urlscan.io logo urlscan.io
SecurityTrails logo

www.rhein-zeitung.de Open in urlscan Pro
185.132.224.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://was-bringt-2023.de/
Effective URL: https://www.rhein-zeitung.de/abo.html
Submission: On March 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 42 HTTP transactions. The main IP is 185.132.224.41, located in Germany and belongs to DE-MITTELRHEIN-VERLAG-1-AS, DE. The main domain is www.rhein-zeitung.de. The Cisco Umbrella rank of the primary domain is 436077.
TLS certificate: Issued by SSL.com RSA SSL subCA on July 25th 2022. Valid for: a year.
This is the only time www.rhein-zeitung.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1158:100... 8972 (GD-EMEA-D...)
1 22 185.132.224.41 203441 (DE-MITTEL...)
11 13.224.189.20 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 193.105.103.44 203441 (DE-MITTEL...)
1 185.132.224.103 203441 (DE-MITTEL...)
42 6
1    2a00:1158:1000:407::31c (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
was-bringt-2023.de
22    185.132.224.41 (Germany)

ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE)
www.rhein-zeitung.de
11    13.224.189.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-20.fra2.r.cloudfront.net
consent.rhein-zeitung.de
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700:10::6816:36e (United States)

ASN13335 (CLOUDFLARENET, US)
files.upscore.com
hit-pool.upscore.com
2    193.105.103.44 (Germany)

ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE)
PTR: analytics.rhein-zeitung.de
analytics.rhein-zeitung.de
1    185.132.224.103 (Germany)

ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE)
projekt.rhein-zeitung.de
Apex Domain
Subdomains		 Transfer
36 rhein-zeitung.de
www.rhein-zeitung.de — Cisco Umbrella Rank: 436077
consent.rhein-zeitung.de
analytics.rhein-zeitung.de
projekt.rhein-zeitung.de
835 KB
6 upscore.com
files.upscore.com — Cisco Umbrella Rank: 48252
hit-pool.upscore.com — Cisco Umbrella Rank: 44021
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
74 KB
1 was-bringt-2023.de
was-bringt-2023.de
247 B
42 4
Domain Requested by
22 www.rhein-zeitung.de 1 redirects www.rhein-zeitung.de
consent.rhein-zeitung.de
11 consent.rhein-zeitung.de www.rhein-zeitung.de
consent.rhein-zeitung.de
4 hit-pool.upscore.com files.upscore.com
2 analytics.rhein-zeitung.de www.rhein-zeitung.de
analytics.rhein-zeitung.de
2 files.upscore.com www.rhein-zeitung.de
files.upscore.com
1 projekt.rhein-zeitung.de www.rhein-zeitung.de
1 www.googletagmanager.com www.rhein-zeitung.de
1 was-bringt-2023.de 1 redirects
42 8
Subject Issuer Validity Valid
*.rhein-zeitung.de
SSL.com RSA SSL subCA		 2022-07-25 -
2023-08-25		 a year crt.sh
consent.rhein-zeitung.de
R3		 2023-02-11 -
2023-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.upscore.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.rhein-zeitung.de/abo.html
Frame ID: 6F30FC3FDF5BBF7DAA04AE947C03D71B
Requests: 34 HTTP requests in this frame

Frame: https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Frame ID: A5AACFE8F1EEF4B5B6D2BD37A12F97BD
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Abo - Abo - Rhein-Zeitung

Page URL History Show full URLs

  1. http://was-bringt-2023.de/ HTTP 302
    https://www.rhein-zeitung.de/abo.html/ HTTP 301
    https://www.rhein-zeitung.de/abo.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

100 %
HTTPS

43 %
IPv6

4
Domains

8
Subdomains

6
IPs

3
Countries

924 kB
Transfer

2470 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://was-bringt-2023.de/ HTTP 302
    https://www.rhein-zeitung.de/abo.html/ HTTP 301
    https://www.rhein-zeitung.de/abo.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request abo.html
www.rhein-zeitung.de/
Redirect Chain
  • http://was-bringt-2023.de/
  • https://www.rhein-zeitung.de/abo.html/
  • https://www.rhein-zeitung.de/abo.html
54 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
ac4bf3d2a5db1e68ef4feac5873909ff99df582e0914bec6e2102bcde22603f8
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
47886
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 12 Mar 2023 01:10:33 GMT
Transfer-Encoding
chunked
Via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, proxy-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=600
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
Age
35606
Connection
keep-alive
Content-Encoding
gzip
Content-Length
48
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Mar 2023 01:10:33 GMT
Location
/abo.html
Via
1.1 varnish
jquery.3.5.1.js
www.rhein-zeitung.de/pu_rz/scripts/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rhein-zeitung.de/pu_rz/scripts/jquery.3.5.1.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Thu, 19 Nov 2020 12:24:29 GMT
Age
610
ETag
"15d83-5b474cf333940-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30908
Expires
Sun, 19 Mar 2023 01:00:23 GMT
style_1676990693.css
www.rhein-zeitung.de/cms_minify/6/styles/ 		262 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rhein-zeitung.de/cms_minify/6/styles/style_1676990693.css
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
46a5a0d8f844d369c294fab52832f3b333c41e98c8cee02b631c9734f5d1891a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Tue, 21 Feb 2023 14:44:53 GMT
Age
0
ETag
"41756-5f536d28c4340-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
53284
Expires
Sun, 19 Mar 2023 01:10:33 GMT
javascript_1676990691.js
www.rhein-zeitung.de/cms_minify/6/javascript/ 		309 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rhein-zeitung.de/cms_minify/6/javascript/javascript_1676990691.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
a6293992699ddfdf672194044c93195aa9d742073f3f3330dcb898c3737a24b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Tue, 21 Feb 2023 14:44:53 GMT
Age
0
ETag
"4d550-5f536d28c4340-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
89708
Expires
Sun, 19 Mar 2023 01:10:33 GMT
wrapperMessagingWithoutDetection.js
consent.rhein-zeitung.de/ 		165 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67f6c462111ca4caf315cbce36e37f253972c809973980d71eb052b4626ac278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date
Sun, 12 Mar 2023 00:38:35 GMT
last-modified
Thu, 12 Jan 2023 16:02:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
1919
x-amz-server-side-encryption
AES256
etag
W/"839238acc19b6d0f7cf406188cc8da38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
C7ZMfWu1pV7t3yEulaazm2mWy9KeLEDiaGCVKd9PLNG_K1Az9bLz7Q==
1957289_1_headerlogoxl_rhein-zeitung.png
www.rhein-zeitung.de/cms_media/module_img/3914/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/3914/1957289_1_headerlogoxl_rhein-zeitung.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
901efdc3f23b224ef936b58b25ad62856326f92b8b92502f3d954de9206a9890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Tue, 02 Apr 2019 08:00:55 GMT
Age
0
ETag
"32dc-58587895fa2b5"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
13020
Expires
Sun, 19 Mar 2023 01:10:33 GMT
2532997_1_mrvsmallteaser_Aboshop_Produktbild17.png
www.rhein-zeitung.de/cms_media/module_img/5065/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/5065/2532997_1_mrvsmallteaser_Aboshop_Produktbild17.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
93aec0c50ffc8964a3fa0d82d0f6bdacc453a4c960b11c306f46780fa1e9d221

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Nov 2022 11:46:32 GMT
Age
0
ETag
"1622b-5edf99b603e4a"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
90667
Expires
Sun, 19 Mar 2023 01:10:33 GMT
2533000_1_mrvsmallteaser_Aboshop_Produktbild13.png
www.rhein-zeitung.de/cms_media/module_img/5066/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/5066/2533000_1_mrvsmallteaser_Aboshop_Produktbild13.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
39f62b764faea41bbaf44380ce68d69c73bebddd7fa04a016a2fe1a0b7015109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Nov 2022 11:51:24 GMT
Age
0
ETag
"12e05-5edf9acbca4d7"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
77317
Expires
Sun, 19 Mar 2023 01:10:33 GMT
2542979_1_mrvsmallteaser_Aboshop_Produktbild22.png
www.rhein-zeitung.de/cms_media/module_img/5085/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/5085/2542979_1_mrvsmallteaser_Aboshop_Produktbild22.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
1c5f6c54da81a72370e20ea240128d82e51da1eabe1ce3d85206a03e38830cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Dec 2022 15:06:28 GMT
Age
0
ETag
"1a1b0-5efa2d9097e4b"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
106928
Expires
Sun, 19 Mar 2023 01:10:33 GMT
2195680_1_mrvsmallteaser_Self-Service_Spenden.jpg
www.rhein-zeitung.de/cms_media/module_img/4391/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/4391/2195680_1_mrvsmallteaser_Self-Service_Spenden.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
6ce6bce28ae0dd351838c51b58ca3bd6aa53f36a1295fe05afa7f386c0e31c8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Tue, 15 Sep 2020 09:20:33 GMT
Age
0
ETag
"6022-5af56a9bdf167"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
24610
Expires
Sun, 19 Mar 2023 01:10:33 GMT
2195681_1_mrvsmallteaser_Self-Service_Urlaub.jpg
www.rhein-zeitung.de/cms_media/module_img/4391/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/4391/2195681_1_mrvsmallteaser_Self-Service_Urlaub.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
bc80ad7f54459441126495a42048dc01601c088cce2e6817b1419b74e45e029b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Tue, 15 Sep 2020 09:22:27 GMT
Age
0
ETag
"511b-5af56b08c3ae8"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
20763
Expires
Sun, 19 Mar 2023 01:10:33 GMT
1988668_1_mrvsmallteaser_Umzug_AdobeStock_171039616.jpeg
www.rhein-zeitung.de/cms_media/module_img/3977/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/3977/1988668_1_mrvsmallteaser_Umzug_AdobeStock_171039616.jpeg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
9cb05c1ecc7d62461cf560361e9653b6fa64ea9ed93febcbd27a9e647a12c05b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Tue, 02 Apr 2019 08:01:35 GMT
Age
0
ETag
"66b2-585878bbf7f17"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
26290
Expires
Sun, 19 Mar 2023 01:10:33 GMT
2213699_1_mrvsmallteaser_Self-Service_Reklamieren.jpg
www.rhein-zeitung.de/cms_media/module_img/4427/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/4427/2213699_1_mrvsmallteaser_Self-Service_Reklamieren.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
e57e7dba834523f48305a330aa0e06c8693481e61fbb1bac34eadd38039b038d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Fri, 06 Nov 2020 14:00:15 GMT
Age
0
ETag
"4188-5b370a1c4956c"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
16776
Expires
Sun, 19 Mar 2023 01:10:33 GMT
2473392_1_mrvsmallteaser_Ztg_Kuendigen_Aboshop_RheinZeitungDe13.jpg
www.rhein-zeitung.de/cms_media/module_img/4946/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/4946/2473392_1_mrvsmallteaser_Ztg_Kuendigen_Aboshop_RheinZeitungDe13.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
2ac7c5d7c463af1b1e07a2bee61255662eeca96b54addbfe16ac8410c19bb5d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Thu, 30 Jun 2022 06:04:11 GMT
Age
0
ETag
"2dfb-5e2a409e09d8d"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
11771
Expires
Sun, 19 Mar 2023 01:10:33 GMT
gtm.js
www.googletagmanager.com/ 		239 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPWD2W
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c00dbe0e2842d2d032cc21a74c207803c0e21e3d846cb1142dc560ab6071574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75369
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Mar 2023 01:10:33 GMT
get_site_data
consent.rhein-zeitung.de/mms/v2/ 		199 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.rhein-zeitung.de%2Fabo.html&account_id=1724
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
/
Resource Hash
cfb0d3887b5638108229b6e785dbae0e1bf675c21eed176a0a0e7434fb1f825b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-32-70
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
cYmAFyXNE2Kly9FSyOMcrbuZJw-wSzy-GZe9bFIO9JFChun0MOpd5g==
upScore.js
files.upscore.com/async/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.upscore.com/async/upScore.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27535b213221942871207d4b519e5060c6633abfd599ffc0a17b1d46d1222938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 14:00:08 GMT
server
cloudflare
x-amz-request-id
CQDR3VP691HH2K68
age
7747
etag
W/"add40eab6ce2ba695166064c1eafe293"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a68287bab2a5b92-FRA
x-amz-id-2
bpHHAgPqLFwfWsiFboYwAO8qxPXGn5e6xZPkPGS2Ij3QwD7DdqpY66tFtuzViSVS2SkTkoP90fX37x+7bLqCFQ==
/
www.rhein-zeitung.de/pu_rz/assets/login/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rhein-zeitung.de/pu_rz/assets/login/?t=0.28588186096668466
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
4628971815145e682f40e31bc91af0f5a6a18fa693b72e02ea38d7de31755e2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Mar 2023 01:10:33 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
0
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
assets_ico.png
www.rhein-zeitung.de/pu_rz/images/icons/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/pu_rz/images/icons/assets_ico.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/cms_minify/6/styles/style_1676990693.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
53bf7016e1c2d2bf665ee3df7eea750ca7f88c7e4dbd1978d293bad81cfebcab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/cms_minify/6/styles/style_1676990693.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
1633
ETag
"256e-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9582
Expires
Sun, 19 Mar 2023 00:43:20 GMT
magnify.png
www.rhein-zeitung.de/pu_rz/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/pu_rz/images/icons/magnify.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/cms_minify/6/styles/style_1676990693.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
5a45d491e14af52982990407b771f67d120516ad6698633684847befb3037070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/cms_minify/6/styles/style_1676990693.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
2351
ETag
"4c7-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1223
Expires
Sun, 19 Mar 2023 00:31:22 GMT
latest-version
consent.rhein-zeitung.de/consent/tcfv2/vendor-list/ 		204 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/consent/tcfv2/vendor-list/latest-version?siteId=16747&accountId=1724&hasCsp=true
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
/
Resource Hash
6c0f12eb0cd2fdc7e3a6bd2c9592b0f38d4b616a495045704d1e593ad0ceca97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
204
x-amz-cf-id
NeKIlGRZPXRsqCUXqxh93NB0iYQZWZrFx8CepDMpEgV55Kfz7F5Wgg==
latest-version
consent.rhein-zeitung.de/consent/tcfv2/vendor-list/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/consent/tcfv2/vendor-list/latest-version?siteId=16747&accountId=1724&hasCsp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.rhein-zeitung.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=0, s-maxage=600
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 12 Mar 2023 01:10:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-id
gDnImzhJWLmkAoZEQX0tXqb7h8g01SxQctqTdNaFWekiZbTBh9KE4g==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
sudoku_white.png
www.rhein-zeitung.de/pu_rz/images/icons/ 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/pu_rz/images/icons/sudoku_white.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/cms_minify/6/styles/style_1676990693.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
1c3f860d9fa1fb411cd50a7d0bb30059cbfcb8cd58e2ce6c8e03aa1219bf61ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/cms_minify/6/styles/style_1676990693.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
2351
ETag
"38d-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
909
Expires
Sun, 19 Mar 2023 00:31:23 GMT
regiomap.html
www.rhein-zeitung.de/pu_rz/ajax/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rhein-zeitung.de/pu_rz/ajax/regiomap.html
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/pu_rz/scripts/jquery.3.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
b4442083fa57743ae53f14a2086eb0aa0eb67dd7c5bfe8913aee72124595817d

Request headers

Accept
*/*
Referer
https://www.rhein-zeitung.de/abo.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Tue, 26 May 2020 13:35:51 GMT
Age
0
ETag
"2b3c-5a68d2c83fbc0-gzip"
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
3160
rhein-zeitung.de.js
files.upscore.com/config/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.upscore.com/config/rhein-zeitung.de.js
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c0762b4f0ed91f582157da66c235f1ef3980c972b0c565c39f515b6bef244cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Tue, 21 Feb 2023 15:20:22 GMT
server
cloudflare
x-amz-request-id
0BM3EZHZ6SDWR9EJ
etag
W/"2280b7efd8a320c28da4d55137948f63"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a68287bfb5a5b92-FRA
x-amz-id-2
XB/shnrxzWUa20z2QJl8vkfL2ThLaLTXgB7r1gU6AKlDGKIvud2hc/fJ8J86hoTeBBl7ZoFRGWU=
regiomap_blank.png
www.rhein-zeitung.de/pu_rz/images/regiomap/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/pu_rz/images/regiomap/regiomap_blank.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
44dbcffdb934b78196f81bd0238ae25302903b4f0ea8e6b84dba21b9eb8e94dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
2226
ETag
"418-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1048
Expires
Sun, 19 Mar 2023 00:33:27 GMT
regiomap_locations.png
www.rhein-zeitung.de/pu_rz/images/regiomap/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/pu_rz/images/regiomap/regiomap_locations.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
35058b0df3e7076a7d3b310c63a2efe6b4952b8c8406d5e2780c6e5522a13a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/abo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
2226
ETag
"4131-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16689
Expires
Sun, 19 Mar 2023 00:33:27 GMT
new-user
consent.rhein-zeitung.de/wrapper/tcfv2/v2/gdpr/native-message/ 		507 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A16747%2C%22accountId%22%3A1724%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.rhein-zeitung.de%2Fabo.html%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.rhein-zeitung.de%22%2C%22targetingParams%22%3A%22%7B%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D&scriptVersion=2.5.0&scriptType=tcfv2
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
/ Express
Resource Hash
074592ceabff37eb6ec6901923d4bafe60bf973e05f0d6139ca96930a446bef3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
D-nYAIelpwYrHmpl3lC3MZQdM5pzFnpxBZaGNTTvsHVdBAfD6I6rEA==
new-user
consent.rhein-zeitung.de/wrapper/tcfv2/v2/gdpr/native-message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A16747%2C%22accountId%22%3A1724%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.rhein-zeitung.de%2Fabo.html%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.rhein-zeitung.de%22%2C%22targetingParams%22%3A%22%7B%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D&scriptVersion=2.5.0&scriptType=tcfv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.rhein-zeitung.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=1200
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 12 Mar 2023 01:10:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-id
6OEi04b7mpQdEbbZEPk5oy-CgxBKzm2I-E71tmolfiDIBiGKCcqrIA==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-powered-by
Express
matomo.js
analytics.rhein-zeitung.de/ 		65 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.rhein-zeitung.de/matomo.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.105.103.44 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
analytics.rhein-zeitung.de
Software
Apache/2.4.37 (Oracle Linux) OpenSSL/1.1.1k /
Resource Hash
a98bcbffd5d9ea7bf01dfdc4d0b7f0c75bfcefffa62a51e237082f7d05d18987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Last-Modified
Tue, 08 Nov 2022 13:29:25 GMT
Server
Apache/2.4.37 (Oracle Linux) OpenSSL/1.1.1k
ETag
"10300-5ecf5875524c8"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
66304
/
hit-pool.upscore.com/ 		3 B
94 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
7a68287c5b845b92-FRA
matomo.php
analytics.rhein-zeitung.de/ 		0
298 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.rhein-zeitung.de/matomo.php?action_name=www.rhein-zeitung.de%2FAbo%20-%20Abo%20-%20Rhein-Zeitung&idsite=1&rec=1&r=679325&h=1&m=10&s=33&url=https%3A%2F%2Fwww.rhein-zeitung.de%2Fabo.html&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=q5sYPA&pf_net=0&pf_srv=13&pf_tfr=7&pf_dm1=262&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: analytics.rhein-zeitung.de
URL: https://analytics.rhein-zeitung.de/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.105.103.44 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
analytics.rhein-zeitung.de
Software
Apache/2.4.37 (Oracle Linux) OpenSSL/1.1.1k / PHP/8.0.13
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
https://www.rhein-zeitung.de
Date
Sun, 12 Mar 2023 01:10:33 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.37 (Oracle Linux) OpenSSL/1.1.1k
Connection
Keep-Alive
X-Powered-By
PHP/8.0.13
Keep-Alive
timeout=5, max=99
/
hit-pool.upscore.com/ 		3 B
76 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
7a68287ccbad5b92-FRA
index.html
consent.rhein-zeitung.de/ Frame A5AA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00

Request headers

Referer
https://www.rhein-zeitung.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2445
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Sun, 12 Mar 2023 00:29:49 GMT
etag
W/"56ced6c92a94bd4ee47d5c270e624599"
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id
xis2H4-iM0w-IFNU32NtnGH92cgMorFlxBeamh9TZJxl68bknL2tXQ==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Notice.cebe9.css
consent.rhein-zeitung.de/ Frame A5AA 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/Notice.cebe9.css
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 00:37:31 GMT
content-encoding
gzip
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
3080
x-amz-server-side-encryption
AES256
etag
W/"2906e24155ed9b893ffa1589740821ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
KfplEpXQWfy652uBK7A0t1X4Qa_X29xxvMaAczsn6_un5EWOPej8Tg==
polyfills.d36c5.js
consent.rhein-zeitung.de/ Frame A5AA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/polyfills.d36c5.js
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 00:30:35 GMT
content-encoding
gzip
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2415
x-amz-server-side-encryption
AES256
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
iTqnnVqkdgm3MoICA4QR0nTnRFdUS_MKeJOedjSfjqtBtHLe2JVYXA==
Notice.3712f.js
consent.rhein-zeitung.de/ Frame A5AA 		262 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/Notice.3712f.js
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 00:50:12 GMT
content-encoding
gzip
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
last-modified
Thu, 02 Mar 2023 17:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
1222
x-amz-server-side-encryption
AES256
etag
W/"93ded739e3803e21694d7a33dfe765e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
xnWR2fpU2hScpmajRhc3kNCabJ1IZkxhziOxpJHzau-lKG6f3yxG9Q==
categories
consent.rhein-zeitung.de/consent/tcfv2/vendor-list/ Frame A5AA 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.rhein-zeitung.de/consent/tcfv2/vendor-list/categories?siteId=16747&consentLanguage=de
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/Notice.3712f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
/
Resource Hash
2136428307dd5b9f53e823d1d7fa58b8f82bfb020c369800c5f0dae7ce817ce5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 01:10:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
c8ye9IfStTGaOOtwzV5CaMsneW5IMpZNTtNau5zIzjYWWs3rjBmSCg==
rhein-zeitung-heimatausgaben-cmp.png
www.rhein-zeitung.de/pu_rz/images/logos/ Frame A5AA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhein-zeitung.de/pu_rz/images/logos/rhein-zeitung-heimatausgaben-cmp.png
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/index.html?message_id=760108&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
d495c3693a73a123f064c5bb5b3b1a12c13ffc60f71868f4bb24337ec4f57b4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:33 GMT
Via
1.1 varnish
Last-Modified
Wed, 24 Jun 2020 12:37:22 GMT
Age
1391
ETag
"1bd7-5a8d3bcc2c480"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7127
Expires
Sun, 19 Mar 2023 00:47:22 GMT
/
hit-pool.upscore.com/ 		3 B
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 01:10:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
7a68287eccc45b92-FRA
script.min.js
projekt.rhein-zeitung.de/mrv/banner/abo/plus/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projekt.rhein-zeitung.de/mrv/banner/abo/plus/script.min.js?v=.005
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/abo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.132.224.103 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3abf4bf7d869e94ffe90aa52946083651e696bf8a7532d6dd275cf709baddab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 01:10:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Feb 2023 14:02:01 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1ee0-5f5c30a224840-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, noarchive, nosnippet
Keep-Alive
timeout=5, max=100
Content-Length
2563
/
hit-pool.upscore.com/ 		3 B
76 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Mar 2023 01:10:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
7a682880edee5b92-FRA

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| MSOdataLayer object| dataLayer function| __tcfapi object| _sp_ function| upScore object| handleLogin object| fse function| $ function| jQuery function| addWindowOnLoadEvent function| jsonp function| setIntervalRedirect function| openLinkWindow function| getLayer function| showHideAdLayer function| getItemStatisticResource function| getItemStatisticImage function| item_statistic function| getUnobscuredLink function| unobscure function| onClickSetCachingHashCookie function| autoHeightIframe function| nfyStroeerSlot function| nfyStroeerLoadSlot function| ClusterMarker object| NFYAdvertisement object| dragobjekt number| dragx number| dragy number| posx number| posy function| draginit function| dragstart function| dragstop function| drag function| NFYF_GoogleMapsV3 function| rwInitial function| onclick_statistic object| swfobject string| pu_dir function| isMobildeDevice function| checkMobileNavigation function| openMobileNavigation function| moveNavigationElements function| removeNavigationElements function| checkMobileNavWrapper function| fixedNavigation function| handleSearchLayer function| insertRelatedQuote function| playEmbeddedYouTubeVideo function| articleShareButtons function| mrvPageHead function| ArticleCall function| WebAppCall function| checkWebAppDisplayMode function| mrvScrollToTop function| mobileTouchMenu function| cloneMenuForMobileScrollElement function| markSelectedPageInScrollMenu function| showMobileTouchMenuOnScroll function| handleEventFormRequests function| mrvXMLHttpRequest function| mrv_itemstatistic function| mrv_htmldecode function| getAricleTimeDiff function| adCopyrightToCopy function| initVmap function| removeClassFromMap function| formatVmapText boolean| loginLayerFlag function| elementHasClass function| initLoginLayer function| hideUnusedModals function| electionTableLayer function| handleElectionJsonErrors function| fetchElectionJson function| electionGetCobo function| loadElectionImages function| electionGetWkMenu function| initElectionMenu function| capitalizeFirstLetter function| electionGetWkResult function| initElectionResultChart function| electionchartbarheight function| electionchartresultsign function| buildTableLayer function| reloadIvw function| getSsoDomain function| handlePaymentFormAction function| getUpdatedText object| mrvTeaserScrollWrapper function| newsletterUnsubscribeForm function| getCustomFormSelectFields function| formSendController function| sendMailForm function| checkExternalContentConsent function| externalContentConsentCookie function| externalContentLoader function| deleteExternalContentConsentCookie function| externalContentWriteIframe function| externalContentLoaderTwitter function| externalContentLoaderFlourish function| externalContentLoaderConsentCookieSlider function| externalContentLoaderConsentCookieInput function| externalContentLoaderConsentCookieRemoveLink function| externalContentLoaderCapitalizeFirstLetter function| setSmartserverCookie object| lazySizesConfig object| lazySizes object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| sas object| googletag function| docReady object| google_tag_manager object| google_tag_data object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| _sp_queue string| nfyLoginLink string| nfyPaymentLoginLink string| nfyLoginScriptContent boolean| isGuest undefined| loginLink string| registerLink string| nfySsoDomain string| nfySSoClientId

6 Cookies

Domain/Path Name / Value
.rhein-zeitung.de/ Name: _sp_enable_dfp_personalized_ads
Value: false
www.rhein-zeitung.de/ Name: _sp_v1_uid
Value: 1:755:9a5fad73-5a7f-461d-bf22-0e27fcd2a843
www.rhein-zeitung.de/ Name: _sp_v1_data
Value: 2:581098:1678583433:0:1:0:1:0:0:_:-1
www.rhein-zeitung.de/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKRmbkgRgGtbE6MUqpIGZeaU4OkF0CVlBdi1tCKRYAmuD4I1IAAAA%3D
.rhein-zeitung.de/ Name: _sp_su
Value: false
www.rhein-zeitung.de/ Name: rfFUS
Value: 71e7fe13d0c4efcfcbf343203702e42e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.rhein-zeitung.de
consent.rhein-zeitung.de
files.upscore.com
hit-pool.upscore.com
projekt.rhein-zeitung.de
was-bringt-2023.de
www.googletagmanager.com
www.rhein-zeitung.de
13.224.189.20
185.132.224.103
185.132.224.41
193.105.103.44
2606:4700:10::6816:36e
2a00:1158:1000:407::31c
2a00:1450:4001:82b::2008
074592ceabff37eb6ec6901923d4bafe60bf973e05f0d6139ca96930a446bef3
1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00
1c3f860d9fa1fb411cd50a7d0bb30059cbfcb8cd58e2ce6c8e03aa1219bf61ae
1c5f6c54da81a72370e20ea240128d82e51da1eabe1ce3d85206a03e38830cdb
2136428307dd5b9f53e823d1d7fa58b8f82bfb020c369800c5f0dae7ce817ce5
27535b213221942871207d4b519e5060c6633abfd599ffc0a17b1d46d1222938
2ac7c5d7c463af1b1e07a2bee61255662eeca96b54addbfe16ac8410c19bb5d1
35058b0df3e7076a7d3b310c63a2efe6b4952b8c8406d5e2780c6e5522a13a19
39f62b764faea41bbaf44380ce68d69c73bebddd7fa04a016a2fe1a0b7015109
3abf4bf7d869e94ffe90aa52946083651e696bf8a7532d6dd275cf709baddab0
44dbcffdb934b78196f81bd0238ae25302903b4f0ea8e6b84dba21b9eb8e94dd
4628971815145e682f40e31bc91af0f5a6a18fa693b72e02ea38d7de31755e2f
46a5a0d8f844d369c294fab52832f3b333c41e98c8cee02b631c9734f5d1891a
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478
4c00dbe0e2842d2d032cc21a74c207803c0e21e3d846cb1142dc560ab6071574
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
53bf7016e1c2d2bf665ee3df7eea750ca7f88c7e4dbd1978d293bad81cfebcab
5a45d491e14af52982990407b771f67d120516ad6698633684847befb3037070
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
67f6c462111ca4caf315cbce36e37f253972c809973980d71eb052b4626ac278
6c0f12eb0cd2fdc7e3a6bd2c9592b0f38d4b616a495045704d1e593ad0ceca97
6ce6bce28ae0dd351838c51b58ca3bd6aa53f36a1295fe05afa7f386c0e31c8e
901efdc3f23b224ef936b58b25ad62856326f92b8b92502f3d954de9206a9890
93aec0c50ffc8964a3fa0d82d0f6bdacc453a4c960b11c306f46780fa1e9d221
9c0762b4f0ed91f582157da66c235f1ef3980c972b0c565c39f515b6bef244cb
9cb05c1ecc7d62461cf560361e9653b6fa64ea9ed93febcbd27a9e647a12c05b
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a6293992699ddfdf672194044c93195aa9d742073f3f3330dcb898c3737a24b1
a98bcbffd5d9ea7bf01dfdc4d0b7f0c75bfcefffa62a51e237082f7d05d18987
ac4bf3d2a5db1e68ef4feac5873909ff99df582e0914bec6e2102bcde22603f8
b4442083fa57743ae53f14a2086eb0aa0eb67dd7c5bfe8913aee72124595817d
bc80ad7f54459441126495a42048dc01601c088cce2e6817b1419b74e45e029b
cfb0d3887b5638108229b6e785dbae0e1bf675c21eed176a0a0e7434fb1f825b
d495c3693a73a123f064c5bb5b3b1a12c13ffc60f71868f4bb24337ec4f57b4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc
e57e7dba834523f48305a330aa0e06c8693481e61fbb1bac34eadd38039b038d