69Sm1tbd6kyo1_500.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F53) /
Resource Hash: 3704d993235e409b5d2885ffc8bbba79111c60dd247888101ff0e01fcb386215

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
age: 120
x-frames: 1
x-cache: HIT
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 107123
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: ECAcc (frc/8F53)
etag: "d8d006289f312546b0ac7248b2e7428d-1498089600-7047a06"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_n5t8vy72h11tbd6kyo1_500.jpg
66.media.tumblr.com/513cee9e5811bb1f7504ce969614f94b/ 75 KB
76 KB 17ms
16ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66.media.tumblr.com/513cee9e5811bb1f7504ce969614f94b/tumblr_n5t8vy72h11tbd6kyo1_500.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8E8E) /
Resource Hash: aa3875fd0990407f86eba5ef4fced2bd04f2e917a58a9bbf4375a831ef96dc95

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
age: 120
x-frames: 1
x-cache: HIT
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 77281
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: ECAcc (frc/8E8E)
etag: "edadec19cb0f8116be4b4251414e0fbc-1498089600-7047a06"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_n5rj9980nu1tbd6kyo1_500.jpg
66.media.tumblr.com/8a8b2c70a4ebefa433f91b06d0966e50/ 84 KB
84 KB 244ms
243ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66.media.tumblr.com/8a8b2c70a4ebefa433f91b06d0966e50/tumblr_n5rj9980nu1tbd6kyo1_500.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: openresty /
Resource Hash: 75538fe418622ed099372114efc431b19d89ea80dcd70485459f13738af91d28

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: openresty
x-frames: 1
etag: "a6d154eb3b7e045a1698c5e2dd5aa447-1498089600-7047a06"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: max-age=1209600
timing-allow-origin: *
access-control-allow-origin: *
content-length: 85583

GET
H2 200 tumblr_n5o22e7Bff1tbd6kyo1_500.jpg
66.media.tumblr.com/abc737c0abed825e118bb0bcba3c6717/ 69 KB
69 KB 15ms
15ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66.media.tumblr.com/abc737c0abed825e118bb0bcba3c6717/tumblr_n5o22e7Bff1tbd6kyo1_500.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F7F) /
Resource Hash: 8b521ae3b5e4e028d91eda4c9b95fda918075b883823dee59ad7bfef81a59c09

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
age: 120
x-frames: 1
x-cache: HIT
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 70800
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: ECAcc (frc/8F7F)
etag: "5ae0ba69c6450d273a0137892a7cc3fa-1498089600-7047a06"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_n5o0t7iVSv1tbd6kyo1_500.jpg
66.media.tumblr.com/ba46168ebf210838274edd615b961654/ 39 KB
39 KB 16ms
16ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66.media.tumblr.com/ba46168ebf210838274edd615b961654/tumblr_n5o0t7iVSv1tbd6kyo1_500.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F38) /
Resource Hash: 1367bb1e63d4595134604bcb19d731b1c08fdaf5419a159d3bc34c6f5ad13ce5

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
age: 120
x-frames: 1
x-cache: HIT
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 40055
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: ECAcc (frc/8F38)
etag: "05e98406ec959862951988b5348913c7-1498089600-7047a06"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tumblr_n5nuex3uYg1tbd6kyo1_400.jpg
66.media.tumblr.com/ca5b72d74358ffe5b7a22b941813a7fe/ 37 KB
37 KB 226ms
225ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66.media.tumblr.com/ca5b72d74358ffe5b7a22b941813a7fe/tumblr_n5nuex3uYg1tbd6kyo1_400.jpg
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: openresty /
Resource Hash: 2f8b4cfa40841696c7e8ca2c642737522cea492b47b56f21710b1c66cb999f60

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
server: openresty
x-frames: 1
etag: "e800eb19c786afadd77a897cdf6a6ddd-1498089600-7047a06"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: max-age=1209600
timing-allow-origin: *
access-control-allow-origin: *
content-length: 37618

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 09 Mar 2019 01:42:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 5081867
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 32954
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Mar 2020 01:42:06 GMT

GET
H/1.1 200
OK social-button.js Show response
social-button.appspot.com/ 3 KB
2 KB 140ms
140ms Script
application/javascript 2a00:1450:4001:81e::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://social-button.appspot.com/social-button.js
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81e::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ff97ab980a438a5e150818e1e6585d63577801734c28a70b00e97f05d22e74e8

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Server: Google Frontend
ETag: "B9EIPA"
Transfer-Encoding: chunked
Content-Type: application/javascript
X-Cloud-Trace-Context: c640cafeae37a7f9ba8a38c4ebb70e27
Cache-Control: public, max-age=600
Expires: Mon, 06 May 2019 21:29:53 GMT

GET
H/1.1 200
OK index.build.js Show response
assets.tumblr.com/client/prod/standalone/tumblelog/ 649 KB
184 KB 14ms
14ms Script
application/javascript 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8FED) /

Resource Hash

e24d3fff34091b30a7c86855a96111a04e382e044cf8853957b5a1a46dca9169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Age: 445796
X-Cache: HIT
Strict-Transport-Security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
Content-Length: 187635
Last-Modified: Wed, 01 May 2019 17:29:30 GMT
Server: ECAcc (frc/8FED)
Etag: W/"5cc9d77a-a23fe"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Timing-Allow-Origin: *
Expires: Wed, 06 Jan 2038 03:45:49 GMT

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

http://de.ioam.de/tx.io?st=sueddeut&cp=spracheDE%2FformatTXT%2FerzeugerRED%2FhomepageNO%2FauslieferungONL%2FappNO%2FpaidNO%2FinhaltTHEMA%2FmerkmalNACHRICHTEN%2FressortPOLITIK%2FportalSZ&pt=CP&ps=li...
http://de.ioam.de/tx.io?st=sueddeut&cp=spracheDE%2FformatTXT%2FerzeugerRED%2FhomepageNO%2FauslieferungONL%2FappNO%2FpaidNO%2FinhaltTHEMA%2FmerkmalNACHRICHTEN%2FressortPOLITIK%2FportalSZ&pt=CP&ps=li...

0
694 B

19ms
18ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://de.ioam.de/tx.io?st=sueddeut&cp=spracheDE%2FformatTXT%2FerzeugerRED%2FhomepageNO%2FauslieferungONL%2FappNO%2FpaidNO%2FinhaltTHEMA%2FmerkmalNACHRICHTEN%2FressortPOLITIK%2FportalSZ&pt=CP&ps=lin&er=N22&rf=&r2=&ur=recherchetumblr.sueddeutsche.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=0018&i2=00181398383e9b9755cd0a4f9&ep=1578773336&vr=414&id=s9k4qs&i3=nocookie&n1=1&dntt=0&lt=1557177593299&ev=&cs=gzrn4m&mo=1&sr=71
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.05.0 003b
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.05.0 003b
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Mon, 06 May 2019 21:19:53 GMT
X-Powered-By: BLACKBIRD-RCV v1.05.0 003b
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Mon, 06 May 2019 21:19:53 GMT
Server: nginx
Location: /tx.io?st=sueddeut&cp=spracheDE%2FformatTXT%2FerzeugerRED%2FhomepageNO%2FauslieferungONL%2FappNO%2FpaidNO%2FinhaltTHEMA%2FmerkmalNACHRICHTEN%2FressortPOLITIK%2FportalSZ&pt=CP&ps=lin&er=N22&rf=&r2=&ur=recherchetumblr.sueddeutsche.de&xy=1600x1200x24&lo=GB%2Fn.a.&cb=0018&i2=00181398383e9b9755cd0a4f9&ep=1578773336&vr=414&id=s9k4qs&i3=nocookie&n1=1&dntt=0&lt=1557177593299&ev=&cs=gzrn4m&mo=1&sr=71
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sun, 06 May 2018 21:19:53 GMT

GET
H/1.1 200
OK homepage;kw=iqdjde,iqadtile1,homepage;doc=index;sz=728x90;tile=1;;ord=2456973023411166.5 Show response
ad.de.doubleclick.net/adj/iqdjde/ 11 B
701 B 61ms
22ms Script
text/javascript 216.58.205.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.de.doubleclick.net/adj/iqdjde/homepage;kw=iqdjde,iqadtile1,homepage;doc=index;sz=728x90;tile=1;;ord=2456973023411166.5?

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

HTTP/1.1

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f230.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 31
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found SZSans.07099a15.woff
polpix.sueddeutsche.com/static_assets/fonts/sz-sans/ 0
0 295ms
175ms Font
text/html 67.27.157.124
Level 3 Parent

General

Check archive.org

Show headers Download Go to

Full URL: http://polpix.sueddeutsche.com/static_assets/fonts/sz-sans/SZSans.07099a15.woff
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/
Origin: http://recherchetumblr.sueddeutsche.de

Response headers

Date: Mon, 06 May 2019 21:17:53 GMT
Content-Encoding: gzip
Server: Footprint Distributor V6.1.1162
Age: 120
Vary: Origin, Accept-Encoding
X-Cache: HIT:1
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://recherchetumblr.sueddeutsche.de
Access-Control-Allow-Credentials: true
X-Device: desktop
Connection: keep-alive
Content-Length: 14329
X-Served-By: pol-web-12

GET
H/1.1 404
Not Found SZSans-Bold.d6e20b55.woff
polpix.sueddeutsche.com/static_assets/fonts/sz-sans/ 0
0 263ms
150ms Font
text/html 67.27.157.124
Level 3 Parent

General

Check archive.org

Show headers Download Go to

Full URL: http://polpix.sueddeutsche.com/static_assets/fonts/sz-sans/SZSans-Bold.d6e20b55.woff
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/
Origin: http://recherchetumblr.sueddeutsche.de

Response headers

Date: Mon, 06 May 2019 21:17:54 GMT
Content-Encoding: gzip
Server: Footprint Distributor V6.1.1162
Age: 119
Vary: Origin, Accept-Encoding
X-Cache: MISS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://recherchetumblr.sueddeutsche.de
Access-Control-Allow-Credentials: true
X-Device: desktop
Connection: keep-alive
Content-Length: 14329
X-Served-By: pol-web-12

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

8ms
6ms

Script
text/javascript

2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 2624
date: Mon, 06 May 2019 20:36:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17168
expires: Mon, 06 May 2019 22:36:09 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=471115235&utmhn=recherchetumblr.sueddeutsche.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmf...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=471115235&utmhn=recherchetumblr.sueddeutsche.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utm...

35 B
101 B

16ms
16ms

Image
image/gif

2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=471115235&utmhn=recherchetumblr.sueddeutsche.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mein%20St%C3%BCck%20Europa&utmhid=979142834&utmr=-&utmp=%2F&utmht=1557177593495&utmac=UA-19474199-10&utmcc=__utma%3D189868584.1513714780.1557177593.1557177593.1557177593.1%3B%2B__utmz%3D189868584.1557177593.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1472869749&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2019 21:19:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=471115235&utmhn=recherchetumblr.sueddeutsche.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mein%20St%C3%BCck%20Europa&utmhid=979142834&utmr=-&utmp=%2F&utmht=1557177593495&utmac=UA-19474199-10&utmcc=__utma%3D189868584.1513714780.1557177593.1557177593.1557177593.1%3B%2B__utmz%3D189868584.1557177593.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1472869749&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2

200

all.js Show response
connect.facebook.net/de_DE/
Redirect Chain

http://connect.facebook.net/de_DE/all.js
https://connect.facebook.net/de_DE/all.js

3 KB
2 KB

23ms
6ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f1c04b85cc1af0fbca05900b5b2242405a7a7ce5f1c070596f4097e6c176f0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kX0FQjrZxObj9lyxuv6QEQ==
status: 200
date: Mon, 06 May 2019 21:19:53 GMT
vary: Accept-Encoding
content-length: 1779
x-fb-debug: 3IFEMjtn9B8gVywpBrJaLbdaeYwIrcX/NVslCMk8nsXNCu6xJeVok7QcTbcxM0Eg1lrku7cobpok25i23GH1ew==
x-fb-content-md5: 8135ea5edfea807d6d452ebce44736ae
etag: "afc576706065862bd313a7f158d31d5e"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 May 2019 21:35:41 GMT

Redirect headers

Location: https://connect.facebook.net/de_DE/all.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 38ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: social-button.appspot.com
URL: http://social-button.appspot.com/social-button.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AC) /
Resource Hash: 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 06 May 2019 21:19:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
Server: ECS (fcn/41AC)
Etag: "4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28028

GET
H2 200 login
twitter.com/ 0
0 329ms
257ms Image
text/html 104.244.42.129
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitter.com/login?redirect_after_login=%2Fimages%2Fspinner.gif
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.42.129 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 impixu
px.srvcs.tumblr.com/ 95 B
1017 B 190ms
105ms Image
image/png 2a00:1288:7c:800::5001
YAHOO-ULS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.srvcs.tumblr.com/impixu?T=1557177592&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly9yZWNoZXJjaGV0dW1ibHIuc3VlZGRldXRzY2hlLmRlLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyIsInBvc3RzIjpbeyJwb3N0aWQiOiI4Nzk3MTM2MjcwMiIsImJsb2dpZCI6IjE4NTc3Mzk3NyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiODY1NzMwODE2MzciLCJibG9naWQiOiIxODU3NzM5NzciLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6Ijg2MTk0NDE2OTY3IiwiYmxvZ2lkIjoiMTg1NzczOTc3Iiwic291cmNlIjozM30seyJwb3N0aWQiOiI4NjE5NDA1OTUyMiIsImJsb2dpZCI6IjE4NTc3Mzk3NyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiODYwOTIyNzMxNDciLCJibG9naWQiOiIxODU3NzM5NzciLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6Ijg2MDI1NzI3Mjg3IiwiYmxvZ2lkIjoiMTg1NzczOTc3Iiwic291cmNlIjozM30seyJwb3N0aWQiOiI4NTkwNzg2MDk4MiIsImJsb2dpZCI6IjE4NTc3Mzk3NyIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiODU5MTM3Mzk0ODIiLCJibG9naWQiOiIxODU3NzM5NzciLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6Ijg1OTExMDQwMDUyIiwiYmxvZ2lkIjoiMTg1NzczOTc3Iiwic291cmNlIjozM30seyJwb3N0aWQiOiI4NTkwMTQyNDg1MiIsImJsb2dpZCI6IjE4NTc3Mzk3NyIsInNvdXJjZSI6MzN9XX0=&U=AMPKAEMOIF&K=23dd37d9efbe6d976b6aae66273b4c5c3643a1b081fbaf5d323f9a9e77b9826c&R=

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:7c:800::5001 , United Kingdom, ASN43428 (YAHOO-ULS, GB),

Reverse DNS

Software

ATS /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 May 2019 21:19:53 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
x-content-type-options: nosniff
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-type: image/png
content-length: 95
x-xss-protection: 1; mode=block

GET
H2 200 analytics.html
assets.tumblr.com/ Frame 4993 0
0 17ms
16ms Document
text/html 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/analytics.html?dfab06320413a6a34dbca419c4c70f2c

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F2A) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: assets.tumblr.com
:scheme: https
:path: /analytics.html?dfab06320413a6a34dbca419c4c70f2c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://recherchetumblr.sueddeutsche.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/

Response headers

status: 200
content-encoding: br
accept-ranges: bytes
access-control-allow-origin: *
age: 19654630
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: max-age=315360000 immutable
content-type: text/html; charset=utf-8
date: Mon, 06 May 2019 21:19:53 GMT
etag: W/"5b7fade3-3a02"
expires: Mon, 16 Aug 2038 11:33:05 GMT
last-modified: Fri, 24 Aug 2018 07:04:03 GMT
server: ECAcc (frc/8F2A)
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
content-length: 2786

GET
H/1.1 200
OK showads.js Show response
recherchetumblr.sueddeutsche.de/assets/scripts/tumblr/dashboard/ 0
452 B 111ms
111ms Script
application/javascript 66.6.33.22
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://recherchetumblr.sueddeutsche.de/assets/scripts/tumblr/dashboard/showads.js
Requested by: Host: assets.tumblr.com
URL: http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f
Protocol: HTTP/1.1
Server: 66.6.33.22 New York, United States, ASN26101 (YAHOO-3 - Oath Holdings Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Mon, 06 May 2019 21:19:53 GMT
Last-Modified: Fri, 03 May 2019 09:14:51 GMT
Server: openresty
ETag: "5ccc068b-0"
Vary: X-UA-Device, Accept
Content-Type: application/javascript; charset=utf-8
X-UA-Device: desktop
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

login_check.html
assets.tumblr.com/assets/html/iframe/ Frame E97D
Redirect Chain

http://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9

0
0

15ms
13ms

Document
text/html

152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9

Requested by

Host: assets.tumblr.com
URL: http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8FE8) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: assets.tumblr.com
:scheme: https
:path: /assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://recherchetumblr.sueddeutsche.de/
accept-encoding: gzip, deflate, br
cookie: _ga=GA1.2.2063974038.1557177594
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 19683969
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: max-age=315360000 immutable
content-type: text/html; charset=utf-8
date: Mon, 06 May 2019 21:19:53 GMT
etag: W/"5ba20f4b-270"
expires: Mon, 16 Aug 2038 19:42:04 GMT
last-modified: Wed, 19 Sep 2018 08:56:43 GMT
server: ECAcc (frc/8FE8)
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
content-length: 342

Redirect headers

Location: https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Non-Authoritative-Reason: HSTS

GET
H2 200 all.js Show response
connect.facebook.net/de_DE/ 186 KB
56 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js?hash=6766ad5849cec6d12dc48c72fe675b2b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4b66fe256b011a3eed3059a7b9ec6ab5431a67869c2bad4cb208cc864c055288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/
Origin: http://recherchetumblr.sueddeutsche.de

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hNXLIY4hgZmD9t6pC8k7Tw==
status: 200
date: Mon, 06 May 2019 21:19:53 GMT
vary: Accept-Encoding
content-length: 56386
x-fb-debug: BNyxVV08ZMV8QQAg6qTQUtbLdB87kN+LpVAP5bvQNDNGZ4IqW5BdUBvFhw4aBlla8h77fpkMQIM81sZB936VSw==
x-fb-content-md5: fbce0c0a45c5e2761f58f0df553393ec
etag: "b0a8cb84a21fe406bc1d987c007da877"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 05 May 2020 20:12:28 GMT

GET
H/1.1 200
OK widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 0226 0
0 29ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=http%3A%2F%2Frecherchetumblr.sueddeutsche.de&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://recherchetumblr.sueddeutsche.de/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 06 May 2019 21:19:53 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4185)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H2 200 d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame EE91 0
0 28ms
7ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=6766ad5849cec6d12dc48c72fe675b2b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://recherchetumblr.sueddeutsche.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 05 May 2020 19:35:14 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: Nd0jvMiKlXu3ZiX7pYbLh+fT43MAnCDu6WiGfCMiIfKmGmFW/VOXYXBVgISi+t4u5YQIAZvu+Or7x9B2HurdwQ==
content-length: 11000
date: Mon, 06 May 2019 21:19:53 GMT

GET
H/1.1 404
Not Found SZSans-Bold.0f5e9761.otf
polpix.sueddeutsche.com/static_assets/fonts/sz-sans/ 0
0 169ms
169ms Font
text/html 67.27.157.124
Level 3 Parent

General

Check archive.org

Show headers Download Go to

Full URL: http://polpix.sueddeutsche.com/static_assets/fonts/sz-sans/SZSans-Bold.0f5e9761.otf
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/
Origin: http://recherchetumblr.sueddeutsche.de

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Content-Encoding: gzip
Server: Footprint Distributor V6.1.1162
Age: 0
Vary: Origin, Accept-Encoding
X-Cache: MISS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://recherchetumblr.sueddeutsche.de
access-control-allow-credentials: true
x-device: desktop
Connection: keep-alive
Content-Length: 14329
X-Served-By: pol-web-11

GET
H/1.1 404
Not Found SZSans.7cc2496a.otf
polpix.sueddeutsche.com/static_assets/fonts/sz-sans/ 0
0 342ms
342ms Font
text/html 67.27.157.124
Level 3 Parent

General

Check archive.org

Show headers Download Go to

Full URL: http://polpix.sueddeutsche.com/static_assets/fonts/sz-sans/SZSans.7cc2496a.otf
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: HTTP/1.1
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/
Origin: http://recherchetumblr.sueddeutsche.de

Response headers

Date: Mon, 06 May 2019 21:19:51 GMT
Content-Encoding: gzip
Server: Footprint Distributor V6.1.1162
Age: 3
Vary: Origin, Accept-Encoding
X-Cache: HIT:1
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://recherchetumblr.sueddeutsche.de
Access-Control-Allow-Credentials: true
x-device: desktop
Connection: keep-alive
Content-Length: 14329
X-Served-By: pol-web-11

GET
H2

200

index.build.js Show response
assets.tumblr.com/client/prod/standalone/tumblelog/ Frame 84F4
Redirect Chain

http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f

649 KB
140 KB

15ms
14ms

Script
application/javascript

152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8FED) /

Resource Hash

e24d3fff34091b30a7c86855a96111a04e382e044cf8853957b5a1a46dca9169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
content-encoding: br
age: 445796
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 143484
last-modified: Wed, 01 May 2019 17:29:30 GMT
server: ECAcc (frc/8FED)
etag: W/"5cc9d77a-a23fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jan 2038 03:45:49 GMT

Redirect headers

Location: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f
Non-Authoritative-Reason: HSTS

GET
H2

200

index.build.js Show response
assets.tumblr.com/client/prod/standalone/tumblelog/ Frame 84EB
Redirect Chain

http://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f

649 KB
140 KB

19ms
18ms

Script
application/javascript

152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f

Requested by

Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8FED) /

Resource Hash

e24d3fff34091b30a7c86855a96111a04e382e044cf8853957b5a1a46dca9169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
content-encoding: br
age: 445796
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 143484
last-modified: Wed, 01 May 2019 17:29:30 GMT
server: ECAcc (frc/8FED)
etag: W/"5cc9d77a-a23fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jan 2038 03:45:49 GMT

Redirect headers

Location: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK cslog
recherchetumblr.sueddeutsche.de/services/ Frame 84F4 0
158 B 109ms
109ms Other
application/octet-stream 66.6.33.22
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://recherchetumblr.sueddeutsche.de/services/cslog
Requested by: Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=83e9c90aa75edccb43b900664dadd84f
Protocol: HTTP/1.1
Server: 66.6.33.22 New York, United States, ASN26101 (YAHOO-3 - Oath Holdings Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
Origin: http://recherchetumblr.sueddeutsche.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 06 May 2019 21:19:53 GMT
Server: openresty
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 avatar_af13c0e87a59_64.pnj
66.media.tumblr.com/ Frame 84EB 3 KB
3 KB 18ms
17ms Image
image/jpeg 152.199.19.43
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66.media.tumblr.com/avatar_af13c0e87a59_64.pnj
Requested by: Host: recherchetumblr.sueddeutsche.de
URL: http://recherchetumblr.sueddeutsche.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.43 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F6A) /
Resource Hash: 00675f31be81d75e320f27113aad66b612f5b53ba48cb11711e9138b78df4ab1

Request headers

Referer: http://recherchetumblr.sueddeutsche.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 21:19:53 GMT
x-frames: 1
age: 788115
x-cache: HIT
status: 200
content-disposition: inline; filename="avatar_af13c0e87a59_64.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2721
last-modified: Tue, 22 Aug 2017 16:00:00 GMT
server: ECAcc (frc/8F6A)
etag: "f64c84b562441ecc3fb378706e952940-1503417600-bd06ad1"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame BF0C
Redirect Chain

https://www.facebook.com/connect/ping?client_id=1449034028649816&domain=recherchetumblr.sueddeutsche.de&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbia...
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

0
0

7ms
6ms

Document
text/html

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=6766ad5849cec6d12dc48c72fe675b2b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://recherchetumblr.sueddeutsche.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 05 May 2020 19:35:14 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: Nd0jvMiKlXu3ZiX7pYbLh+fT43MAnCDu6WiGfCMiIfKmGmFW/VOXYXBVgISi+t4u5YQIAZvu+Or7x9B2HurdwQ==
content-length: 11000
date: Mon, 06 May 2019 21:19:54 GMT

Redirect headers

status: 302
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
location: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44#cb=f3d56248cd816d&domain=recherchetumblr.sueddeutsche.de&origin=http%3A%2F%2Frecherchetumblr.sueddeutsche.de%2Ff269c66f6142b94&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: pZK78pUz8znnSriXyPhql9TElJKaUtcpf4MvRWtVGZg1BNyAIiw1W3xPcfPFufZX6QPmTDjC62jWwUn2Kal7JQ==
content-length: 0
date: Mon, 06 May 2019 21:19:54 GMT

GET
H2

200

d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 28FF
Redirect Chain

https://www.facebook.com/connect/ping?client_id=1449034028649816&domain=recherchetumblr.sueddeutsche.de&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbia...
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

0
0

7ms
7ms

Document
text/html

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=6766ad5849cec6d12dc48c72fe675b2b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://recherchetumblr.sueddeutsche.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://recherchetumblr.sueddeutsche.de/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 05 May 2020 19:35:14 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: Nd0jvMiKlXu3ZiX7pYbLh+fT43MAnCDu6WiGfCMiIfKmGmFW/VOXYXBVgISi+t4u5YQIAZvu+Or7x9B2HurdwQ==
content-length: 11000
date: Mon, 06 May 2019 21:19:54 GMT

Redirect headers

status: 302
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
location: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44#cb=f32f363a848f864&domain=recherchetumblr.sueddeutsche.de&origin=http%3A%2F%2Frecherchetumblr.sueddeutsche.de%2Ff269c66f6142b94&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: OGRjQDGl2Ktm8zkO3gYPMJH3c1PlkqUNjpUzTn/DHN0+ggP/bVnHLP2XhHR9Iad9uVyFvLDKRB14xcCBEORz0Q==
content-length: 0
date: Mon, 06 May 2019 21:19:54 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.twitter.com/	1970-01-19 00:33:19	Name: ct0 Value: 9fb7b1b33c3774d749001a6114eb299c
.twitter.com/	1970-01-19 00:43:02	Name: external_referer Value: fwhwi6Y0ffCvZwiuKVYhlPPrdTyp%2FL%2FALUyW1f4PIo4c%2BvUIYsPiTQ%3D%3D\|0\|8e8t2xd8A2w%3D
.twitter.com/	1970-01-19 18:04:09	Name: guest_id Value: v1%3A155717759365356924
.twitter.com/	1970-01-19 18:04:09	Name: personalization_id Value: "v1_8200V2pypkCf+sh1i2VPqA=="
.twitter.com/	1969-12-31 23:59:59	Name: _twitter_sess Value: BAh7CSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCGZvBI9qAToMY3NyZl9p%250AZCIlNGMyY2JmYWJkMTY2MWE0Nzk1MDU2YmQzMmNmY2Q1ZGM6B2lkIiViOTVi%250AZTU0ZTA4MjcwMjVmYTdjOWM4NTRjZWJhN2U2ZQ%253D%253D--8a7b048883124cc677e04b40f3dbb49451947f6c
.tumblr.com/	1969-12-31 23:59:59	Name: __utmc Value: 189990958
.tumblr.com/	1970-01-19 09:18:33	Name: rxx Value: 2j72ee5pwi8.1ikkqec4&v=1
.tumblr.com/	1970-01-19 04:55:45	Name: __utmz Value: 189990958.1557177594.1.1.utmcsr=recherchetumblr.sueddeutsche.de\|utmccn=(referral)\|utmcmd=referral\|utmcct=/
.recherchetumblr.sueddeutsche.de/	1970-01-19 04:55:45	Name: __utmz Value: 189868584.1557177593.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.recherchetumblr.sueddeutsche.de/	1970-01-19 00:32:58	Name: __utmt Value: 1
.tumblr.com/	1970-01-19 00:34:23	Name: _gid Value: GA1.2.1921608841.1557177594
.tumblr.com/	1970-01-19 18:04:09	Name: _ga Value: GA1.2.2063974038.1557177594
.recherchetumblr.sueddeutsche.de/	1970-01-19 18:04:09	Name: __utma Value: 189868584.1513714780.1557177593.1557177593.1557177593.1
.recherchetumblr.sueddeutsche.de/	1970-01-19 00:32:59	Name: __utmb Value: 189868584.1.10.1557177593
.tumblr.com/	1970-01-19 18:04:09	Name: __utma Value: 189990958.2063974038.1557177594.1557177594.1557177594.1
.tumblr.com/	1970-01-19 00:32:59	Name: __utmb Value: 189990958.0.10.1557177594
.recherchetumblr.sueddeutsche.de/	1969-12-31 23:59:59	Name: __utmc Value: 189868584

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://connect.facebook.net/de_DE/all.js?hash=6766ad5849cec6d12dc48c72fe675b2b&ua=modern_es6(Line 52) Message: The method FB.getLoginStatus will soon stop working when called from http pages. Please update your site to use https for Facebook Login. https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66.media.tumblr.com
ad.de.doubleclick.net
ajax.googleapis.com
assets.tumblr.com
connect.facebook.net
de.ioam.de
fonts.googleapis.com
gwp.nuggad.net
jetzt.sueddeutsche.de
platform.twitter.com
polpix.sueddeutsche.com
px.srvcs.tumblr.com
recherchetumblr.sueddeutsche.de
script.ioam.de
social-button.appspot.com
static.tumblr.com
staticxx.facebook.com
twitter.com
www.facebook.com
www.google-analytics.com
www.jetzt.de
104.244.42.129
152.199.19.43
159.180.84.14
208.82.72.242
216.58.205.230
2606:2800:234:59:254c:406:2366:268c
2a00:1288:7c:800::5001
2a00:1450:4001:816::200a
2a00:1450:4001:817::200a
2a00:1450:4001:81e::2014
2a00:1450:4001:81f::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:77f:6c01:3fbe:8e42:aaf8:e4c2
66.6.32.22
66.6.33.22
67.27.157.124
91.215.100.40
91.215.103.64
00675f31be81d75e320f27113aad66b612f5b53ba48cb11711e9138b78df4ab1
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1367bb1e63d4595134604bcb19d731b1c08fdaf5419a159d3bc34c6f5ad13ce5
1fec807f60fa9ef3278d51432da34424bb50baef97452e1d9cf5bfa95a7aca14
258f1e2180e16e7b31481048068339e7c8224667f6dbcda30f3c87af4e660e53
2f8b4cfa40841696c7e8ca2c642737522cea492b47b56f21710b1c66cb999f60
3704d993235e409b5d2885ffc8bbba79111c60dd247888101ff0e01fcb386215
382a6c4590d55d43ec87e012339537053841a3e0010cef842094516e3c1e5eb8
3b303fbe9e5600f04c310f1b3aa3a7a7afa753489115d24b526f01fb7f88f87c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
4b66fe256b011a3eed3059a7b9ec6ab5431a67869c2bad4cb208cc864c055288
5b76accc97cf49e2071e45aa621bcea29a5fc684ea25babbb14145f6fa26f544
75538fe418622ed099372114efc431b19d89ea80dcd70485459f13738af91d28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cd91978cd2bcee3e2c066e30681b199d30a55caec1dd043b864e32756decab
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b521ae3b5e4e028d91eda4c9b95fda918075b883823dee59ad7bfef81a59c09
8e82cc6ed07bbed995c84a62b88ec3c688c62de8c6c7f60d0d27cc38c95ee3f7
aa3875fd0990407f86eba5ef4fced2bd04f2e917a58a9bbf4375a831ef96dc95
c1d7022a90f63e08e9ffae59a215485c67b281c81eed0723c17d7daca8a20f47
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
df5b9c9734275ce55e27eb24b1492381150e40455672ee27c446fb0a91fdfa61
e24d3fff34091b30a7c86855a96111a04e382e044cf8853957b5a1a46dca9169
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
f1c04b85cc1af0fbca05900b5b2242405a7a7ce5f1c070596f4097e6c176f0a8
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
ff97ab980a438a5e150818e1e6585d63577801734c28a70b00e97f05d22e74e8

recherchetumblr.sueddeutsche.de Open in urlscan Pro 66.6.33.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

52 %HTTPS

47 %IPv6

13 Domains

21 Subdomains

16 IPs

4 Countries

1194 kBTransfer

3041 kBSize

17 Cookies

17 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

recherchetumblr.sueddeutsche.de Open in urlscan Pro
66.6.33.22 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

52 %
HTTPS

47 %
IPv6

13
Domains

21
Subdomains

16
IPs

4
Countries

1194 kB
Transfer

3041 kB
Size

17
Cookies

46 HTTP transactions
0 data transactions