www.derwesten.de Open in urlscan Pro
192.0.66.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.derwesten.de/
Effective URL:
https://www.derwesten.de/
Submission: On December 03 via api (December 3rd 2023, 6:29:48 pm UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 33 HTTP transactions. The main IP is 192.0.66.149, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.derwesten.de. The Cisco Umbrella rank of the primary domain is 209836.
TLS certificate: Issued by R3 on November 21st 2023. Valid for: 3 months.

This is the only time www.derwesten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	192.0.66.149 192.0.66.149	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:812::2013	15169 (GOOGLE) (GOOGLE)
1	34.160.106.120 34.160.106.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.111.164.192 34.111.164.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
33	4

30 192.0.66.149 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.derwesten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

runforrest.derwesten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.106.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.106.160.34.bc.googleusercontent.com

scout.data.funkedigital.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.164.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.164.111.34.bc.googleusercontent.com

anonym.data.funkedigital.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	derwesten.de 1 redirects www.derwesten.de — Cisco Umbrella Rank: 209836 runforrest.derwesten.de — Cisco Umbrella Rank: 348647	1 MB
3	funkedigital.de scout.data.funkedigital.de — Cisco Umbrella Rank: 150353 anonym.data.funkedigital.de — Cisco Umbrella Rank: 124536	15 KB
33	2

	Domain	Requested by
30	www.derwesten.de	1 redirects www.derwesten.de
2	anonym.data.funkedigital.de	scout.data.funkedigital.de
1	scout.data.funkedigital.de	www.derwesten.de
1	runforrest.derwesten.de	www.derwesten.de
33	4

This site contains links to these domains. Also see Links.

Domain
funkemediennrw.de
www.globista.de
www.waz.de
jobsnrw.de
ruhrticket.online-ticket.de
www.futurezone.de
www.wmn.de
www.heftig.de
www.leckerschmecker.me
www.4players.de
www.nrz.de
www.wp.de
www.wr.de
www.ikz-online.de
www.news38.de
www.thueringen24.de
www.moin.de
www.berlin-live.de
karriere.funkemedien.de
funkemediasales.de
anzeigen.funkemediennrw.de
www.funkemedien.de

Subject Issuer	Validity	Valid
derwesten.de R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
runforrest.derwesten.de GTS CA 1D4	`2023-10-08` - `2024-01-06`	3 months	crt.sh
scout.data.funkedigital.de GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
anonym.data.funkedigital.de GTS CA 1D4	`2023-10-11` - `2024-01-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.derwesten.de/
Frame ID: 99580EF576EAD52150CBF7888FA1566A
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

derwesten.de - Nachrichten für den Westen - DerWesten.de

Page URL History Show full URLs

http://www.derwesten.de/ HTTP 301
https://www.derwesten.de/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

33
Requests

100 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

1101 kB
Transfer

1845 kB
Size

0
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://funkemediennrw.de/
Title: ivw-logo

Search URL Search Domain Scan URL

URL: https://www.globista.de/
Title: Globista

Search URL Search Domain Scan URL

URL: https://www.waz.de/prospekte
Title: Prospekte

Search URL Search Domain Scan URL

URL: https://jobsnrw.de/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://ruhrticket.online-ticket.de/index.php
Title: Tickets

Search URL Search Domain Scan URL

URL: https://www.futurezone.de/
Title: futurezone.de

Search URL Search Domain Scan URL

URL: https://www.wmn.de/
Title: wmn.de

Search URL Search Domain Scan URL

URL: https://www.heftig.de/
Title: heftig

Search URL Search Domain Scan URL

URL: https://www.leckerschmecker.me/
Title: Leckerschmecker

Search URL Search Domain Scan URL

URL: https://www.4players.de/
Title: 4Players

Search URL Search Domain Scan URL

URL: https://www.waz.de/
Title: WAZ

Search URL Search Domain Scan URL

URL: https://www.nrz.de/
Title: NRZ

Search URL Search Domain Scan URL

URL: https://www.wp.de/
Title: WP

Search URL Search Domain Scan URL

URL: https://www.wr.de/
Title: WR

Search URL Search Domain Scan URL

URL: https://www.ikz-online.de/
Title: IKZ

Search URL Search Domain Scan URL

URL: https://www.news38.de/
Title: news38.de – Nachrichten für Niedersachsen

Search URL Search Domain Scan URL

URL: https://www.thueringen24.de/
Title: thueringen24.de – Nachrichten für Thüringen

Search URL Search Domain Scan URL

URL: https://www.moin.de/
Title: moin.de – Nachrichten für Hamburg und den Norden

Search URL Search Domain Scan URL

URL: https://www.berlin-live.de/
Title: Berlin-Live.de – Nachrichten für Berlin

Search URL Search Domain Scan URL

URL: https://karriere.funkemedien.de/
Title: Karriere

Search URL Search Domain Scan URL

URL: https://funkemediasales.de/mediadaten
Title: Mediadaten

Search URL Search Domain Scan URL

URL: https://anzeigen.funkemediennrw.de/
Title: Online Anzeigenaufgabe

Search URL Search Domain Scan URL

URL: https://funkemediasales.de/
Title: FUNKE MediaSales NRW

Search URL Search Domain Scan URL

URL: https://www.funkemedien.de/de/
Title: FUNKE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.derwesten.de/ HTTP 301
https://www.derwesten.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.derwesten.de/
Redirect Chain

http://www.derwesten.de/
https://www.derwesten.de/

261 KB
38 KB

23ms
7ms

Document
text/html

192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: 068019c7c971e0413727ac5dd630676baa8eb68786d31b667277fcc071f76c5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 124
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 38353
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 18:29:43 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.derwesten.de/wp-json/>; rel="https://api.w.org/" <https://www.derwesten.de/wp-json/wp/v2/pages/311>; rel="alternate"; type="application/json" <https://www.derwesten.de/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache: hit
x-distributor: yes
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn2 111 254 443

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 03 Dec 2023 18:29:43 GMT
Location: https://www.derwesten.de/
Server: nginx

GET
H2 200 style.min.css
www.derwesten.de/wp-includes/css/dist/block-library/ 102 KB
14 KB 9ms
9ms Stylesheet
text/css 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/wp-includes/css/dist/block-library/style.min.css?m=1699399644g
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
content-encoding: gzip
x-rq: hhn2 111 253 443
last-modified: Tue, 07 Nov 2023 23:27:24 GMT
server: nginx
etag: W/"654ac7dc-19824"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 /
www.derwesten.de/_static/ 15 KB
4 KB 10ms
9ms Stylesheet
text/css 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGppZWhpbWpqZmAIARTIu+A==
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
content-encoding: gzip
x-rq: hhn2 111 253 443
last-modified: Tue, 07 Nov 2023 23:27:25 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000

GET
H2 200 related-posts-block-styles.min.css
www.derwesten.de/wp-content/mu-plugins/search/elasticpress-next/dist/css/ 222 B
406 B 14ms
13ms Stylesheet
text/css 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css?m=1700978938g
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 111 253 443
last-modified: Sun, 26 Nov 2023 06:08:58 GMT
server: nginx
etag: "6562e0fa-de"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 222

GET
H2 200 /
www.derwesten.de/_static/ 298 KB
49 KB 14ms
14ms Stylesheet
text/css 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/_static/??-eJyFjsEKwjAQRH/IdJsKtRfxU8TGRWuTTehsCf69GikEPHibHd5jh3IyLoqyKCW/3iYBCWeki5vN6KObQdcJSiWfoU/PaBywo8rUOweuxCUnKuhfstxftmqRoiAuv4/CaraVD9bC2q4Z6M1txcc5haM9tLbr9/3QvgDCh1RT
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d51da9d67c4919fcefc33a8108b6751efb2505a54cf3fc62ea7503e1bb1d42e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
content-encoding: gzip
x-rq: hhn2 111 254 443
last-modified: Wed, 29 Nov 2023 13:14:40 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000

GET
H2 200 print.css
www.derwesten.de/wp-content/themes/newspack-theme/styles/ 3 KB
2 KB 8ms
7ms Stylesheet
text/css 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/wp-content/themes/newspack-theme/styles/print.css?m=1698070851g
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 47ea730c0d1c221e563585b077e9d6a26ff978e497dfa31551503d627f9fc26d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
content-encoding: gzip
x-rq: hhn2 111 253 443
last-modified: Mon, 23 Oct 2023 14:20:51 GMT
server: nginx
etag: W/"65368143-da8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 cropped-derwesten.png
www.derwesten.de/wp-content/uploads/sites/8/2022/02/ 4 KB
4 KB 7ms
7ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2022/02/cropped-derwesten.png
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d7b809185b525f8e3261879357deae30d964900d5ccacda47cf69094a459d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 140 443
last-modified: Wed, 03 May 2023 15:32:39 GMT
server: nginx
etag: "91b17590bb9f006c"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4276

GET
H2 200 leverkusen-dortmund-e1701626265811.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/12/ 108 KB
108 KB 7ms
7ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/12/leverkusen-dortmund-e1701626265811.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 48a984a9c090e87361bc89ef6d31ca381e27bb367e3b38b2221a7e6af2c38fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 200 443
last-modified: Sun, 03 Dec 2023 18:01:14 GMT
server: nginx
etag: "2065da597742f469"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 110448

GET
H2 200 burgergeld-e1700736162815.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 35 KB
35 KB 7ms
7ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/burgergeld-e1700736162815.jpg?resize=800,600
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7736a39242af8829257c4cbf34c93074ece5f3edaf63aa156c5f8acfee4e10a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 83 443
last-modified: Thu, 23 Nov 2023 15:03:06 GMT
server: nginx
etag: "15e792f500cb7c45"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36068

GET
H2 200 imago0299182715h-e1701165400967.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 53 KB
53 KB 8ms
7ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/imago0299182715h-e1701165400967.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c8719b11a76bd9d1e7070baad88bd22d5cc8718c9ae5662f4b4e88fbf332c79c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 83 443
last-modified: Tue, 28 Nov 2023 10:25:05 GMT
server: nginx
etag: "e110feed4dfb90e0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 53782

GET
H2 200 funke_logo_red.svg
www.derwesten.de/wp-content/themes/newspack-rwp/assets/ 2 KB
987 B 15ms
12ms Image
image/svg+xml 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/themes/newspack-rwp/assets/funke_logo_red.svg
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c26e3bcb95b4e65c884ca82b0ea0ceeee1126dd123eec93d0c239fd9992d7d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
content-encoding: gzip
x-rq: hhn2 111 254 443
last-modified: Wed, 14 Dec 2022 12:03:47 GMT
server: nginx
etag: W/"6399bba3-6f4"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 200 view.css
www.derwesten.de/wp-content/plugins/newspack-blocks/dist/homepage-articles/ 14 KB
3 KB 15ms
11ms Stylesheet
text/css 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/wp-content/plugins/newspack-blocks/dist/homepage-articles/view.css?m=1671019426g
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b7c6661d4208cb7bcfa366f322f64ad1873c100d81db2ba50be0b2dae6bb3ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
content-encoding: gzip
x-rq: hhn2 111 253 443
last-modified: Wed, 14 Dec 2022 12:03:46 GMT
server: nginx
etag: W/"6399bba2-37be"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 ivw-logo-nordrhein-westfalen.webp
www.derwesten.de/wp-content/themes/newspack-rwp/assets/ 4 KB
4 KB 7ms
7ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/themes/newspack-rwp/assets/ivw-logo-nordrhein-westfalen.webp
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c7431ff0a0c099a08b23bbe1d4a46591b62d645ab1be6f0018a92dfe678f4c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 111 253 443
last-modified: Wed, 14 Dec 2022 12:03:47 GMT
server: nginx
etag: "6399bba3-e5a"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3674

GET
H2 200 leaguespartan-bold.woff2
www.derwesten.de/wp-content/themes/newspack-rwp/fonts/league-spartan/ 12 KB
13 KB 7ms
7ms Font
application/font-woff2 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/wp-content/themes/newspack-rwp/fonts/league-spartan/leaguespartan-bold.woff2
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 704535e4d21edf9be26df22091fb8c7d33b2a36d87f03a059f52d7d5a0e0148a

Request headers

Referer: https://www.derwesten.de/
Origin: https://www.derwesten.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 111 253 443
last-modified: Wed, 14 Dec 2022 12:03:47 GMT
server: nginx
etag: "6399bba3-31a0"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12704

GET
H2 200 noto-sans-v25-latin-regular.woff2
www.derwesten.de/wp-content/themes/newspack-rwp/fonts/noto-sans/ 16 KB
16 KB 7ms
7ms Font
application/font-woff2 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.derwesten.de/wp-content/themes/newspack-rwp/fonts/noto-sans/noto-sans-v25-latin-regular.woff2
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b

Request headers

Referer: https://www.derwesten.de/
Origin: https://www.derwesten.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 111 254 443
last-modified: Wed, 14 Dec 2022 12:03:47 GMT
server: nginx
etag: "6399bba3-3ed8"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16088

GET
H2 200 rente-mit-63-antraege-rentenversicherung-rentenkasse-rentenbescheid24-peter-knoeppel.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 63 KB
63 KB 10ms
8ms Image
image/jpeg 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/rente-mit-63-antraege-rentenversicherung-rentenkasse-rentenbescheid24-peter-knoeppel.jpg?resize=800,600
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: bd4093be4236b4cdf011d3608ca01cdb57a428b3a9a5e5b8c2f1ade7722c1bce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 144 443
last-modified: Tue, 28 Nov 2023 11:56:50 GMT
server: nginx
etag: "b701f4c411b21925"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 64376

GET
H2 200 imago0257446614h-e1696752722829.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 51 KB
51 KB 10ms
8ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/imago0257446614h-e1696752722829.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 24d9543a3f357a44bdd2a0ff530b9b6cb1e34494821f86c7c962ecb44d82e8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 140 443
last-modified: Wed, 29 Nov 2023 12:22:12 GMT
server: nginx
etag: "92e71b8ac23dc7ce"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 52262

GET
H2 200 imago0194965477h-e1700646057220.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 64 KB
64 KB 10ms
9ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/imago0194965477h-e1700646057220.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 52f08380d1724ba0268119270fc9178786ea5ad56cab4aa8928bfafe92206ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 83 443
last-modified: Wed, 22 Nov 2023 12:58:18 GMT
server: nginx
etag: "c419ab23f3372caa"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65272

GET
H2 200 imago1037308153h-e1701623012233.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/12/ 28 KB
28 KB 11ms
9ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/12/imago1037308153h-e1701623012233.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 23cdb5b9c4cb0d8aa470c7a9cf3efcd7d79f4c5803d38f5f20f4999c3be6a580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 83 443
last-modified: Sun, 03 Dec 2023 18:21:08 GMT
server: nginx
etag: "bcc113e82bb8b672"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 28942

GET
H2 200 imago0308766326h-e1701452139516.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/12/ 43 KB
43 KB 11ms
9ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/12/imago0308766326h-e1701452139516.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: db353e6bd52f2dbfd09e459251ae71057b705543fbe76f1726f770f9e896bcab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 27 443
last-modified: Fri, 01 Dec 2023 20:10:55 GMT
server: nginx
etag: "05c57f53100ee172"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43750

GET
H2 200 urqs0hp5fxlm-hartz-und-herzlich-tag-fuer-tag-rostock-293-sandra-q-teaser-e1700312164151.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 37 KB
37 KB 11ms
9ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/urqs0hp5fxlm-hartz-und-herzlich-tag-fuer-tag-rostock-293-sandra-q-teaser-e1700312164151.jpg?resize=800,600
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 18f946681e63de1f98402cb1a9d31a420186367c95f1b74383bdd0adf1025248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 139 443
last-modified: Sat, 18 Nov 2023 22:00:40 GMT
server: nginx
etag: "ab1e4f6417d9d597"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37636

GET
H2 200 nfl-im-tv-und-livestream-e1695366646464.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/09/ 85 KB
86 KB 11ms
10ms Image
image/jpeg 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/09/nfl-im-tv-und-livestream-e1695366646464.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 74ac2f4414fa38571ce9a2072b27594f0bab39c8305fdfd14414e68eca5c9a54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 144 443
last-modified: Fri, 22 Sep 2023 07:11:43 GMT
server: nginx
etag: "d3868e0304075b6f"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87536

GET
H2 200 pflegegeld-auszahlung-e1695123325435.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/09/ 32 KB
32 KB 11ms
10ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/09/pflegegeld-auszahlung-e1695123325435.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1322981e8af1b60bbaf930760d8addcfa46ab82c5af66d7c2a2204d922666c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 195 443
last-modified: Tue, 28 Nov 2023 11:18:10 GMT
server: nginx
etag: "71426a726fe7befe"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32990

GET
H2 200 5faed800346fc236-e1701253166168.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 39 KB
39 KB 12ms
10ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/5faed800346fc236-e1701253166168.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 41337814690fcb739565b84293722f95a41546dbbade6ac3752927fbc9d6f465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 140 443
last-modified: Wed, 29 Nov 2023 10:30:42 GMT
server: nginx
etag: "94d04f23215639f4"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39894

GET
H2 200 imago0345936255h-e1701330191676.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 52 KB
52 KB 12ms
11ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/imago0345936255h-e1701330191676.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 42b5acc85bb439f29d40b84b1d5628317d2b855d3c4e7775be5443176a1d6508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 196 443
last-modified: Thu, 30 Nov 2023 07:46:31 GMT
server: nginx
etag: "24b5ac0b23ba5534"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 52972

GET
H2 200 imago0368596877h-e1701326617894.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 58 KB
58 KB 20ms
19ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/imago0368596877h-e1701326617894.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8791ae41466e1a1af263c29b547fc045b08858c6d7b631aa570dab5628777bf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 195 443
last-modified: Thu, 30 Nov 2023 06:53:43 GMT
server: nginx
etag: "d1e84ab4e3367456"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 58956

GET
H2 200 imago0334347435h-e1700381460274.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 58 KB
58 KB 8ms
7ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/imago0334347435h-e1700381460274.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 73c8852da7c0532318625289990559a3d7fb95dc9babee7e8176d71b0cf326f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 198 443
last-modified: Sun, 19 Nov 2023 11:27:19 GMT
server: nginx
etag: "c2e0438cb3adaf4f"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 59192

GET
H2 200 sibel-e1701514842262.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/12/ 23 KB
23 KB 8ms
8ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/12/sibel-e1701514842262.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b5ffce37916131117d8b2255f480cf9dc2b41d7d19d0291052106bfc2b04133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 84 443
last-modified: Sun, 03 Dec 2023 15:30:00 GMT
server: nginx
etag: "b04eb7845ab2fb0c"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23332

GET
H2 200 wolfgang-pauritsch-e1700725403718.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/11/ 39 KB
39 KB 9ms
8ms Image
image/webp 192.0.66.149
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.derwesten.de/wp-content/uploads/sites/8/2023/11/wolfgang-pauritsch-e1700725403718.jpg?w=800&h=600&crop=1
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 48f9a8f1d3adcf7e81f43a9e4446e45648a9810b541d727ca4fd99d4d70de8cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
x-rq: hhn2 109 144 443
last-modified: Thu, 23 Nov 2023 13:24:15 GMT
server: nginx
etag: "e3b35049c9909a75"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39658

GET
H2 200 nnamdnas.js Show response
runforrest.derwesten.de/ 204 KB
68 KB 122ms
36ms Script
application/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://runforrest.derwesten.de/nnamdnas.js?id=GTM-NGPP53C

Requested by

Host: www.derwesten.de
URL: https://www.derwesten.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a806d988df86dcb6ded84b9132749ba07b971a8dbc6ba555dd67280b6694f960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Sun, 03 Dec 2023 18:29:43 GMT
last-modified: Sun, 03 Dec 2023 18:00:00 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
access-control-allow-headers: Cache-Control
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

GET
H2 200 liteblower.js Show response
scout.data.funkedigital.de/ 42 KB
15 KB 74ms
15ms Script
application/javascript 34.160.106.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://scout.data.funkedigital.de/liteblower.js
Requested by: Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.106.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.106.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e050d473f0c3a785a85c23ceda9475815bb8ac262059db0da57e859cc817e191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.derwesten.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 17:29:58 GMT
content-encoding: gzip
via: 1.1 google
age: 3585
x-guploader-uploadid: ABPtcPpB89PVIan4fogFiCtBQsRJHQKVCw5SgLKz8Ofa2nbV2LCxWrjQBhktwIqSX3y1S5POHEycWRKlnyGgPEcf4_f5G_5jRd80
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15230
x-goog-meta-max-age: 31536000
last-modified: Fri, 01 Sep 2023 20:43:21 GMT
server: UploadServer
etag: "93b7c8bb9315fdab868ca4ce3fcd2d40"
vary: Accept-Encoding
x-goog-generation: 1693601001526103
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=q6Uzeg==, md5=k7fIu5MV/auGjKTOP80tQA==
cache-control: max-age=31536000
x-goog-stored-content-length: 15230
accept-ranges: bytes
expires: Mon, 02 Dec 2024 17:29:58 GMT

OPTIONS
H2 200 tp2
anonym.data.funkedigital.de/com.snowplowanalytics.snowplow/ 0
0 67ms
22ms Preflight 34.111.164.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://anonym.data.funkedigital.de/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.164.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.164.111.34.bc.googleusercontent.com
Software: akka-http/10.2.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sp-anonymous
Access-Control-Request-Method: POST
Origin: https://www.derwesten.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.derwesten.de
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 03 Dec 2023 18:29:43 GMT
server: akka-http/10.2.9
via: 1.1 google

POST
H3 200 tp2 Show response
anonym.data.funkedigital.de/com.snowplowanalytics.snowplow/ 2 B
18 B 49ms
22ms XHR
text/plain 34.111.164.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://anonym.data.funkedigital.de/com.snowplowanalytics.snowplow/tp2
Requested by: Host: scout.data.funkedigital.de
URL: https://scout.data.funkedigital.de/liteblower.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.164.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.164.111.34.bc.googleusercontent.com
Software: akka-http/10.2.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

SP-Anonymous: *
Referer: https://www.derwesten.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sun, 03 Dec 2023 18:29:43 GMT
via: 1.1 google
server: akka-http/10.2.9
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.derwesten.de
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anonym.data.funkedigital.de
runforrest.derwesten.de
scout.data.funkedigital.de
www.derwesten.de
192.0.66.149
2a00:1450:4001:812::2013
34.111.164.192
34.160.106.120
068019c7c971e0413727ac5dd630676baa8eb68786d31b667277fcc071f76c5e
18f946681e63de1f98402cb1a9d31a420186367c95f1b74383bdd0adf1025248
23cdb5b9c4cb0d8aa470c7a9cf3efcd7d79f4c5803d38f5f20f4999c3be6a580
24d9543a3f357a44bdd2a0ff530b9b6cb1e34494821f86c7c962ecb44d82e8fb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b7c6661d4208cb7bcfa366f322f64ad1873c100d81db2ba50be0b2dae6bb3ae
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
3d7b809185b525f8e3261879357deae30d964900d5ccacda47cf69094a459d8c
41337814690fcb739565b84293722f95a41546dbbade6ac3752927fbc9d6f465
42b5acc85bb439f29d40b84b1d5628317d2b855d3c4e7775be5443176a1d6508
47ea730c0d1c221e563585b077e9d6a26ff978e497dfa31551503d627f9fc26d
48a984a9c090e87361bc89ef6d31ca381e27bb367e3b38b2221a7e6af2c38fa2
48f9a8f1d3adcf7e81f43a9e4446e45648a9810b541d727ca4fd99d4d70de8cd
4c7431ff0a0c099a08b23bbe1d4a46591b62d645ab1be6f0018a92dfe678f4c3
52f08380d1724ba0268119270fc9178786ea5ad56cab4aa8928bfafe92206ac8
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6b5ffce37916131117d8b2255f480cf9dc2b41d7d19d0291052106bfc2b04133
704535e4d21edf9be26df22091fb8c7d33b2a36d87f03a059f52d7d5a0e0148a
73c8852da7c0532318625289990559a3d7fb95dc9babee7e8176d71b0cf326f0
74ac2f4414fa38571ce9a2072b27594f0bab39c8305fdfd14414e68eca5c9a54
7736a39242af8829257c4cbf34c93074ece5f3edaf63aa156c5f8acfee4e10a6
8791ae41466e1a1af263c29b547fc045b08858c6d7b631aa570dab5628777bf3
8d51da9d67c4919fcefc33a8108b6751efb2505a54cf3fc62ea7503e1bb1d42e
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
a806d988df86dcb6ded84b9132749ba07b971a8dbc6ba555dd67280b6694f960
bd4093be4236b4cdf011d3608ca01cdb57a428b3a9a5e5b8c2f1ade7722c1bce
c26e3bcb95b4e65c884ca82b0ea0ceeee1126dd123eec93d0c239fd9992d7d5d
c8719b11a76bd9d1e7070baad88bd22d5cc8718c9ae5662f4b4e88fbf332c79c
db353e6bd52f2dbfd09e459251ae71057b705543fbe76f1726f770f9e896bcab
e050d473f0c3a785a85c23ceda9475815bb8ac262059db0da57e859cc817e191
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
ff1322981e8af1b60bbaf930760d8addcfa46ab82c5af66d7c2a2204d922666c

www.derwesten.de Open in urlscan Pro 192.0.66.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

25 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

1101 kBTransfer

1845 kBSize

0 Cookies

24 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.derwesten.de Open in urlscan Pro
192.0.66.149 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

1101 kB
Transfer

1845 kB
Size

0
Cookies

33 HTTP transactions
0 data transactions