www.tz.de Open in urlscan Pro
91.234.213.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tz.de/?search=James-Marsden.htm?
Effective URL:
https://www.tz.de/?search=James-Marsden.htm%3f
Submission: On October 09 via manual (October 9th 2020, 10:46:32 am UTC) from PL

Summary HTTP 87 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 22 domains to perform 87 HTTP transactions. The main IP is 91.234.213.110, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.tz.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 16th 2020. Valid for: 3 months.

This is the only time www.tz.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.234.213.200 91.234.213.200	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1 13	91.234.213.110 91.234.213.110	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
3	136.243.25.70 136.243.25.70	24940 (HETZNER-AS) (HETZNER-AS)
9	2606:4700:20:... 2606:4700:20::681a:ff6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:3de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.201.90 143.204.201.90	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:4db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
1	184.30.219.232 184.30.219.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	91.234.30.145 91.234.30.145	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
8	2600:9000:20e... 2600:9000:20eb:ec00:e:2c12:d340:21	16509 (AMAZON-02) (AMAZON-02)
1 2	52.16.212.35 52.16.212.35	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:d600:11:363e:6940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2 3	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2 6	2600:9000:214... 2600:9000:214f:6800:11:fdd5:15c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:d600:a:2950:1bc0:21	16509 (AMAZON-02) (AMAZON-02)
1 1	18.200.148.151 18.200.148.151	16509 (AMAZON-02) (AMAZON-02)
1	99.81.188.151 99.81.188.151	16509 (AMAZON-02) (AMAZON-02)
1	94.130.239.232 94.130.239.232	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:206... 2600:9000:206e:2400:e:29d5:db00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:203... 2600:9000:203c:4600:d:46fd:8a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:c000:4:f963:680:93a1	16509 (AMAZON-02) (AMAZON-02)
3	143.204.201.88 143.204.201.88	16509 (AMAZON-02) (AMAZON-02)
1	3.122.91.65 3.122.91.65	16509 (AMAZON-02) (AMAZON-02)
87	29

1 91.234.213.200 (Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)

tz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.234.213.110 (Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)

www.tz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.25.70 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.70.25.243.136.clients.your-server.de

pp.lp4.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:ff6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.opencmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:3de (United States)

ASN13335 (CLOUDFLARENET, US)

cdntrf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-90.fra53.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4db (United States)

ASN13335 (CLOUDFLARENET, US)

widget.msgp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.219.232 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-219-232.deploy.static.akamaitechnologies.com

tag.aticdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 91.234.30.145 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)

idcdn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20eb:ec00:e:2c12:d340:21 (United States)

ASN16509 (AMAZON-02, US)

dx46a7p7ieaml.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.212.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-212-35.eu-west-1.compute.amazonaws.com

logs1407.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:d600:11:363e:6940:93a1 (United States)

ASN16509 (AMAZON-02, US)

config-vvs.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.215.100.40 (Germany) 2 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:6800:11:fdd5:15c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

player.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d600:a:2950:1bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2wu036mkcz52n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.148.151 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

dyn.emetriq.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.188.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-188-151.eu-west-1.compute.amazonaws.com

ups.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.239.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cache-07.pushwoosh.com

cdn.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:2400:e:29d5:db00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:203c:4600:d:46fd:8a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

integration-cloudfront-eu-west-1.mes.glomex.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c000:4:f963:680:93a1 (United States)

ASN16509 (AMAZON-02, US)

i2thumbs.glomex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.201.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-88.fra53.r.cloudfront.net

mes-teaser-generator-prod.mes.glomex.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.91.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-91-65.eu-central-1.compute.amazonaws.com

idat.production.ippen.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	idcdn.de idcdn.de	78 KB
14	tz.de 2 redirects tz.de www.tz.de	215 KB
9	cloudfront.net dx46a7p7ieaml.cloudfront.net d2wu036mkcz52n.cloudfront.net	107 KB
9	opencmp.net cdn.opencmp.net	380 KB
8	glomex.com 2 redirects config-vvs.glomex.com player.glomex.com i2thumbs.glomex.com	67 KB
4	glomex.cloud integration-cloudfront-eu-west-1.mes.glomex.cloud mes-teaser-generator-prod.mes.glomex.cloud	18 KB
4	ioam.de 2 redirects script.ioam.de de.ioam.de	16 KB
4	google-analytics.com www.google-analytics.com	52 KB
3	gstatic.com fonts.gstatic.com	33 KB
3	cdntrf.com cdntrf.com	114 KB
3	lp4.io pp.lp4.io	18 KB
2	xplosion.de ups.xplosion.de cdn.xplosion.de	4 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
2	xiti.com 1 redirects logs1407.xiti.com	878 B
2	msgp.pl widget.msgp.pl	246 KB
1	ippen.space idat.production.ippen.space	221 B
1	pushwoosh.com cdn.pushwoosh.com	98 KB
1	emetriq.de 1 redirects dyn.emetriq.de	101 B
1	doubleclick.net stats.g.doubleclick.net	83 B
1	aticdn.net tag.aticdn.net	13 KB
1	googletagmanager.com www.googletagmanager.com	43 KB
1	sharethrough.com native.sharethrough.com	79 KB
87	22

	Domain	Requested by
19	idcdn.de	www.tz.de idcdn.de
13	www.tz.de	1 redirects www.tz.de
9	cdn.opencmp.net	www.tz.de cdn.opencmp.net
8	dx46a7p7ieaml.cloudfront.net	www.tz.de dx46a7p7ieaml.cloudfront.net
6	player.glomex.com	2 redirects www.tz.de player.glomex.com
4	www.google-analytics.com	www.tz.de www.google-analytics.com
3	mes-teaser-generator-prod.mes.glomex.cloud
3	de.ioam.de	2 redirects www.tz.de
3	fonts.gstatic.com	fonts.googleapis.com
3	cdntrf.com	www.tz.de cdntrf.com
3	pp.lp4.io	www.tz.de pp.lp4.io
2	logs1407.xiti.com	1 redirects www.tz.de
2	widget.msgp.pl	www.tz.de widget.msgp.pl
1	idat.production.ippen.space	idcdn.de
1	i2thumbs.glomex.com
1	integration-cloudfront-eu-west-1.mes.glomex.cloud	dx46a7p7ieaml.cloudfront.net
1	cdn.xplosion.de	dyn.emetriq.de
1	cdn.pushwoosh.com	idcdn.de
1	ups.xplosion.de	www.tz.de
1	dyn.emetriq.de	1 redirects
1	d2wu036mkcz52n.cloudfront.net	www.tz.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	ajax.googleapis.com
1	script.ioam.de	idcdn.de
1	ajax.googleapis.com	idcdn.de
1	config-vvs.glomex.com	dx46a7p7ieaml.cloudfront.net
1	tag.aticdn.net	www.tz.de
1	www.googletagmanager.com	www.tz.de
1	native.sharethrough.com	www.tz.de
1	tz.de	1 redirects
87	30

This site contains links to these domains. Also see Links.

Domain
lust.tz.de
markt.lust.tz.de
www.merkurtz.de
jobs.merkur.de
immobilien.merkur.de
autoanzeigen.merkur.de
trauer.merkur.de
markt.tz.de
www.merkurtz-mediacenter.de
broker.netid.de
netid.de
on.tz.de
www.merkur.de

Subject Issuer	Validity	Valid
tz.de Let's Encrypt Authority X3	`2020-09-16` - `2020-12-15`	3 months	crt.sh
*.lp4.io Go Daddy Secure Certificate Authority - G2	`2018-12-19` - `2021-02-15`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-12` - `2021-08-12`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
tag.aticdn.net GeoTrust RSA CA 2018	`2020-03-09` - `2021-05-08`	a year	crt.sh
idcdn.de Let's Encrypt Authority X3	`2020-09-09` - `2020-12-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.xiti.com Thawte RSA CA 2018	`2020-02-27` - `2022-05-22`	2 years	crt.sh
*.mep.glomex.cloud Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.xplosion.de Thawte RSA CA 2018	`2020-01-08` - `2021-03-08`	a year	crt.sh
*.pushwoosh.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-12` - `2021-02-26`	a year	crt.sh
production.ippen.space Amazon	`2020-07-13` - `2021-08-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.tz.de/?search=James-Marsden.htm%3f
Frame ID: 33D85E437F709220F2D4F4C685039B41
Requests: 86 HTTP requests in this frame

Frame: https://player.glomex.com/integration/1.370.1/iframe-player.html?playlistIndex=0&origin=content-plugin&pageUrl=https%3A%2F%2Fwww.tz.de%2F%3Fsearch%3DJames-Marsden.htm%253f
Frame ID: D6D0C716E6AE2388D9F625E0C42F05BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tz.de/?search=James-Marsden.htm? HTTP 301
http://www.tz.de/?search=James-Marsden.htm%3f HTTP 301
https://www.tz.de/?search=James-Marsden.htm%3f Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

87
Requests

100 %
HTTPS

55 %
IPv6

22
Domains

30
Subdomains

29
IPs

5
Countries

1583 kB
Transfer

5185 kB
Size

12
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://lust.tz.de/lust/
Title: Lust

Search URL Search Domain Scan URL

URL: https://lust.tz.de/lust/girl-des-tages/
Title: Girl des Tages

Search URL Search Domain Scan URL

URL: https://markt.lust.tz.de/muenchen/
Title: Erotische Anzeigen

Search URL Search Domain Scan URL

URL: https://www.merkurtz.de/
Title: Anzeige aufgeben

Search URL Search Domain Scan URL

URL: https://jobs.merkur.de/
Title: Stellenanzeigen

Search URL Search Domain Scan URL

URL: https://immobilien.merkur.de/
Title: Immobilien

Search URL Search Domain Scan URL

URL: https://autoanzeigen.merkur.de/
Title: Autoanzeigen

Search URL Search Domain Scan URL

URL: https://trauer.merkur.de/
Title: Traueranzeigen

Search URL Search Domain Scan URL

URL: https://markt.tz.de/
Title: Kleinanzeigen

Search URL Search Domain Scan URL

URL: https://www.merkurtz-mediacenter.de/
Title: Mediadaten Online

Search URL Search Domain Scan URL

URL: https://broker.netid.de/authorize?response_type=code&client_id=385bcc22-2be3-4cbf-8ccb-74e60f4c03d4&redirect_uri=https://www.tz.de/login/netid-callback/&scope=openid&claims=%7B%22userinfo%22%3A%7B%22email_verified%22%3A%7B%22essential%22%3Atrue%7D%2C%22email%22%3A%7B%22essential%22%3Atrue%7D%2C%22birthdate%22%3A%7B%22essential%22%3Atrue%7D%7D%7D%0A
Title: Mit netID anmelden

Search URL Search Domain Scan URL

URL: https://netid.de/
Title: Was ist netID?

Search URL Search Domain Scan URL

URL: https://on.tz.de/2jtRSpR

Search URL Search Domain Scan URL

URL: https://on.tz.de/2ikCP5s
Title:

Search URL Search Domain Scan URL

URL: https://www.merkur.de/maerkte/immobilien/
Title: Immobilienanzeigen

Search URL Search Domain Scan URL

URL: https://markt.tz.de/muenchen/
Title: Kleinanzeigen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tz.de/?search=James-Marsden.htm? HTTP 301
http://www.tz.de/?search=James-Marsden.htm%3f HTTP 301
https://www.tz.de/?search=James-Marsden.htm%3f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://logs1407.xiti.com/hit.xiti?s=572369&ts=1602240375824&vtag=5.2.4&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=12x46x15&lng=en-US&idp=124615417616&jv=0&p=homepage&s2=1&vrn=1&x1=Homepage&x2=CLICK_DESKTOP&x3=tz%7CStartseite&x4=&x5=&x6=false&x7=&x8=&x9=Nachrichten+aus+M%C3%BCnchen+und+Bayern+-+tz+online&x11=keine&x12=&x13=0&x14=&x15=&pid=r-1129159&pidt=201601010000&ref= HTTP 302
https://logs1407.xiti.com/hit.xiti?s=572369&ts=1602240375824&vtag=5.2.4&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=12x46x15&lng=en-US&idp=124615417616&jv=0&p=homepage&s2=1&vrn=1&x1=Homepage&x2=CLICK_DESKTOP&x3=tz%7CStartseite&x4=&x5=&x6=false&x7=&x8=&x9=Nachrichten+aus+M%C3%BCnchen+und+Bayern+-+tz+online&x11=keine&x12=&x13=0&x14=&x15=&pid=r-1129159&pidt=201601010000&ref=&Rdt=On

Request Chain 52

https://de.ioam.de/tx.io?st=tzonline&cp=tz_home&sv=ke&sc=yes&ct=01000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.tz.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0009&i2=0009b44c65319c3455f803f78&ep=1630748510&vr=417&id=b3ypd5&i3=0009b44c65319c3455f803f78%3A1628937976182%3A1602240376182%3A.tz.de%3A1%3Atzonline%3Atz_home%3Anoevent%3A1602240376182&n1=8&dntt=0&lt=1602240376183&ev=&cs=pnb6we&mo=0 HTTP 302
https://de.ioam.de/tx.io?st=tzonline&cp=tz_home&sv=ke&sc=yes&ct=01000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.tz.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0009&i2=0009b44c65319c3455f803f78&ep=1630748510&vr=417&id=b3ypd5&i3=0009b44c65319c3455f803f78%3A1628937976182%3A1602240376182%3A.tz.de%3A1%3Atzonline%3Atz_home%3Anoevent%3A1602240376182&n1=8&dntt=0&lt=1602240376183&ev=&cs=pnb6we&mo=0&sr=71 HTTP 302
https://de.ioam.de/blank.gif

Request Chain 54

https://player.glomex.com/integration/1/glomex-player.js HTTP 302
https://player.glomex.com/integration/1.370.1/glomex-player.js

Request Chain 68

https://player.glomex.com/integration/1/glomex-player-module.js HTTP 302
https://player.glomex.com/integration/1.370.1/glomex-player-module.js

Request Chain 73

https://dyn.emetriq.de/loader/43906/default.js HTTP 302
https://ups.xplosion.de/loader/43906/default.js

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.tz.de/
Redirect Chain

https://tz.de/?search=James-Marsden.htm?
http://www.tz.de/?search=James-Marsden.htm%3f
https://www.tz.de/?search=James-Marsden.htm%3f

468 KB
72 KB

1496ms
1432ms

Document
text/html

91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6d2d30dec1ce8537612d76716540d45f0d00e66ff29ea31695644db62cfc7f13

Request headers

Host: www.tz.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 09 Oct 2020 10:46:15 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fr, 09 Okt 2020 10:46:13 GMT
Last-Modified: Fri, 09 Oct 2020 10:43:50 GMT
Set-Cookie: JSESSIONID=FA2DEB7BA1B5F5F7C49797176466B534; Path=/
Content-Language: en-US
X-UA-Compatible: IE=edge
Content-Encoding: gzip
X-Varnish: 1064291826
Age: 0
Via: 1.1 varnish-v4
X-Cache: MISS
Cache-Control: public, max-age=300, no-cache, no-store, must-revalidate
set-cookie: cua_uuid=65e306b2-aa3c-1190-07c3-0cb039f99c2b; Expires=Sun, 09 Oct 2022 10:46:15 GMT; path=/; new_user=true; Expires=Sat, 09 Oct 2021 10:46:15 GMT; path=/;
Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
Accept-Ranges: bytes
SERVER: idlb6

Redirect headers

Server: nginx
Date: Fri, 09 Oct 2020 10:46:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Fr, 09 Okt 2020 10:46:13 GMT
Location: https://www.tz.de/?search=James-Marsden.htm%3f
X-UA-Compatible: IE=edge
X-Varnish: 1064396944
Age: 0
Via: 1.1 varnish-v4
X-Cache: MISS
Cache-Control: public, max-age=60, no-cache, no-store, must-revalidate
Vary: X-Forwarded-Proto
SERVER: idlb6

GET
H/1.1 200
OK prod_click.css
www.tz.de/static/tz/id-css/5b05d0ad022620e85d3f1a50f46386ec/ 288 KB
37 KB 46ms
32ms Stylesheet
text/css 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tz.de/static/tz/id-css/5b05d0ad022620e85d3f1a50f46386ec/prod_click.css
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: 150d71294501f26050e7fc3c1106a9c01455c3bdceabea4b47721b7a026476bc

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Content-Encoding: gzip
Age: 1547857
X-Cache: HIT
X-Cache-Hits: 2548454
Connection: keep-alive
Content-Length: 36972
Last-Modified: Mon, 21 Sep 2020 12:40:30 GMT
Server: nginx, idlb6
Vary: Accept-Encoding
X-Varnish: 1066089859 569336229
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: text/css
Expires: Wed, 21 Oct 2020 12:48:37 GMT

GET
H/1.1 200
OK 12-91-grid.css
www.tz.de/generated/css/ 4 KB
801 B 80ms
30ms Stylesheet
text/css 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tz.de/generated/css/12-91-grid.css
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: 139eca33414dda4066bdd01d159ee43b29df1d03fa45ddca2965fa371864d7bc

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Content-Encoding: gzip
Age: 2050885
X-Cache: HIT
X-Cache-Hits: 1317959
Connection: keep-alive
Content-Length: 354
Last-Modified: Tue, 21 Jul 2020 06:54:59 GMT
Server: nginx, idlb6
Vary: Accept-Encoding
X-Varnish: 1066089860 303104083
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: text/css
Expires: Thu, 15 Oct 2020 17:04:50 GMT

GET
H2 200 58c64d04e45a1d2f02abc17b.js Show response
pp.lp4.io/app/58/c6/4d/ 57 KB
18 KB 84ms
32ms Script
application/javascript 136.243.25.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.lp4.io/app/58/c6/4d/58c64d04e45a1d2f02abc17b.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.25.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.25.243.136.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: eadc2c8d7ccdae5170e33a4b9d9b4c9b016713e0dc205d3d7ad5fc78a0f5c7b4

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: gzip
last-modified: Mon, 08 Jun 2020 19:06:45 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "e303-5a7974fd8e77d-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
accept-ranges: bytes
content-length: 18190
expires: Fri, 09 Oct 2020 11:16:15 GMT

GET
H2 200 cmp-stub-latest.js Show response
cdn.opencmp.net/tcf-v2/ 3 KB
2 KB 30ms
12ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/tcf-v2/cmp-stub-latest.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e7b8145cb44e8baa4d3045dfe4cbc96219283a9063348a1c04a7c4946a29921

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 830
status: 200
x-amz-request-id: DFA8A74D02BC3649
x-amz-id-2: 3zZr7ZYitXItukIevVt6HtWEMO6FKPXZfGAy0NFjQ7ZJ95/6I6AiUt7gSZ3W0Kf7B2AHY0WUooM=
last-modified: Sat, 19 Sep 2020 06:39:19 GMT
server: cloudflare
etag: W/"4d6ae233b3370cf7a5877d7f12790505"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-request-id: 05ae9102e10000c2b88f0b9200000001
cf-ray: 5df7844b086dc2b8-FRA

GET
H2 200 trfAdSetup.js Show response
cdntrf.com/ 2 KB
1 KB 40ms
22ms Script
text/javascript 2606:4700:20::681a:3de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntrf.com/trfAdSetup.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0bf006f94c1008f2cec46e59785bddddd1a735d83131bfcefb6d078301172e8

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 6092
status: 200
x-amz-request-id: 02AC3842413876DD
x-amz-id-2: hAijX2oiCgTaQ1nKOoVvxPointDtB95IjHoS8h7EUO+C88v9dh5x0Lfmpx7ZrMrD10eDnhP1Nnk=
last-modified: Mon, 28 Sep 2020 12:19:34 GMT
server: cloudflare
etag: W/"8f32af94df139804426d2549b0401e5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=7200
x-amz-version-id: UCDmIgtrfZuAf_Y9wGPiu2D_F2VhGkgq
cf-request-id: 05ae9102e50000dff32491e200000001
cf-ray: 5df7844b08c1dff3-FRA
x-amz-meta-originalfilename: trfAdSetup.js
cf-bgj: minify

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 249 KB
79 KB 83ms
27ms Script
application/javascript 143.204.201.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-90.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d82fe1f3cea6403f7b118a100e7b604066e7e9335e3987860d3a3796f200f64

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:13:45 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 21:13:15 GMT
server: AmazonS3
age: 1951
etag: "5c5c6323dc33f4180fbd28befe17ae13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ndR2XS18nRgsBlaPOf6FM1wBRGC0Uo4OP9g36s4hz62rWi8k-nXGYg==
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
expires: Thu, 08 Oct 2020 22:13:14 GMT

GET
H/1.1 200
OK logo.png
www.tz.de/static/tz/img/basis/responsive/ 380 B
781 B 32ms
30ms Image
image/png 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/static/tz/img/basis/responsive/logo.png
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: b366762686bddfa3b042a78727a37e5f3337b96e71f17f73fbe5f94cf5b34e31

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Via: 1.1 varnish-v4
Last-Modified: Wed, 19 Jun 2013 15:19:44 GMT
Server: nginx, idlb6
Age: 2050885
X-Cache: HIT
Content-Type: image/png
Expires: Thu, 15 Oct 2020 17:04:50 GMT
Cache-Control: max-age=2592000
X-Varnish: 1066089862 293342422
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 380
X-Cache-Hits: 1379809

GET
H/1.1 200
Ok 24106828-david-alaba-sprach-nach-dem-oefb-spiel-gegen-griechenland-ueber-muenchen-2uOLkF2DWkRG.jpg
www.tz.de/bilder/2020/10/09/90065143/ 27 KB
28 KB 49ms
46ms Image
image/jpeg 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/bilder/2020/10/09/90065143/24106828-david-alaba-sprach-nach-dem-oefb-spiel-gegen-griechenland-ueber-muenchen-2uOLkF2DWkRG.jpg
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: 370554b7b7de80dd38736fad854cb2bbb9ac39b6fb997ff110247781131d820b

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Via: 1.1 varnish-v4
last-modified: Fri, 09 Oct 2020 09:23:57 GMT
Server: nginx, idlb6
Age: 4936
X-Cache: HIT
Content-Type: image/jpeg
expires: Sun, 08 Nov 2020 09:23:58 GMT
cache-control: max-age=2592000
X-Varnish: 1050620571 1064144553
Content-Length: 28042
Connection: keep-alive
Accept-Ranges: bytes
mime-version: 1.0
X-Cache-Hits: 5958

GET
H/1.1 200
Ok 24028938-dieter-reiter-steht-bei-einer-pressekonferenz-hinter-einem-mikrofon-2vqsKRBDxcVI.jpg
www.tz.de/bilder/2020/10/06/90062218/ 6 KB
6 KB 33ms
31ms Image
image/jpeg 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/bilder/2020/10/06/90062218/24028938-dieter-reiter-steht-bei-einer-pressekonferenz-hinter-einem-mikrofon-2vqsKRBDxcVI.jpg
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: 17f3578a26bdd3b658514a096a1f52d6e5bdadf13ca2edcd7d3472b29caa885c

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Via: 1.1 varnish-v4
last-modified: Fri, 09 Oct 2020 10:44:08 GMT
Server: nginx, idlb6
Age: 126
X-Cache: HIT
Content-Type: image/jpeg
expires: Sun, 08 Nov 2020 10:44:08 GMT
cache-control: max-age=2592000
X-Varnish: 1064451240 1063024836
Content-Length: 5838
Connection: keep-alive
Accept-Ranges: bytes
mime-version: 1.0
X-Cache-Hits: 140

GET
H/1.1 200
Ok 24107302-areline-martinez-panorama-stadt-2mrxKqp2D4VI.jpg
www.tz.de/bilder/2020/10/09/90065213/ 13 KB
13 KB 64ms
31ms Image
image/jpeg 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/bilder/2020/10/09/90065213/24107302-areline-martinez-panorama-stadt-2mrxKqp2D4VI.jpg
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: b77084593a305779ebfe9166ba892bc77d38ad3101d7ed727127b80d72979b96

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Via: 1.1 varnish-v4
last-modified: Fri, 09 Oct 2020 10:00:52 GMT
Server: nginx, idlb6
Age: 2722
X-Cache: HIT
Content-Type: image/jpeg
expires: Sun, 08 Nov 2020 10:00:52 GMT
cache-control: max-age=2592000
X-Varnish: 1066089863 1066308908
Content-Length: 12955
Connection: keep-alive
Accept-Ranges: bytes
mime-version: 1.0
X-Cache-Hits: 3004

GET
H2 200 widgetCard.js Show response
widget.msgp.pl/build/ 798 KB
244 KB 44ms
22ms Script
application/javascript 2606:4700:10::6816:4db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.msgp.pl/build/widgetCard.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef6d608857431dc715ef3a0911fcf19ca2e2314040919723d240bbff53a74a3

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 246
cf-polished: origSize=820014
status: 200
cf-request-id: 05ae9102eb000064b58e390200000001
last-modified: Wed, 07 Oct 2020 11:23:29 GMT
server: cloudflare
etag: W/"5f7da531-c832e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 5df7844b19ec64b5-FRA
cf-bgj: minify

GET
H/1.1 200
Ok epaper-tz-startseite-20131126182938-20150729152746.jpg
www.tz.de/images/tz/img/ 11 KB
12 KB 65ms
32ms Image
image/jpeg 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/images/tz/img/epaper-tz-startseite-20131126182938-20150729152746.jpg
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: 584cb96afe30657b85b47441e4f52e2c9cf713b7c4fc5bac2f48e6eb93dee3e6

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Via: 1.1 varnish-v4
last-modified: Tue, 15 Sep 2020 17:04:48 GMT
Server: nginx, idlb6
Age: 2050886
X-Cache: HIT
Content-Type: image/jpeg
expires: Thu, 15 Oct 2020 17:04:48 GMT
cache-control: max-age=2592000
X-Varnish: 1062562385 281024991
Content-Length: 11772
Connection: keep-alive
Accept-Ranges: bytes
mime-version: 1.0
X-Cache-Hits: 1648923

GET
H/1.1 200
Ok anmeldung-newsletter-20170117111644.jpg
www.tz.de/images/tz/img/ 15 KB
16 KB 59ms
33ms Image
image/jpeg 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/images/tz/img/anmeldung-newsletter-20170117111644.jpg
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: b9677a237eae60bd14acde176f407702b0d8671258960ee68441304b1aed47a8

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Via: 1.1 varnish-v4
last-modified: Tue, 15 Sep 2020 17:04:49 GMT
Server: nginx, idlb6
Age: 2050886
X-Cache: HIT
Content-Type: image/jpeg
expires: Thu, 15 Oct 2020 17:04:49 GMT
cache-control: max-age=2592000
X-Varnish: 1062562386 300122942
Content-Length: 15714
Connection: keep-alive
Accept-Ranges: bytes
mime-version: 1.0
X-Cache-Hits: 1625171

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5436
date: Fri, 09 Oct 2020 09:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 09 Oct 2020 11:15:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
43 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MRDF34

Requested by

Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1688dc4484e41bdd62ecd275b5b208934a96bc4522f055233fb1de2d07bbc42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43740
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Oct 2020 10:46:15 GMT

GET
H/1.1 200
OK smarttag.js Show response
tag.aticdn.net/572369/ 44 KB
13 KB 70ms
24ms Script
application/x-javascript 184.30.219.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.aticdn.net/572369/smarttag.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.219.232 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-219-232.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 926687aa4d415ab6214c7b528117009f4d521b3cf470b965bc65465e16519e84

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Fri, 16 Sep 2016 09:18:53 GMT
Server: AmazonS3
Date: Fri, 09 Oct 2020 10:46:15 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 13259
X-Amz-Cf-Id: 9ILtkdsVwMtqqmYxnDjy2-09M06hho_CqgFd7lWnIlAoKAMjpkCqNg==

GET
H/1.1 200
OK require.2.1.18.min.js Show response
idcdn.de/static/common/js/vendor/requirejs/ 15 KB
7 KB 88ms
29ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: e1aeed6ed134b5edcc2c7f8da011a8c4cde53111e474fec9c185f2ec253270d5

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 16439345
Connection: keep-alive
Content-Length: 6257
Last-Modified: Tue, 23 Jun 2015 14:03:20 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 446672698 926089828
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK logo.png
idcdn.de/static/tz/img/basis/responsive/ 380 B
779 B 89ms
30ms Image
image/png 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idcdn.de/static/tz/img/basis/responsive/logo.png
Requested by: Host: www.tz.de
URL: https://www.tz.de/static/tz/id-css/5b05d0ad022620e85d3f1a50f46386ec/prod_click.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: b366762686bddfa3b042a78727a37e5f3337b96e71f17f73fbe5f94cf5b34e31

Request headers

Referer: https://www.tz.de/static/tz/id-css/5b05d0ad022620e85d3f1a50f46386ec/prod_click.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Via: 1.1 varnish-v4
Last-Modified: Wed, 19 Jun 2013 15:19:44 GMT
Server: nginx, idlb1
Age: 2050887
X-Cache: HIT
Content-Type: image/png
Expires: Thu, 15 Oct 2020 17:04:47 GMT
Cache-Control: max-age=2592000
X-Varnish: 441578107 884994759
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 380
X-Cache-Hits: 803828

GET
H/1.1 200
OK id-icons-default.woff2
idcdn.de/static/common/img/basis/responsive/iconfonts31/ 8 KB
8 KB 96ms
30ms Font
application/font-woff2 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/img/basis/responsive/iconfonts31/id-icons-default.woff2
Requested by: Host: www.tz.de
URL: https://www.tz.de/static/tz/id-css/5b05d0ad022620e85d3f1a50f46386ec/prod_click.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: fac42245eab9d9ac2ecdc12115b7ead107d2aa2bd7bcc8b220aaa7c0a4bb4f5e

Request headers

Origin: https://www.tz.de
Referer: https://www.tz.de/static/tz/id-css/5b05d0ad022620e85d3f1a50f46386ec/prod_click.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 7115834
Connection: keep-alive
Content-Length: 7951
Access-Control-Allow-Origin: *
Last-Modified: Wed, 17 Apr 2019 11:21:39 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 446672695 919506720
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/font-woff2
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H2 200 lobster-loader.js Show response
dx46a7p7ieaml.cloudfront.net/lobster-loader/1/ 4 KB
5 KB 27ms
6ms Script
application/javascript 2600:9000:20eb:ec00:e:2c12:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx46a7p7ieaml.cloudfront.net/lobster-loader/1/lobster-loader.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:e:2c12:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a019316b8a6230118d7d1cf20ca74f318191f27472a2664597552dc22db15b0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: text
etag: "0d11411c67704038befd56b5e19d791a"
age: 377
x-cache: Hit from cloudfront
status: 200
content-length: 4486
last-modified: Mon, 08 Oct 2018 08:57:09 GMT
server: AmazonS3
date: Fri, 09 Oct 2020 10:39:59 GMT
content-type: application/javascript
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: UzoF7U19PuiXq34D3f5SDQ_xhTCrsjwqzWrVRfZWW8s0OD7q3t_vrA==

GET
H/1.1 200
OK mit-netid-anmelden.png
idcdn.de/static/common/img/basis/responsive// 6 KB
7 KB 69ms
30ms Image
image/png 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idcdn.de/static/common/img/basis/responsive//mit-netid-anmelden.png
Requested by: Host: www.tz.de
URL: https://www.tz.de/static/tz/id-css/5b05d0ad022620e85d3f1a50f46386ec/prod_click.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: c205a7703aba03e6bf21788dc8f7a2ce5fa94fccd0649196278528f6be86626c

Request headers

Referer: https://www.tz.de/static/tz/id-css/5b05d0ad022620e85d3f1a50f46386ec/prod_click.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Via: 1.1 varnish-v4
Last-Modified: Fri, 12 Oct 2018 13:54:30 GMT
Server: nginx, idlb1
Age: 2050891
X-Cache: HIT
Content-Type: image/png
Expires: Thu, 15 Oct 2020 17:04:43 GMT
Cache-Control: max-age=2592000
X-Varnish: 444218537 902507158
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6349
X-Cache-Hits: 3590255

GET
H2 200 cmp-latest.js Show response
cdn.opencmp.net/tcf-v2/ 418 KB
90 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/tcf-v2/cmp-latest.js
Requested by: Host: cdn.opencmp.net
URL: https://cdn.opencmp.net/tcf-v2/cmp-stub-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1790d47cd19e09f120f00b264e651a2942aff6d6ff19a29065180cb26d333f

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 32
status: 200
x-amz-request-id: 44D9D9909183A453
x-amz-id-2: gywDpxBgObwSIajvbmVGAwhRq+HXd+r/zJz0DWHrqixQHGtcP0RO4w0jtmqVCR4cTnzUuOkXwtc=
last-modified: Sat, 19 Sep 2020 06:39:08 GMT
server: cloudflare
etag: W/"91dce0f84ea50c724207fd9c9bf331f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-request-id: 05ae91036e0000c2b88f0be200000001
cf-ray: 5df7844bea55c2b8-FRA
expires: Fri, 09 Oct 2020 14:46:15 GMT

GET
H2 200 cmp-latest.css
cdn.opencmp.net/tcf-v2/ 12 KB
3 KB 13ms
12ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/tcf-v2/cmp-latest.css
Requested by: Host: cdn.opencmp.net
URL: https://cdn.opencmp.net/tcf-v2/cmp-stub-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b299eaf04bf280f885d61cd9a22c807401b0a9c0b83c3e3edb3bc0c76764de07

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 829
status: 200
x-amz-request-id: C443FC1030FCD3AF
x-amz-id-2: FePIxSOlLq68ud7F+UYZqFW6hGwOOK7gg1y+ZCdJo5uPtSPRMCXyAoefgZdJJTfyfS057tsus8Q=
last-modified: Sat, 19 Sep 2020 06:39:27 GMT
server: cloudflare
etag: W/"41251c27d36cbd396dff2cf091e3b661"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-request-id: 05ae91036e0000c2b88f0bd200000001
cf-ray: 5df7844bea52c2b8-FRA

GET
H2 200 trf-tz-only_NATIVE.js Show response
cdntrf.com/ 278 KB
81 KB 28ms
28ms Script
application/x-javascript 2606:4700:20::681a:3de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntrf.com/trf-tz-only_NATIVE.js
Requested by: Host: cdntrf.com
URL: https://cdntrf.com/trfAdSetup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39f114760433098856c3c8df221b92acbbc8e281b0dc51eda0cd0402116deb0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 6082
status: 200
x-amz-request-id: 0AAB311B91082C80
x-amz-id-2: rwWcq/thpZ6eT7En+RNCCDgNbO3YcxWRdJvDT4EWNvDnUzLV3gusALjZoyVBSTgnrdXi1tDx0+E=
last-modified: Fri, 25 Sep 2020 15:00:26 GMT
server: cloudflare
etag: W/"1e8ba74eecbdb6250ac8ed36b993f750"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=7200
x-amz-version-id: 5x_ZNhmC2vB6K.GDw.Y1swPXvZAGA8gH
cf-request-id: 05ae91036f0000dff324924200000001
cf-ray: 5df7844bea83dff3-FRA
cf-bgj: minify

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2733
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 09 Oct 2020 11:00:42 GMT

POST
H2 204 p
pp.lp4.io/ 0
69 B 26ms
26ms Other
text/plain 136.243.25.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.lp4.io/p?i=58c64d04e45a1d2f02abc17b&r=&sr=&mt=Nachrichten%20aus%20M%C3%BCnchen%20und%20Bayern%20-%20tz%20online&ma=-1&tg=-1&ctg=-1&mp=-1&mu=-1&mi=-1&md=Das%20Nachrichtenportal%20der%20tz%2C%20M%C3%BCnchens%20f%C3%BChrender%20Kaufzeitung.%20Aktuelle%20News%20aus%20M%C3%BCnchen%2C%20zum%20FC%20Bayern%2C%20TSV%201860%20M%C3%BCnchen%20sowie%20zu%20Politik%2C%20Wirtschaft%2C%20Stars%20und%20Weltgeschehen.&or=-1&wc=-1&pw=&pwu=0&co=0&il=&hv=&sc=-1&p=https%3A%2F%2Fwww.tz.de%2F&c=desktop&t=homepage&s=&_r=1602240375706:4.7.17:20200608-210627&_m=beacon
Requested by: Host: pp.lp4.io
URL: https://pp.lp4.io/app/58/c6/4d/58c64d04e45a1d2f02abc17b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.25.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.25.243.136.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Fri, 09 Oct 2020 10:46:15 GMT
server: Apache/2.4.29 (Ubuntu)

GET
H2 200 data_49485dd56eb2bceaa2.77611195.json Show response
widget.msgp.pl/ 3 KB
2 KB 36ms
18ms Fetch
application/json 2606:4700:10::6816:4db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.msgp.pl/data_49485dd56eb2bceaa2.77611195.json

Requested by

Host: widget.msgp.pl
URL: https://widget.msgp.pl/build/widgetCard.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64322fbf3f1876a320110a39ee0357a422518ee0e0e59fb05781b8fd212732c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1714
status: 200
vary: Accept-Encoding
cf-request-id: 05ae9103e30000c2b88a1f9200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, PUT, PATCH, POST, DELETE, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
cf-ray: 5df7844c9b90c2b8-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

hit.xiti
logs1407.xiti.com/
Redirect Chain

https://logs1407.xiti.com/hit.xiti?s=572369&ts=1602240375824&vtag=5.2.4&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=12x46x15&lng=en-US&idp=124615417616&jv=0&p=homepage&s2=1&vrn=1&x1=Homepage&x2=CLICK...
https://logs1407.xiti.com/hit.xiti?s=572369&ts=1602240375824&vtag=5.2.4&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=12x46x15&lng=en-US&idp=124615417616&jv=0&p=homepage&s2=1&vrn=1&x1=Homepage&x2=CLICK...

35 B
131 B

31ms
31ms

Image
image/gif

52.16.212.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1407.xiti.com/hit.xiti?s=572369&ts=1602240375824&vtag=5.2.4&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=12x46x15&lng=en-US&idp=124615417616&jv=0&p=homepage&s2=1&vrn=1&x1=Homepage&x2=CLICK_DESKTOP&x3=tz%7CStartseite&x4=&x5=&x6=false&x7=&x8=&x9=Nachrichten+aus+M%C3%BCnchen+und+Bayern+-+tz+online&x11=keine&x12=&x13=0&x14=&x15=&pid=r-1129159&pidt=201601010000&ref=&Rdt=On

Requested by

Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.212.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-212-35.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 09 Oct 2020 10:46:16 GMT
content-length: 35
strict-transport-security: max-age=7776000
content-type: image/gif

Redirect headers

status: 302
date: Fri, 09 Oct 2020 10:46:15 GMT
content-type: text/html; charset=utf-8
location: https://logs1407.xiti.com/hit.xiti?s=572369&ts=1602240375824&vtag=5.2.4&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=12x46x15&lng=en-US&idp=124615417616&jv=0&p=homepage&s2=1&vrn=1&x1=Homepage&x2=CLICK_DESKTOP&x3=tz%7CStartseite&x4=&x5=&x6=false&x7=&x8=&x9=Nachrichten+aus+M%C3%BCnchen+und+Bayern+-+tz+online&x11=keine&x12=&x13=0&x14=&x15=&pid=r-1129159&pidt=201601010000&ref=&Rdt=On
content-length: 522
strict-transport-security: max-age=7776000
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 teaser-1mcujg5frj4oa0fv2.js Show response
config-vvs.glomex.com/ 2 KB
1 KB 29ms
7ms Script
application/javascript 2600:9000:214f:d600:11:363e:6940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config-vvs.glomex.com/teaser-1mcujg5frj4oa0fv2.js
Requested by: Host: dx46a7p7ieaml.cloudfront.net
URL: https://dx46a7p7ieaml.cloudfront.net/lobster-loader/1/lobster-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:d600:11:363e:6940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd05e52eee6561f92e9e625eee062db7bf491b38a570aa040c9fb7234b59c1cd

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:44:09 GMT
content-encoding: gzip
last-modified: Thu, 25 Jun 2020 15:44:49 GMT
server: AmazonS3
age: 129
etag: "ec037fdb8b0a00d9c16c0346b3fe72cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 0WNrLk3_Euu_TA0f1ck8YiRbFG3RiRqLnik7cMhYj7V0s3-NBpOKxg==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5584
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Oct 2021 09:13:11 GMT

GET
H/1.1 200
OK id.tm.js Show response
idcdn.de/static/common/js/build/modules/d4068dc8412df064145a55c024b66bf9/ 6 KB
3 KB 31ms
30ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/d4068dc8412df064145a55c024b66bf9/id.tm.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: d2d87ff41269fd3e3d71193a75992c4d72a8a2f032cd62198362e448f8abafc0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 15995986
Connection: keep-alive
Content-Length: 2149
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 434395459 924583028
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK vendor-combined.js Show response
idcdn.de/static/common/js/build/vendor/238f58b5347f4a81e2b32ac211022052/ 50 KB
19 KB 47ms
46ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/vendor/238f58b5347f4a81e2b32ac211022052/vendor-combined.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 9d04a37107e3ad5d1bad25e51858f9c84401ec82ebed8ea73fa5da02d3397a50

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 16576664
Connection: keep-alive
Content-Length: 19229
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 439547498 923043355
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK global-modules-combined.js Show response
idcdn.de/static/common/js/build/modules/dc0136cfe247ac4a2ed2e4744bbeb4b7/ 36 KB
12 KB 31ms
31ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/dc0136cfe247ac4a2ed2e4744bbeb4b7/global-modules-combined.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 6d4f3f785aa2e9fdaa25bc84128b76944f1675fceb1f4c4f30d1ef5a58b8c935

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:15 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 16345070
Connection: keep-alive
Content-Length: 11595
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 447036380 921045536
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 84 KB
32 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NL4S2XZ&t=idTracker&cid=1639187009.1602240376&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

733fe39b72796c44982e5d675b1358ab35a03fe3d957c4399b83adf16df0d032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32942
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Oct 2020 10:46:15 GMT

GET
H2 200 index.js Show response
cdntrf.com/lib/templates/ 150 KB
32 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:3de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntrf.com/lib/templates/index.js
Requested by: Host: cdntrf.com
URL: https://cdntrf.com/trf-tz-only_NATIVE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 541cbd610ad7944f4bb8a98da91f897dcf60a0d42658a8c0418d44d7b486c35c

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 5216
cf-polished: origSize=153372
status: 200
x-amz-request-id: BC030B83E8609463
x-amz-id-2: m5W3+yt1omd+FPUHWzO+pf3lnmWfv/Y5gU9065TuyNuXdqdt/qS/MtGzL7aCQ5YP5kdRsTGy/Ug=
last-modified: Fri, 02 Oct 2020 11:17:53 GMT
server: cloudflare
etag: W/"b05f6d7499663c5cddc22e59c976980a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-amz-version-id: zqu_tuI3oSekws2Jq15a2IiIeM2FLiEv
cf-request-id: 05ae9104470000dff324932200000001
cf-ray: 5df7844d3d88dff3-FRA
cf-bgj: minify

GET
H2 200 settings.json Show response
cdn.opencmp.net/publisher/dvl/tz.de/ 196 B
746 B 44ms
30ms Fetch
application/json 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/publisher/dvl/tz.de/settings.json
Requested by: Host: cdn.opencmp.net
URL: https://cdn.opencmp.net/tcf-v2/cmp-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e43655513c9b3baa61efca5f4a7ee398eb2f0a4298a2a17bce3619cc7e28c354

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:15 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: DYNAMIC
x-amz-request-id: 3ZBNATDG1KBH7N1M
status: 200
x-amz-id-2: lz0GfPw87EWdtjWv5+Bn8an6ytb73eN/+ixIc68iuPApDH38yk0IIHokGH53WC2dnwlH0WRGhqc=
last-modified: Mon, 10 Aug 2020 08:45:01 GMT
server: cloudflare
etag: W/"0bbe1a453a552fd32d0876ad76c235d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-request-id: 05ae9104a0000005bb2d90d200000001
cf-ray: 5df7844dce6205bb-FRA
x-amz-meta-originalfilename: settings.json

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 47 KB
14 KB 90ms
38ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.13 0009
Resource Hash: f3c97cba2545003f0d6be694f8851da41b3aa8841e629e61310bee6a6c99b0b9

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Oct 2020 10:46:16 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 0009
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Fri, 09 Oct 2020 12:46:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
819 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,500

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38a4a0616eec7a64dc1b6a5c034eab3d054af0bd040c1c0d41df6435e905499a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 10:46:16 GMT
server: ESF
date: Fri, 09 Oct 2020 10:46:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Oct 2020 10:46:16 GMT

GET
H/1.1 200
OK id.core.js Show response
idcdn.de/static/common/js/build/modules/6ffc0bdad782a34507f692159188d82a/ 7 KB
3 KB 43ms
43ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/6ffc0bdad782a34507f692159188d82a/id.core.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 525218e2be3c88cf976bec4724df6aba6bf0cd1bcc9d1d8868e48cdd8c070c52

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 16084312
Connection: keep-alive
Content-Length: 2769
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 443334568 921798999
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK id.cookie.js Show response
idcdn.de/static/common/js/build/modules/a34cba325fe0c0b819de78676bf63705/ 2 KB
1 KB 44ms
43ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/a34cba325fe0c0b819de78676bf63705/id.cookie.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: be1e1308778527a404258978b7d71fc51609f2a52a3fb0c7cee87e865cfeb199

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 15270352
Connection: keep-alive
Content-Length: 887
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 447294987 926646540
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H2 200 lobster.js Show response
dx46a7p7ieaml.cloudfront.net/lobster/2.19.2/ 106 KB
32 KB 10ms
9ms Script
application/javascript 2600:9000:20eb:ec00:e:2c12:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx46a7p7ieaml.cloudfront.net/lobster/2.19.2/lobster.js
Requested by: Host: dx46a7p7ieaml.cloudfront.net
URL: https://dx46a7p7ieaml.cloudfront.net/lobster-loader/1/lobster-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:e:2c12:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0be5b13b7dadbee530eb12d61f8aeddc028c3de2bfb9897dd90d2c8d9b335f49

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: mmRoJVih_TQwZzDhtdIkcgyX9cyw5yAz
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 11:12:38 GMT
server: AmazonS3
age: 436
etag: "2e54208d4a7d9c7e898bf75c4d943b1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600
date: Fri, 09 Oct 2020 10:39:01 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: pSOWc68N1NXNGtAHcuLFr9KnRIrROaPJjlSskLvkvGXWCuJMxoFtsg==
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)

GET
H2 200 unicorn.js Show response
dx46a7p7ieaml.cloudfront.net/unicorn/0.6.0/ 18 KB
6 KB 11ms
9ms Script
application/javascript 2600:9000:20eb:ec00:e:2c12:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx46a7p7ieaml.cloudfront.net/unicorn/0.6.0/unicorn.js
Requested by: Host: dx46a7p7ieaml.cloudfront.net
URL: https://dx46a7p7ieaml.cloudfront.net/lobster-loader/1/lobster-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:e:2c12:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 931c75b48e54255df72b9458bad3a6e6055d571311ad5955cc298d9523202f2a

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 19 Sep 2020 00:52:32 GMT
content-encoding: gzip
last-modified: Thu, 14 Dec 2017 08:42:57 GMT
server: AmazonS3
age: 1763625
etag: W/"ba25fa42e321b50129c5002daa501871"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: yApooneyA34pI6hlYCRVicZHtWEZUDE6i4_cf0IeuO5bLFCGMx6h0Q==
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)

GET
H2 200 squirrel.js Show response
dx46a7p7ieaml.cloudfront.net/squirrel/3.4.0/ 37 KB
12 KB 15ms
14ms Script
application/javascript 2600:9000:20eb:ec00:e:2c12:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx46a7p7ieaml.cloudfront.net/squirrel/3.4.0/squirrel.js
Requested by: Host: dx46a7p7ieaml.cloudfront.net
URL: https://dx46a7p7ieaml.cloudfront.net/lobster-loader/1/lobster-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:e:2c12:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3772ae1a3abdd4df77c948bc7eb9d418f64f1cf59bf379210e0ea3f1b157046c

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 00:15:50 GMT
content-encoding: gzip
last-modified: Fri, 08 Jun 2018 10:49:37 GMT
server: AmazonS3
age: 2025027
etag: W/"e64229ec77da97cb6147b4711428645a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: Fx45ORtww0So5XnuIRn0Vy76Em-xWSwqQDyTT5Z162rMZdgvR6ZqUg==
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)

GET
H2 200 tz.de.2.js Show response
dx46a7p7ieaml.cloudfront.net/lobster-templates/1/ 71 KB
25 KB 15ms
14ms Script
application/javascript 2600:9000:20eb:ec00:e:2c12:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx46a7p7ieaml.cloudfront.net/lobster-templates/1/tz.de.2.js
Requested by: Host: dx46a7p7ieaml.cloudfront.net
URL: https://dx46a7p7ieaml.cloudfront.net/lobster-loader/1/lobster-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:e:2c12:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ab52dda30c002526655fa53016340dec6880b6ca837e97d5d5e232c798d7ef1

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: iRqN.wdy0xwqizjAqJkapKTZeTHCxD1m
content-encoding: gzip
last-modified: Tue, 04 Aug 2020 09:08:52 GMT
server: AmazonS3
age: 284
etag: "5ef586a2afd85d7a00ba28f0eb15ab03"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: max-age=600
date: Fri, 09 Oct 2020 10:41:33 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: -t6kCRtZ2s17x5D6Z3xvKvzXyVNa6D4i9OA7KlkegdqgdOEvCshlQw==
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)

GET
H2 200 diamondback.js Show response
dx46a7p7ieaml.cloudfront.net/diamondback/1.1.0/ 10 KB
4 KB 15ms
14ms Script
application/javascript 2600:9000:20eb:ec00:e:2c12:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx46a7p7ieaml.cloudfront.net/diamondback/1.1.0/diamondback.js
Requested by: Host: dx46a7p7ieaml.cloudfront.net
URL: https://dx46a7p7ieaml.cloudfront.net/lobster-loader/1/lobster-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:e:2c12:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf2ccc630a5af35fdba8da98ab0420189fd1f153a3ae7de311fd13d3a7714fd9

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 14 Dec 2017 08:45:47 GMT
server: AmazonS3
age: 298
etag: "74d21af701eeda83ccb4c413ae212f20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600
date: Fri, 09 Oct 2020 10:41:19 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1MIu9dPo9fW2yAK8S8Fzd9FfDJusdVf5e8TbJw-1wCpFczO1EiFdzg==
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)

GET
H2 200 mission-control.js Show response
dx46a7p7ieaml.cloudfront.net/mission-control/1.11.0/ 76 KB
22 KB 15ms
15ms Script
application/javascript 2600:9000:20eb:ec00:e:2c12:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx46a7p7ieaml.cloudfront.net/mission-control/1.11.0/mission-control.js
Requested by: Host: dx46a7p7ieaml.cloudfront.net
URL: https://dx46a7p7ieaml.cloudfront.net/lobster-loader/1/lobster-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:e:2c12:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 150167357818eacce6e603f98b3a97264e81b73c1f731cdb86927c9f110544c0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Bze2XJgC6LGSmTjoSqfoDB2sSSFjOVBr
content-encoding: gzip
last-modified: Thu, 31 Jan 2019 12:54:36 GMT
server: AmazonS3
age: 140
etag: "27753353f2dde63e197b0bda1d3dfb41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600
date: Fri, 09 Oct 2020 10:43:57 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: o0rT14wJ-3usAsiI9QOGP9pshpFtN6FOzyxl1AsjdJ8xOoBGW_z2Cw==
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&aip=1&a=1885005437&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tz.de%2F%3Fsearch%3DJames-Marsden.htm%253f&dp=%2F&ul=en-us&de=UTF-8&dt=Nachrichten%20aus%20M%C3%BCnchen%20und%20Bayern%20-%20tz%20online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAIjQAAAAC~&jid=1617085384&gjid=1588265284&cid=1639187009.1602240376&tid=UA-33422293-1&_gid=790667994.1602240376&_r=1&_slc=1&cd1=Homepage&cd2=CLICK_DESKTOP&cd3=tz%7CStartseite&cd4=&cd5=&cd6=false&cd7=&cd8=&cd9=&cd10=keine&cd11=&cd12=0&cd13=&z=1908146209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Oct 2020 10:46:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.tz.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
cdn.opencmp.net/publisher/dvl/tz.de/ 3 KB
1014 B 11ms
10ms Stylesheet
text/css 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/publisher/dvl/tz.de/style.css
Requested by: Host: cdn.opencmp.net
URL: https://cdn.opencmp.net/tcf-v2/cmp-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b414b25603c02686f4938362d8cbab63664adcbf8d2aaf0c614f44fe17de6f

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 830
status: 200
x-amz-request-id: 59AE94FC64762528
x-amz-id-2: O0o9SIXUfMc9Up4DsTpCn6yuoVRqsk46slTT3+YlbH60PJahb5Z11c7GcXRYzilwQSwqHqjk4Xo=
last-modified: Mon, 10 Aug 2020 08:45:01 GMT
server: cloudflare
etag: W/"14c1cb3e20ac184fc261d20e1424f324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-request-id: 05ae91053a0000c2b88f0cf200000001
cf-ray: 5df7844ecfc9c2b8-FRA
x-amz-meta-originalfilename: style.css

GET
H2 200 vendor-list-en.json Show response
cdn.opencmp.net/publisher/dvl/tz.de/ 197 KB
27 KB 88ms
88ms Fetch
application/json 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/publisher/dvl/tz.de/vendor-list-en.json
Requested by: Host: cdn.opencmp.net
URL: https://cdn.opencmp.net/tcf-v2/cmp-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5029890582ddf25fc8fe8765c99c57bd93e96899cc0f443bf1ca6a371f8623ee

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:16 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: DYNAMIC
x-amz-request-id: 9B3DE740CDEED850
status: 200
x-amz-id-2: 519BINQar0j6Ca56N8eKVjCcRftcrVy3W/yqUhG7sCD8lNwtBiKpn8nrnAaej+7RwNRMIoGCfT8=
last-modified: Fri, 09 Oct 2020 10:45:16 GMT
server: cloudflare
etag: W/"88c88edd51a19d0797c8dcacc1a36873"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-request-id: 05ae91053b000005bb2d91c200000001
cf-ray: 5df7844ec91c05bb-FRA
x-amz-meta-originalfilename: vendor-list-en.json

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tz.de
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 11:04:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 344521
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 05 Oct 2021 11:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tz.de
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 14:47:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 244704
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 06 Oct 2021 14:47:52 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tz.de
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 11:04:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 344530
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 05 Oct 2021 11:04:06 GMT

GET
H/1.1

200
OK

blank.gif
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=tzonline&cp=tz_home&sv=ke&sc=yes&ct=01000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.tz.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0009&i2=0009b44c65319c3455f803f78&ep...
https://de.ioam.de/tx.io?st=tzonline&cp=tz_home&sv=ke&sc=yes&ct=01000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.tz.de&xy=1600x1200x24&lo=NL%2FNoord-Holland&cb=0009&i2=0009b44c65319c3455f803f78&ep...
https://de.ioam.de/blank.gif

43 B
651 B

26ms
26ms

Image
image/gif

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.ioam.de/blank.gif
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Content-Length: 43
Expires: Sat, 10 Oct 2020 10:46:16 GMT

Redirect headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 0031
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Fri, 09 Oct 2020 10:46:16 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /blank.gif
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Wed, 09 Oct 2019 10:46:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-33422293-1&cid=1639187009.1602240376&jid=1617085384&gjid=1588265284&_gid=790667994.1602240376&_u=aGBAAAIiQAAAAC~&z=667904562

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 09 Oct 2020 10:46:16 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.tz.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

glomex-player.js Show response
player.glomex.com/integration/1.370.1/
Redirect Chain

https://player.glomex.com/integration/1/glomex-player.js
https://player.glomex.com/integration/1.370.1/glomex-player.js

5 KB
2 KB

10ms
9ms

Script
application/javascript

2600:9000:214f:6800:11:fdd5:15c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.glomex.com/integration/1.370.1/glomex-player.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6800:11:fdd5:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 585b62299458b634a47caf1f4f026ad70732f5dddc1d146ac3f9b0465fd7831e

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 10:57:13 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 10:26:34 GMT
server: AmazonS3
age: 172144
etag: W/"0c668c69fd4c4997328ea07c07b44efb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: U190KISJbK5gNcpvOXKc2Y37ac4L40OyWd3UyAaCksnq4rmyNWQkag==
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)

Redirect headers

date: Fri, 09 Oct 2020 08:50:50 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
server: AmazonS3
age: 6927
status: 302
x-cache: Hit from cloudfront
location: https://player.glomex.com/integration/1.370.1/glomex-player.js
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: 2tD8coSp6eTEnXKPuHCj5r5pH6ewAz5WalrZtB6yjkihCTG1_7Wcnw==

GET
H/1.1 200
OK id.clickTr.js Show response
idcdn.de/static/common/js/build/modules/t/b38b8d244db17eccb2006bd9c5e4d561/ 2 KB
1 KB 30ms
29ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/t/b38b8d244db17eccb2006bd9c5e4d561/id.clickTr.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: b470f349ec3305c9471df9a8e1a5f6ac6834ac696f91d43513c5062bbef4f2b6

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 15692739
Connection: keep-alive
Content-Length: 702
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 445850945 890909495
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK id.emqTr.js Show response
idcdn.de/static/common/js/build/modules/t/b8b2d294bafee4f91f1f50cc8e04e101/ 791 B
922 B 30ms
29ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/t/b8b2d294bafee4f91f1f50cc8e04e101/id.emqTr.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 14a1f935265572f5f7d5b50fda66d307cb428cb354ef701fbd7d0090ab2ed8f3

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 16451221
Connection: keep-alive
Content-Length: 461
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 446738214 925335860
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK advert.js Show response
idcdn.de/static/common/js/build/modules/c7c29069bbd6ef0dc702d9cf3d72b455/ 87 B
559 B 29ms
29ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/c7c29069bbd6ef0dc702d9cf3d72b455/advert.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 749b656a3adbd813f21b5b7e3273a46eb8671e9fc831d42f7010353cf70ac0b4

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 15737604
Connection: keep-alive
Content-Length: 99
Last-Modified: Thu, 11 Aug 2016 14:41:02 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 446738217 918395972
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK id.jumpToWithOffset.js Show response
idcdn.de/static/common/js/build/modules/33b6f3a938faea1fc5a3d46c4a420d60/ 1 KB
1 KB 46ms
29ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/33b6f3a938faea1fc5a3d46c4a420d60/id.jumpToWithOffset.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: a9809231f89f4a05ace9b514f6f483fcd6d13f3416964757548eca9b4e3de31d

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 15725266
Connection: keep-alive
Content-Length: 691
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 446738221 899035176
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK id.stickyElement.js Show response
idcdn.de/static/common/js/build/modules/5e8865ad453499e31b3b8baa222db130/ 6 KB
2 KB 46ms
30ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/5e8865ad453499e31b3b8baa222db130/id.stickyElement.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: e971dcbe00fd0bc9c4bfd77e97ad0f70a8d61a15e9e4aa425582ea92b67802e7

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 15794260
Connection: keep-alive
Content-Length: 1659
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 446507086 907780543
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK id.main-actionbar.js Show response
idcdn.de/static/common/js/build/modules/d113c6336c62f8be2d908dd36b5d93fa/ 11 KB
3 KB 67ms
40ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/d113c6336c62f8be2d908dd36b5d93fa/id.main-actionbar.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: fa2460dbbde357064a9b704741aa42f6f50989c27834a23be853aee7d0cc4efe

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 11301963
Connection: keep-alive
Content-Length: 3114
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 447295010 909685998
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK id.simpletab.js Show response
idcdn.de/static/common/js/build/modules/5ef2a27d1eac8b3e9d2e36608888a0d5/ 4 KB
2 KB 61ms
30ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/5ef2a27d1eac8b3e9d2e36608888a0d5/id.simpletab.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 56dad8938e7efb172f67789239da893fcb5c7d9fc2b06886e62450883f598924

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 15684128
Connection: keep-alive
Content-Length: 1322
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 446507089 926089824
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H2 200 translation-en.json Show response
cdn.opencmp.net/publisher/dvl/tz.de/ 4 KB
2 KB 25ms
24ms Fetch
application/json 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/publisher/dvl/tz.de/translation-en.json
Requested by: Host: cdn.opencmp.net
URL: https://cdn.opencmp.net/tcf-v2/cmp-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d47f4a66d8850b1a1c89df19ad6b55be9d355d914ccd2faf3652637a8a42ba

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:16 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: DYNAMIC
x-amz-request-id: 7E8149F71D8EF94F
status: 200
x-amz-id-2: UUyNKb7W6eLu26KPM41wJgtHRQs9yxF5CMyIv8YbqWbS79ZCpo8iKOBOnqJdYwFCYprl/IhXu50=
last-modified: Sat, 19 Sep 2020 04:19:40 GMT
server: cloudflare
etag: W/"35eb524686a5bf6e99b406722821af6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-request-id: 05ae910630000005bb2d931200000001
cf-ray: 5df784504d7e05bb-FRA
x-amz-meta-originalfilename: translation-en.json

GET
H/1.1 200
OK id.col-width-watcher.js Show response
idcdn.de/static/common/js/build/modules/2720c704289781cc6d4830b8b9846b3f/ 2 KB
1 KB 60ms
30ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/2720c704289781cc6d4830b8b9846b3f/id.col-width-watcher.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 411ddd25dba895b8713908e36d7561fc854301d340efd868b12e5a6945ed3f95

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 941583
X-Cache: HIT
X-Cache-Hits: 7522733
Connection: keep-alive
Content-Length: 1026
Last-Modified: Thu, 24 Sep 2020 07:01:39 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 442774193 191215928
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Wed, 28 Oct 2020 13:13:12 GMT

GET
H/1.1 200
Ok 23929087-sohn-von-michael-schumacher-mick-schumacher-2cPIj8ri1CVI.jpg
www.tz.de/bilder/2020/10/08/90064515/ 8 KB
9 KB 32ms
31ms Image
image/jpeg 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/bilder/2020/10/08/90064515/23929087-sohn-von-michael-schumacher-mick-schumacher-2cPIj8ri1CVI.jpg
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: 3e0edbb89108e9871da18ee1406ffa90f20dadddfe0976f206572ccae536d79f

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Via: 1.1 varnish-v4
last-modified: Fri, 09 Oct 2020 10:24:14 GMT
Server: nginx, idlb6
Age: 1321
X-Cache: HIT
Content-Type: image/jpeg
expires: Sun, 08 Nov 2020 10:24:14 GMT
cache-control: max-age=2592000
X-Varnish: 1064104956 1065566102
Content-Length: 8436
Connection: keep-alive
Accept-Ranges: bytes
mime-version: 1.0
X-Cache-Hits: 1218

GET
H/1.1 200
Ok 24106521-dieter-bohlen-erstes-statement-austritt-von-michael-wendler-2uOLkF2DWNVI.jpg
www.tz.de/bilder/2020/10/09/90065116/ 8 KB
8 KB 31ms
31ms Image
image/jpeg 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/bilder/2020/10/09/90065116/24106521-dieter-bohlen-erstes-statement-austritt-von-michael-wendler-2uOLkF2DWNVI.jpg
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: 551304b27d7cdd6d102a9eef2ca796d1cab0200cfdbb2ad2eb75a5fcf5beaca0

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Via: 1.1 varnish-v4
last-modified: Fri, 09 Oct 2020 09:49:28 GMT
Server: nginx, idlb6
Age: 3408
X-Cache: HIT
Content-Type: image/jpeg
expires: Sun, 08 Nov 2020 09:49:28 GMT
cache-control: max-age=2592000
X-Varnish: 1064104957 1063928523
Content-Length: 8140
Connection: keep-alive
Accept-Ranges: bytes
mime-version: 1.0
X-Cache-Hits: 3190

GET
H/1.1 200
OK id.form.js Show response
idcdn.de/static/common/js/build/modules/a55aec9f6c0fab03afbd10c133b7e3a9/ 12 KB
4 KB 40ms
30ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/a55aec9f6c0fab03afbd10c133b7e3a9/id.form.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 2094f70ded911a905236c74cafabe2f059e71eb12c90bfd864cbe4f97b515e28

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 15879103
Connection: keep-alive
Content-Length: 4102
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 443904762 920389273
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H/1.1 200
OK id.webpush.js Show response
idcdn.de/static/common/js/build/modules/d77582710fdee825da46a974d1131bdf/ 2 KB
1 KB 40ms
30ms Script
application/javascript 91.234.30.145
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://idcdn.de/static/common/js/build/modules/d77582710fdee825da46a974d1131bdf/id.webpush.js
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.145 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb1 /
Resource Hash: 15b44ef3c71a5b916bb8eba5a385bcc84fa07be891b9f1c5f2d2efe90bd44d25

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Content-Encoding: gzip
Age: 2050892
X-Cache: HIT
X-Cache-Hits: 14656687
Connection: keep-alive
Content-Length: 718
Last-Modified: Mon, 14 Sep 2020 17:20:35 GMT
Server: nginx, idlb1
Vary: Accept-Encoding
X-Varnish: 447486750 916002283
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Thu, 15 Oct 2020 17:04:43 GMT

GET
H2

200

glomex-player-module.js Show response
player.glomex.com/integration/1.370.1/
Redirect Chain

https://player.glomex.com/integration/1/glomex-player-module.js
https://player.glomex.com/integration/1.370.1/glomex-player-module.js

28 KB
9 KB

8ms
7ms

Script
application/javascript

2600:9000:214f:6800:11:fdd5:15c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.glomex.com/integration/1.370.1/glomex-player-module.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6800:11:fdd5:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f50020d6614232a71a7a58ee0bf0091f9f7eb4000f93535b46f7ee6192c6141

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 10:57:14 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 172143
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://www.tz.de
last-modified: Wed, 07 Oct 2020 10:26:34 GMT
server: AmazonS3
etag: W/"784a8c5218f948ff274d9dd269e47c4d"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: SykZfn5cfIW3JVGZK-c283Z2wR0fDvrrrqtUe35lxVuQj2nA_IpTVw==

Redirect headers

date: Thu, 08 Oct 2020 10:57:15 GMT
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
status: 302
server: AmazonS3
age: 85742
location: https://player.glomex.com/integration/1.370.1/glomex-player-module.js
vary: Origin
access-control-allow-methods: GET, HEAD
access-control-allow-origin: https://www.tz.de
access-control-max-age: 0
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: 6esRHIF_SQNwxjN8WLQYc_9bPILPUDm9bWCeDwoArWRg0rjHLvhOQA==

GET
H/1.1 200
OK apple-touch-icon-144x144-precomposed.png
www.tz.de/ 11 KB
12 KB 33ms
33ms Image
image/png 91.234.213.110
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tz.de/apple-touch-icon-144x144-precomposed.png
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.213.110 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb6 /
Resource Hash: 5a9196ef02119e64187b2c2e53651ab599ebecb15c0e162bccebe2a0d3f241ce

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:46:16 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 09 Apr 2013 14:08:45 GMT
Server: nginx, idlb6
Age: 2050892
X-Cache: HIT
Content-Type: image/png
Expires: Thu, 15 Oct 2020 17:04:43 GMT
Cache-Control: max-age=2592000
X-Varnish: 1067944346 272460924
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11707
X-Cache-Hits: 18846697

GET
H2 200 i
d2wu036mkcz52n.cloudfront.net/ 43 B
357 B 29ms
7ms Image
image/gif 2600:9000:20eb:d600:a:2950:1bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2wu036mkcz52n.cloudfront.net/i?v=1&sr=1600x1200&vp=1600x1200&cd=24&md=false&h=12&t=12%3A46%3A16&d=2020-10-09&u=https%253A%252F%252Fwww.tz.de%252F%253Fsearch%253DJames-Marsden.htm%25253f&do=www.tz.de&ud=%22orA19xwRTJ7vbYfH7Uvw%22&type=%22pu%22&tte=0&domain=%22tz.de%22&amp=0
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d600:a:2950:1bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:33:44 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
last-modified: Mon, 25 May 2020 08:20:54 GMT
server: AmazonS3
age: 69153
etag: "fb02f374b8f73825415db1bccd4bd76d"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: my5D8jF8coc194Gh8YxhOKWqynug2-P9p5Og7oBdJpCNpKF6ve9wTg==

GET
H2 200 Ubuntu-Regular.ttf
cdn.opencmp.net/tcf-v2/assets/ 292 KB
132 KB 24ms
24ms Font
application/font-sfnt 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/tcf-v2/assets/Ubuntu-Regular.ttf
Requested by: Host: cdn.opencmp.net
URL: https://cdn.opencmp.net/tcf-v2/cmp-latest.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac6461feb3488e5d330e7e9434fc8e0c513aa3c1e7b57598eab1654e1055a14

Request headers

Origin: https://www.tz.de
Referer: https://cdn.opencmp.net/tcf-v2/cmp-latest.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:16 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 829
status: 200
x-amz-request-id: DD2E4D93AD6D52FF
x-amz-id-2: HA67MOSN4oiZhLvztyRfNBdxMFcX9SX9bz9PBXko71wuPSEI1xHkPUnaPg5m+PQ1ZZq1LhyMQwE=
last-modified: Sat, 19 Sep 2020 06:39:39 GMT
server: cloudflare
etag: W/"2505bfbd9bde14a7829cc8c242a0d25c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=14400
cf-request-id: 05ae91068f000005bb2d937200000001
cf-ray: 5df78450ef3a05bb-FRA

GET
H2 200 Ubuntu-Medium.ttf
cdn.opencmp.net/tcf-v2/assets/ 278 KB
123 KB 34ms
33ms Font
application/font-sfnt 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opencmp.net/tcf-v2/assets/Ubuntu-Medium.ttf
Requested by: Host: cdn.opencmp.net
URL: https://cdn.opencmp.net/tcf-v2/cmp-latest.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b46df5f30164c74e96343bfe061276a62a10741b9194f7a734cbcf4d9b1c5b

Request headers

Origin: https://www.tz.de
Referer: https://cdn.opencmp.net/tcf-v2/cmp-latest.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:16 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 829
status: 200
x-amz-request-id: 881EAF171EC5C41C
x-amz-id-2: FuxMKoZvbJ2XyF2Jloqh9Oa25n5en0xifV7XqepLeekTLWbLx5owEBen3xVgxJBXZPBYq7HinD8=
last-modified: Sat, 19 Sep 2020 06:39:39 GMT
server: cloudflare
etag: W/"8e22c2a6e3a3c679787e763a97fa11f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=14400
cf-request-id: 05ae91068f000005bb2d938200000001
cf-ray: 5df78450ef3d05bb-FRA

GET
H2

200

default.js Show response
ups.xplosion.de/loader/43906/
Redirect Chain

https://dyn.emetriq.de/loader/43906/default.js
https://ups.xplosion.de/loader/43906/default.js

868 B
1 KB

101ms
32ms

Script
text/javascript

99.81.188.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ups.xplosion.de/loader/43906/default.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.188.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-188-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8a87e23bca5e57afd045ea160c601f25dfaa2adf849347b56270fff354d4b4bd

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 09 Oct 2020 10:46:16 GMT
cache-control: must-revalidate,no-cache,no-store
access-control-allow-origin: *
content-type: text/javascript
content-length: 868
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"

Redirect headers

status: 302
date: Fri, 09 Oct 2020 10:46:16 GMT
server: awselb/2.0
content-length: 110
location: https://ups.xplosion.de:443/loader/43906/default.js
content-type: text/html

GET
H2 200 index-74e09c7b.js Show response
player.glomex.com/integration/1.370.1/ 2 KB
2 KB 8ms
8ms Script
application/javascript 2600:9000:214f:6800:11:fdd5:15c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.glomex.com/integration/1.370.1/index-74e09c7b.js
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6800:11:fdd5:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5e7f8faac29f975647c46136b8b0e9b22823f356134d8be4178c73299bb86b

Request headers

Origin: https://www.tz.de
Referer: https://player.glomex.com/integration/1.370.1/glomex-player-module.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 10:57:14 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 172142
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://www.tz.de
last-modified: Wed, 07 Oct 2020 10:26:34 GMT
server: AmazonS3
etag: W/"84d50d972ac439dc991e49c20b049aea"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 0U_8RoxJFh-BEzXbMtfIRYQ3pwcJ9x9L4YkcPqTIn8I6jw2lt2H9kA==

GET
H2 200 pushwoosh-web-notifications.js Show response
cdn.pushwoosh.com/webpush/v3/ 401 KB
98 KB 89ms
33ms Script
application/javascript 94.130.239.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js

Requested by

Host: idcdn.de
URL: https://idcdn.de/static/common/js/vendor/requirejs/require.2.1.18.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.239.232 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

cache-07.pushwoosh.com

Software

nginx /

Resource Hash

5734bab3686369faa2c3fbfdf4e8b90c165656b10ffed11361ecdeafbde655db

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 10:46:16 GMT
content-encoding: gzip
last-modified: Fri, 18 Sep 2020 07:56:41 GMT
server: nginx
etag: W/"f2d4638a00fb4667e3eb51e33b99f31a-1"
x-cache-status: HIT
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
expires: Sat, 10 Oct 2020 10:46:16 GMT
cache-control: max-age=86400, public
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 iframe-player.html
player.glomex.com/integration/1.370.1/ Frame D6D0 0
0 66ms
65ms Document
text/html 2600:9000:214f:6800:11:fdd5:15c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.glomex.com/integration/1.370.1/iframe-player.html?playlistIndex=0&origin=content-plugin&pageUrl=https%3A%2F%2Fwww.tz.de%2F%3Fsearch%3DJames-Marsden.htm%253f
Requested by: Host: player.glomex.com
URL: https://player.glomex.com/integration/1.370.1/glomex-player-module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6800:11:fdd5:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: player.glomex.com
:scheme: https
:path: /integration/1.370.1/iframe-player.html?playlistIndex=0&origin=content-plugin&pageUrl=https%3A%2F%2Fwww.tz.de%2F%3Fsearch%3DJames-Marsden.htm%253f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tz.de/?search=James-Marsden.htm%3f
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tz.de/?search=James-Marsden.htm%3f

Response headers

status: 200
content-type: text/html; charset=utf-8
date: Fri, 09 Oct 2020 10:46:17 GMT
cache-control: max-age=31536000
last-modified: Wed, 07 Oct 2020 10:26:34 GMT
etag: W/"332b4f94fbf690c7302f1d26f58cf207"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: TRkSpNZgBf_GuEQ0aIyZK2Gae6oORWG6xnah-PmhfPa1YSVPrfKowg==

GET
H2 200 p.min.js Show response
cdn.xplosion.de/adp/profiling/0.2.68/ 5 KB
3 KB 59ms
21ms Script
application/javascript 2600:9000:206e:2400:e:29d5:db00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xplosion.de/adp/profiling/0.2.68/p.min.js
Requested by: Host: dyn.emetriq.de
URL: https://dyn.emetriq.de/loader/43906/default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:2400:e:29d5:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b545ba8ec738538426fee411cf45788a539a6332baea682257b1e2f371e54d

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: f253FphS_ziourJz9_bIKI1XXEOokBYM
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 11:36:26 GMT
server: AmazonS3
age: 51293
etag: "e896f28601649705582330a5315e7ab7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=31536000, no-transform, public
date: Thu, 08 Oct 2020 20:31:24 GMT
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: noCRJSUY85zVb-NBk_Pgm7layw4uNAoBW_6HfrsTIoSYL0n4Xlypag==
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)

GET
H2 200 / Show response
integration-cloudfront-eu-west-1.mes.glomex.cloud/ 78 KB
11 KB 199ms
123ms XHR
application/json 2600:9000:203c:4600:d:46fd:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integration-cloudfront-eu-west-1.mes.glomex.cloud/?integration_id=2b9h4wtj2vkrm9u&playlist_id=cl-bdwf48f674dd&current_url=https%3A%2F%2Fwww.tz.de%2F%3Fsearch%3DJames-Marsden.htm%253f
Requested by: Host: dx46a7p7ieaml.cloudfront.net
URL: https://dx46a7p7ieaml.cloudfront.net/lobster/2.19.2/lobster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:4600:d:46fd:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / React/alpha
Resource Hash: e4927a65a8c03dd26b305b26d934eb2261c20468e64a1a02d579d6a1cac7a1a3

Request headers

Accept: application/json
Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-integration-cache: Miss from cache
date: Fri, 09 Oct 2020 10:46:17 GMT
content-encoding: gzip
x-amz-cf-pop: SOF50-C1
status: 200
x-powered-by: React/alpha
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=120
access-control-allow-credentials: true
x-integration-cache-key: req.ad8fb8603cb5450bfd527d72db4c2a61
x-amz-cf-id: D7ez4GDfdOTL9gaInzdNiXeQONWd9-ceOE9D9_uY2ED6p68QuBft_A==
via: 1.1 8402092ddffda84e288d42c5892ec70b.cloudfront.net (CloudFront)

POST
H2 204 pl
pp.lp4.io/ 0
69 B 26ms
26ms Other
text/plain 136.243.25.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.lp4.io/pl?i=58c64d04e45a1d2f02abc17b&ct=1.527&rt=1.685&pt=3.212&pvr=&lp=1.672&p=https%3A%2F%2Fwww.tz.de%2F&c=desktop&t=homepage&s=&tg=-1&ctg=-1&_r=1602240377059:4.7.17:20200608-210627&_m=beacon
Requested by: Host: pp.lp4.io
URL: https://pp.lp4.io/app/58/c6/4d/58c64d04e45a1d2f02abc17b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.25.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.25.243.136.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Fri, 09 Oct 2020 10:46:17 GMT
server: Apache/2.4.29 (Ubuntu)

GET
H/1.1 200
OK profile:player-960x540
i2thumbs.glomex.com/dC1ydS8yMDIwLzEwLzA5LzA5LzU1XzE0XzVmODAzMzgyZTY2NzAuanBlZw==/ 52 KB
52 KB 41ms
18ms Image
image/jpg 2600:9000:21f3:c000:4:f963:680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2thumbs.glomex.com/dC1ydS8yMDIwLzEwLzA5LzA5LzU1XzE0XzVmODAzMzgyZTY2NzAuanBlZw==/profile:player-960x540
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:4:f963:680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebe5c7b919fd04b5b061868fc4f28938b90fd2bc001701dbe53608b1fa64bf21

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 10:13:23 GMT
Via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
Age: 1975
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 52896
x-amz-id-2: wNUs5Dcz/Igt4/rOgbX8P+yjodHm79FzFjtn9+gViWFyDLA3S480waxU6MUp4x+cIHsw9QAK5Qw=
Last-Modified: Fri, 09 Oct 2020 09:55:19 GMT
Server: AmazonS3
ETag: "561849b2405850d9f11d9cadec3bf16e"
x-amz-request-id: E4FB213687DE0196
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Type: image/jpg
X-Amz-Cf-Id: 0_JvbhceTZReWMyEaO_K9DQa9CKwDl8gFC0xElJ1M2advo_mKFN_7w==

GET
H/1.1 206
Partial Content 5f803476e49086.59174272.mp4
mes-teaser-generator-prod.mes.glomex.cloud/f0fbb3/v-c689q1a5j64p/video_teaser/ 32 KB
0 81ms
23ms Media
video/mp4 143.204.201.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mes-teaser-generator-prod.mes.glomex.cloud/f0fbb3/v-c689q1a5j64p/video_teaser/5f803476e49086.59174272.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-88.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 09 Oct 2020 10:46:17 GMT
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Last-Modified: Fri, 09 Oct 2020 09:59:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "9595f036e98c7dea4b172e97550ff3b7"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-236116/236117
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 236117
X-Amz-Cf-Id: ck4BjEt7d6N7rm1fXuImVJjOcWXntc-zPFYfbzb-vBpyQjyWynUzaA==

GET
H2 200 play-button-vienna.at.svg
dx46a7p7ieaml.cloudfront.net/lobster-teaser/ 783 B
1 KB 7ms
7ms Image
image/svg+xml 2600:9000:20eb:ec00:e:2c12:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx46a7p7ieaml.cloudfront.net/lobster-teaser/play-button-vienna.at.svg
Requested by: Host: www.tz.de
URL: https://www.tz.de/?search=James-Marsden.htm%3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:e:2c12:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b8c70003d026ac8f01b4c88cf1e4030b92cd90f6c35a56e6726f58899e99ef3

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
last-modified: Fri, 29 Sep 2017 10:27:18 GMT
server: AmazonS3
age: 390
etag: "41feef208b976d8efeed2b32b427757a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=600
date: Fri, 09 Oct 2020 10:39:48 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 783
x-amz-cf-id: -bePcP98JzlnIKJtZKfvSAcAAojZ4iLRZrechdx-N2CoN_0lf208bA==

GET
H/1.1 206
Partial Content 5f803476e49086.59174272.mp4
mes-teaser-generator-prod.mes.glomex.cloud/f0fbb3/v-c689q1a5j64p/video_teaser/ 7 KB
7 KB 73ms
25ms Media
video/mp4 143.204.201.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mes-teaser-generator-prod.mes.glomex.cloud/f0fbb3/v-c689q1a5j64p/video_teaser/5f803476e49086.59174272.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-88.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4661f77adaefc5148d5e9a123adb5c631c88131490babd7ae5bb41f87c27c177

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=229376-

Response headers

Date: Fri, 09 Oct 2020 10:46:17 GMT
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
Last-Modified: Fri, 09 Oct 2020 09:59:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "9595f036e98c7dea4b172e97550ff3b7"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 229376-236116/236117
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6741
X-Amz-Cf-Id: YC0RMxImzF5noVGTyzCMx3I2dr6ASqbVwIvLCspuLtmDo5KL6V9X9g==

GET
H/1.1 206
Partial Content 5f803476e49086.59174272.mp4
mes-teaser-generator-prod.mes.glomex.cloud/f0fbb3/v-c689q1a5j64p/video_teaser/ 79 KB
0 27ms
27ms Media
video/mp4 143.204.201.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mes-teaser-generator-prod.mes.glomex.cloud/f0fbb3/v-c689q1a5j64p/video_teaser/5f803476e49086.59174272.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-88.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=32768-

Response headers

Date: Fri, 09 Oct 2020 10:46:17 GMT
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
Last-Modified: Fri, 09 Oct 2020 09:59:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "9595f036e98c7dea4b172e97550ff3b7"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 32768-236116/236117
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 203349
X-Amz-Cf-Id: 2wqeKY2bs-Fk9YGxAUhJE0_Bhz_9f0WM0aCkDddU_Lp3iLCa_21gHg==

POST
H/1.1 204 idat
idat.production.ippen.space/ 0
221 B 106ms
26ms Other
text/plain 3.122.91.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idat.production.ippen.space/idat
Requested by: Host: idcdn.de
URL: https://idcdn.de/static/common/js/build/modules/d4068dc8412df064145a55c024b66bf9/id.tm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.91.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-91-65.eu-central-1.compute.amazonaws.com
Software: nginx/1.17.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tz.de/?search=James-Marsden.htm%3f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 09 Oct 2020 10:46:26 GMT
Server: nginx/1.17.8
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tz.de/	1970-01-25 20:31:23	Name: iom_consent Value: 01000000000000&1602240376449
.tz.de/	1970-01-19 20:28:57	Name: ioam2018 Value: 0009b44c65319c3455f803f78:1628937976182:1602240376182:.tz.de:2:tzonline:tz_home:noevent:1602240376182:svdylo
.www.tz.de/	1970-01-19 13:04:00	Name: _gat_idTracker Value: 1
.tz.de/	1970-01-19 21:49:36	Name: _lp4_u Value: WWIRI7xEEh
.tz.de/	1970-01-19 17:26:05	Name: atidvisitor Value: %7B%22name%22%3A%22atidvisitor%22%2C%22val%22%3A%7B%22vrn%22%3A%22-572369-%22%7D%2C%22options%22%3A%7B%22path%22%3A%22%2F%22%2C%22session%22%3A15724800%2C%22end%22%3A15724800%7D%7D
.www.tz.de/	1970-01-20 06:35:12	Name: _ga Value: GA1.3.1639187009.1602240376
www.tz.de/	1969-12-31 23:59:59	Name: JSESSIONID Value: FA2DEB7BA1B5F5F7C49797176466B534
.www.tz.de/	1970-01-19 13:05:26	Name: _gid Value: GA1.3.790667994.1602240376
.tz.de/	1970-01-20 06:35:12	Name: cua_page_request_params Value: eyJmaXJzdFZpc2l0RGF0ZSI6MTYwMjI0MDM3NjM0MywibGFzdFZpc2l0RGF0ZSI6MTYwMjI0MDM3NjM0MywiY3VycmVudFZpc2l0RGF0ZSI6MTYwMjI0MDM3NjM0MywiYWN0aXZlU2Vzc2lvbiI6ZmFsc2UsInNlc3Npb25Db3VudCI6MSwicGFnZVZpZXdDb3VudCI6MX0%3D
www.tz.de/	1970-01-19 13:05:26	Name: id_fonts_loaded Value: true
www.tz.de/	1970-01-19 21:49:36	Name: new_user Value: true
www.tz.de/	1970-01-20 06:35:12	Name: cua_uuid Value: 65e306b2-aa3c-1190-07c3-0cb039f99c2b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.opencmp.net
cdn.pushwoosh.com
cdn.xplosion.de
cdntrf.com
config-vvs.glomex.com
d2wu036mkcz52n.cloudfront.net
de.ioam.de
dx46a7p7ieaml.cloudfront.net
dyn.emetriq.de
fonts.googleapis.com
fonts.gstatic.com
i2thumbs.glomex.com
idat.production.ippen.space
idcdn.de
integration-cloudfront-eu-west-1.mes.glomex.cloud
logs1407.xiti.com
mes-teaser-generator-prod.mes.glomex.cloud
native.sharethrough.com
player.glomex.com
pp.lp4.io
script.ioam.de
stats.g.doubleclick.net
tag.aticdn.net
tz.de
ups.xplosion.de
widget.msgp.pl
www.google-analytics.com
www.googletagmanager.com
www.tz.de
136.243.25.70
143.204.201.88
143.204.201.90
18.200.148.151
184.30.219.232
2600:9000:203c:4600:d:46fd:8a80:93a1
2600:9000:206e:2400:e:29d5:db00:93a1
2600:9000:20eb:d600:a:2950:1bc0:21
2600:9000:20eb:ec00:e:2c12:d340:21
2600:9000:214f:6800:11:fdd5:15c0:93a1
2600:9000:214f:d600:11:363e:6940:93a1
2600:9000:21f3:c000:4:f963:680:93a1
2606:4700:10::6816:4db
2606:4700:20::681a:3de
2606:4700:20::681a:ff6
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:815::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2008
2a00:1450:400c:c00::9b
3.122.91.65
52.16.212.35
91.215.100.40
91.215.103.64
91.234.213.110
91.234.213.200
91.234.30.145
94.130.239.232
99.81.188.151
05b46df5f30164c74e96343bfe061276a62a10741b9194f7a734cbcf4d9b1c5b
06b414b25603c02686f4938362d8cbab63664adcbf8d2aaf0c614f44fe17de6f
0be5b13b7dadbee530eb12d61f8aeddc028c3de2bfb9897dd90d2c8d9b335f49
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
12b545ba8ec738538426fee411cf45788a539a6332baea682257b1e2f371e54d
139eca33414dda4066bdd01d159ee43b29df1d03fa45ddca2965fa371864d7bc
14a1f935265572f5f7d5b50fda66d307cb428cb354ef701fbd7d0090ab2ed8f3
150167357818eacce6e603f98b3a97264e81b73c1f731cdb86927c9f110544c0
150d71294501f26050e7fc3c1106a9c01455c3bdceabea4b47721b7a026476bc
15b44ef3c71a5b916bb8eba5a385bcc84fa07be891b9f1c5f2d2efe90bd44d25
1688dc4484e41bdd62ecd275b5b208934a96bc4522f055233fb1de2d07bbc42d
17f3578a26bdd3b658514a096a1f52d6e5bdadf13ca2edcd7d3472b29caa885c
1f50020d6614232a71a7a58ee0bf0091f9f7eb4000f93535b46f7ee6192c6141
2094f70ded911a905236c74cafabe2f059e71eb12c90bfd864cbe4f97b515e28
370554b7b7de80dd38736fad854cb2bbb9ac39b6fb997ff110247781131d820b
3772ae1a3abdd4df77c948bc7eb9d418f64f1cf59bf379210e0ea3f1b157046c
38a4a0616eec7a64dc1b6a5c034eab3d054af0bd040c1c0d41df6435e905499a
3e0edbb89108e9871da18ee1406ffa90f20dadddfe0976f206572ccae536d79f
411ddd25dba895b8713908e36d7561fc854301d340efd868b12e5a6945ed3f95
4661f77adaefc5148d5e9a123adb5c631c88131490babd7ae5bb41f87c27c177
4a019316b8a6230118d7d1cf20ca74f318191f27472a2664597552dc22db15b0
4ef6d608857431dc715ef3a0911fcf19ca2e2314040919723d240bbff53a74a3
5029890582ddf25fc8fe8765c99c57bd93e96899cc0f443bf1ca6a371f8623ee
525218e2be3c88cf976bec4724df6aba6bf0cd1bcc9d1d8868e48cdd8c070c52
541cbd610ad7944f4bb8a98da91f897dcf60a0d42658a8c0418d44d7b486c35c
551304b27d7cdd6d102a9eef2ca796d1cab0200cfdbb2ad2eb75a5fcf5beaca0
56dad8938e7efb172f67789239da893fcb5c7d9fc2b06886e62450883f598924
5734bab3686369faa2c3fbfdf4e8b90c165656b10ffed11361ecdeafbde655db
584cb96afe30657b85b47441e4f52e2c9cf713b7c4fc5bac2f48e6eb93dee3e6
585b62299458b634a47caf1f4f026ad70732f5dddc1d146ac3f9b0465fd7831e
5a9196ef02119e64187b2c2e53651ab599ebecb15c0e162bccebe2a0d3f241ce
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d5e7f8faac29f975647c46136b8b0e9b22823f356134d8be4178c73299bb86b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2d30dec1ce8537612d76716540d45f0d00e66ff29ea31695644db62cfc7f13
6d4f3f785aa2e9fdaa25bc84128b76944f1675fceb1f4c4f30d1ef5a58b8c935
6d82fe1f3cea6403f7b118a100e7b604066e7e9335e3987860d3a3796f200f64
733fe39b72796c44982e5d675b1358ab35a03fe3d957c4399b83adf16df0d032
749b656a3adbd813f21b5b7e3273a46eb8671e9fc831d42f7010353cf70ac0b4
7ab52dda30c002526655fa53016340dec6880b6ca837e97d5d5e232c798d7ef1
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8a87e23bca5e57afd045ea160c601f25dfaa2adf849347b56270fff354d4b4bd
8b8c70003d026ac8f01b4c88cf1e4030b92cd90f6c35a56e6726f58899e99ef3
8e7b8145cb44e8baa4d3045dfe4cbc96219283a9063348a1c04a7c4946a29921
926687aa4d415ab6214c7b528117009f4d521b3cf470b965bc65465e16519e84
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
931c75b48e54255df72b9458bad3a6e6055d571311ad5955cc298d9523202f2a
9d04a37107e3ad5d1bad25e51858f9c84401ec82ebed8ea73fa5da02d3397a50
a9809231f89f4a05ace9b514f6f483fcd6d13f3416964757548eca9b4e3de31d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b299eaf04bf280f885d61cd9a22c807401b0a9c0b83c3e3edb3bc0c76764de07
b366762686bddfa3b042a78727a37e5f3337b96e71f17f73fbe5f94cf5b34e31
b39f114760433098856c3c8df221b92acbbc8e281b0dc51eda0cd0402116deb0
b470f349ec3305c9471df9a8e1a5f6ac6834ac696f91d43513c5062bbef4f2b6
b77084593a305779ebfe9166ba892bc77d38ad3101d7ed727127b80d72979b96
b9677a237eae60bd14acde176f407702b0d8671258960ee68441304b1aed47a8
bac6461feb3488e5d330e7e9434fc8e0c513aa3c1e7b57598eab1654e1055a14
bd05e52eee6561f92e9e625eee062db7bf491b38a570aa040c9fb7234b59c1cd
be1e1308778527a404258978b7d71fc51609f2a52a3fb0c7cee87e865cfeb199
c0bf006f94c1008f2cec46e59785bddddd1a735d83131bfcefb6d078301172e8
c205a7703aba03e6bf21788dc8f7a2ce5fa94fccd0649196278528f6be86626c
c64322fbf3f1876a320110a39ee0357a422518ee0e0e59fb05781b8fd212732c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd1790d47cd19e09f120f00b264e651a2942aff6d6ff19a29065180cb26d333f
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf2ccc630a5af35fdba8da98ab0420189fd1f153a3ae7de311fd13d3a7714fd9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d87ff41269fd3e3d71193a75992c4d72a8a2f032cd62198362e448f8abafc0
e1aeed6ed134b5edcc2c7f8da011a8c4cde53111e474fec9c185f2ec253270d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43655513c9b3baa61efca5f4a7ee398eb2f0a4298a2a17bce3619cc7e28c354
e4927a65a8c03dd26b305b26d934eb2261c20468e64a1a02d579d6a1cac7a1a3
e971dcbe00fd0bc9c4bfd77e97ad0f70a8d61a15e9e4aa425582ea92b67802e7
eadc2c8d7ccdae5170e33a4b9d9b4c9b016713e0dc205d3d7ad5fc78a0f5c7b4
ebe5c7b919fd04b5b061868fc4f28938b90fd2bc001701dbe53608b1fa64bf21
f3c97cba2545003f0d6be694f8851da41b3aa8841e629e61310bee6a6c99b0b9
f7d47f4a66d8850b1a1c89df19ad6b55be9d355d914ccd2faf3652637a8a42ba
fa2460dbbde357064a9b704741aa42f6f50989c27834a23be853aee7d0cc4efe
fac42245eab9d9ac2ecdc12115b7ead107d2aa2bd7bcc8b220aaa7c0a4bb4f5e

www.tz.de Open in urlscan Pro 91.234.213.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

55 %IPv6

22 Domains

30 Subdomains

29 IPs

5 Countries

1583 kBTransfer

5185 kBSize

12 Cookies

16 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tz.de Open in urlscan Pro
91.234.213.110 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

55 %
IPv6

22
Domains

30
Subdomains

29
IPs

5
Countries

1583 kB
Transfer

5185 kB
Size

12
Cookies

87 HTTP transactions
0 data transactions