Submitted URL: http://rz-online.de/
Effective URL: https://www.rhein-zeitung.de/
Submission: On November 22 via manual from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 47 HTTP transactions. The main IP is 185.132.224.41, located in Germany and belongs to DE-MITTELRHEIN-VERLAG-1-AS, DE. The main domain is www.rhein-zeitung.de. The Cisco Umbrella rank of the primary domain is 625746.
TLS certificate: Issued by SSL.com RSA SSL subCA on July 25th 2022. Valid for: a year.
This is the only time www.rhein-zeitung.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 29 185.132.224.41 203441 (DE-MITTEL...)
11 99.86.4.75 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 193.105.103.44 203441 (DE-MITTEL...)
1 176.9.51.141 24940 (HETZNER-AS)
47 7
Apex Domain
Subdomains
Transfer
41 rhein-zeitung.de
www.rhein-zeitung.de — Cisco Umbrella Rank: 625746
consent.rhein-zeitung.de
analytics.rhein-zeitung.de
677 KB
7 upscore.com
files.upscore.com — Cisco Umbrella Rank: 49620
hit-pool.upscore.com — Cisco Umbrella Rank: 42903
positions.upscore.com — Cisco Umbrella Rank: 87650
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
75 KB
1 rz-online.de
rz-online.de
274 B
47 4
Domain Requested by
28 www.rhein-zeitung.de 2 redirects www.rhein-zeitung.de
consent.rhein-zeitung.de
11 consent.rhein-zeitung.de www.rhein-zeitung.de
consent.rhein-zeitung.de
4 hit-pool.upscore.com files.upscore.com
2 analytics.rhein-zeitung.de www.rhein-zeitung.de
analytics.rhein-zeitung.de
2 files.upscore.com www.rhein-zeitung.de
files.upscore.com
1 positions.upscore.com files.upscore.com
1 www.googletagmanager.com www.rhein-zeitung.de
1 rz-online.de 1 redirects
47 8
Subject Issuer Validity Valid
*.rhein-zeitung.de
SSL.com RSA SSL subCA
2022-07-25 -
2023-08-25
a year crt.sh
consent.rhein-zeitung.de
R3
2022-10-16 -
2023-01-14
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.upscore.com
Go Daddy Secure Certificate Authority - G2
2021-11-28 -
2022-12-30
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.rhein-zeitung.de/
Frame ID: 108B8A2F68F60A5BC1985D098A259240
Requests: 44 HTTP requests in this frame

Frame: https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Frame ID: 5EBE405D464F4806815C412DA3B5602B
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Rhein-Zeitung

Page URL History Show full URLs

  1. http://rz-online.de/ HTTP 301
    https://www.rhein-zeitung.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

96 %
HTTPS

33 %
IPv6

4
Domains

8
Subdomains

7
IPs

2
Countries

766 kB
Transfer

2367 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rz-online.de/ HTTP 301
    https://www.rhein-zeitung.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.rhein-zeitung.de/cms_media/module_img/39/19501_1294_org_titelseite.jpg HTTP 301
  • https://www.rhein-zeitung.de/cms_media/module_img/39/19501_3472_org_titelseite.jpg
Request Chain 8
  • https://www.rhein-zeitung.de/cms_media/module_img/3980/1990024_1_org_bergeundmeer.png HTTP 301
  • https://www.rhein-zeitung.de/cms_media/module_img/3980/1990024_2_org_bergeundmeer.png

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.rhein-zeitung.de/
Redirect Chain
  • http://rz-online.de/
  • https://www.rhein-zeitung.de/
141 KB
51 KB
Document
General
Full URL
https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
b457e5f1cc2fccd5e286a8dcf728fb33bf4abfec6afdfa79edc05b0c048c5e60
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
81
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Nov 2022 19:11:26 GMT
Transfer-Encoding
chunked
Via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, proxy-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=600
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
Age
56
Connection
keep-alive
Content-Encoding
gzip
Content-Length
195
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 22 Nov 2022 19:11:26 GMT
Location
https://www.rhein-zeitung.de
Via
1.1 varnish
jquery.3.5.1.js
www.rhein-zeitung.de/pu_rz/scripts/
87 KB
31 KB
Script
General
Full URL
https://www.rhein-zeitung.de/pu_rz/scripts/jquery.3.5.1.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Thu, 19 Nov 2020 12:24:29 GMT
Age
185
ETag
"15d83-5b474cf333940-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30908
Expires
Tue, 29 Nov 2022 19:08:21 GMT
style_1669135466.css
www.rhein-zeitung.de/cms_minify/6/styles/
254 KB
51 KB
Stylesheet
General
Full URL
https://www.rhein-zeitung.de/cms_minify/6/styles/style_1669135466.css
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
09935100b8bb1bb67a8ca8973df3f364a29a626f4b5d7d695268c65d8e1adb53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Tue, 22 Nov 2022 16:44:30 GMT
Age
0
ETag
"3f84e-5ee11e2cc0584-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
51938
Expires
Tue, 29 Nov 2022 19:11:26 GMT
javascript_1669135465.js
www.rhein-zeitung.de/cms_minify/6/javascript/
313 KB
89 KB
Script
General
Full URL
https://www.rhein-zeitung.de/cms_minify/6/javascript/javascript_1669135465.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
889c51dbfd9139ca159ab6149650e2d8574463ebed4eadc6bfb9e03c3ee340e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Tue, 22 Nov 2022 16:44:29 GMT
Age
0
ETag
"4e3cd-5ee11e2c571eb-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
90773
Expires
Tue, 29 Nov 2022 19:11:26 GMT
wrapperMessagingWithoutDetection.js
consent.rhein-zeitung.de/
164 KB
47 KB
Script
General
Full URL
https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55cd49237a0f954bd30bce28fbf1867a7d51f4b9148acf72a99b7e3d700ddd0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
date
Tue, 22 Nov 2022 18:32:25 GMT
last-modified
Thu, 10 Nov 2022 17:29:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
2343
etag
W/"462b207ea9cab83268e58d2406f23254"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
g48qERXgvvkpbd2NBSjPlMIBTw-T3jehn-iN55E1k2nlHJzR-jELlA==
19501_3472_org_titelseite.jpg
www.rhein-zeitung.de/cms_media/module_img/39/
Redirect Chain
  • https://www.rhein-zeitung.de/cms_media/module_img/39/19501_1294_org_titelseite.jpg
  • https://www.rhein-zeitung.de/cms_media/module_img/39/19501_3472_org_titelseite.jpg
18 KB
18 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/39/19501_3472_org_titelseite.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
71ec8bd3b7b268124c089c12751dc8ea31da4da41a28237d40b13d4a1f2b309e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Tue, 22 Nov 2022 07:00:06 GMT
Age
0
ETag
"4757-5ee09b8d117e1"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
18263
Expires
Tue, 29 Nov 2022 19:11:26 GMT

Redirect headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
184
Content-Type
text/html; charset=UTF-8
Location
/cms_media/module_img/39/19501_3472_org_titelseite.jpg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
1957289_1_headerlogoxl_rhein-zeitung.png
www.rhein-zeitung.de/cms_media/module_img/3914/
13 KB
13 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/3914/1957289_1_headerlogoxl_rhein-zeitung.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
901efdc3f23b224ef936b58b25ad62856326f92b8b92502f3d954de9206a9890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Tue, 02 Apr 2019 08:00:55 GMT
Age
0
ETag
"32dc-58587895fa2b5"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
13020
Expires
Tue, 29 Nov 2022 19:11:26 GMT
placeholderalpha.png
www.rhein-zeitung.de/pu_rz/images/teaser/
957 B
1 KB
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/teaser/placeholderalpha.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
723335fcbd25db6cefa4769a3093b639f4505ba4dfe2fbea64a25834ef899450

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
184
ETag
"3bd-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
957
Expires
Tue, 29 Nov 2022 19:08:22 GMT
gtm.js
www.googletagmanager.com/
238 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPWD2W
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc3e7224a34abb5692775d6f734097cd94236ff88cc4c740316a312bcaae9734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76368
x-xss-protection
0
last-modified
Tue, 22 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Nov 2022 19:11:26 GMT
1990024_2_org_bergeundmeer.png
www.rhein-zeitung.de/cms_media/module_img/3980/
Redirect Chain
  • https://www.rhein-zeitung.de/cms_media/module_img/3980/1990024_1_org_bergeundmeer.png
  • https://www.rhein-zeitung.de/cms_media/module_img/3980/1990024_2_org_bergeundmeer.png
3 KB
3 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/3980/1990024_2_org_bergeundmeer.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
6b9f0a9b992ec55a15f8d5e1cb55a6486b466358e20e2e7acb7bcdefd0bdd3eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Wed, 27 Mar 2019 16:12:06 GMT
Age
0
ETag
"a10-58515b2f451fd"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
2576
Expires
Tue, 29 Nov 2022 19:11:26 GMT

Redirect headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
174
Content-Type
text/html; charset=UTF-8
Location
/cms_media/module_img/3980/1990024_2_org_bergeundmeer.png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
regenschauer.svg
www.rhein-zeitung.de/pu_rz/images/wetter/svg/
950 B
957 B
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/wetter/svg/regenschauer.svg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
d19653f2f25cda4d3f954b99b168d752c298c9cd290f547a3b254483049a6394

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
0
ETag
"3b6-58ca3e2babcc0-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=31536050
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
559
Expires
Wed, 22 Nov 2023 19:12:16 GMT
regen.svg
www.rhein-zeitung.de/pu_rz/images/wetter/svg/
2 KB
1 KB
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/wetter/svg/regen.svg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
1c39c930845a79483c26edd785de5fbdda499dfdc6474859c562fc961e45da82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
0
ETag
"626-58ca3e2babcc0-gzip"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=31536050
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
744
Expires
Wed, 22 Nov 2023 19:12:16 GMT
transmaticowidget.js
www.rhein-zeitung.de/pu_rz/assets/js/
3 KB
2 KB
Script
General
Full URL
https://www.rhein-zeitung.de/pu_rz/assets/js/transmaticowidget.js?v=20220511
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
332b162795130c2b6b378998a2791d6c9f63c0b3ef8de2794f31db8b1259293c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Wed, 11 May 2022 11:20:27 GMT
Age
168
ETag
"a6f-5debaa0d2b4c0-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1335
Expires
Tue, 29 Nov 2022 19:08:38 GMT
1975229_1_bubbleimagelink_AdobeStock_181021829.jpeg
www.rhein-zeitung.de/cms_media/module_img/3950/
9 KB
9 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/3950/1975229_1_bubbleimagelink_AdobeStock_181021829.jpeg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
dd0934e70cccc753423ada323bba83fb3523fae61d12b3d05d16c422460dc21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Tue, 02 Apr 2019 08:01:35 GMT
Age
0
ETag
"2215-585878bc07530"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
8725
Expires
Tue, 29 Nov 2022 19:11:26 GMT
1975153_1_bubbleimagelink_AdobeStock_53996005.jpeg
www.rhein-zeitung.de/cms_media/module_img/3950/
21 KB
21 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/3950/1975153_1_bubbleimagelink_AdobeStock_53996005.jpeg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
07b0157e24b339e2ff858fddf1f47122cc4c6befdfd39983e84c1c5a28a5803a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Tue, 02 Apr 2019 08:01:18 GMT
Age
0
ETag
"525f-585878abd98c5"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
21087
Expires
Tue, 29 Nov 2022 19:11:26 GMT
get_site_data
consent.rhein-zeitung.de/mms/v2/
199 B
628 B
XHR
General
Full URL
https://consent.rhein-zeitung.de/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.rhein-zeitung.de%2F&account_id=1724
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
Jetty(9.4.2.v20170220) /
Resource Hash
cfb0d3887b5638108229b6e785dbae0e1bf675c21eed176a0a0e7434fb1f825b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 20:05:11 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-32-173
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
server
Jetty(9.4.2.v20170220)
x-amz-cf-pop
FRA6-C1
age
601575
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=0, s-maxage=2592000
access-control-allow-credentials
true
x-amz-cf-id
pZAqOiQSgk0qJk7-Ofz57AHXWci-wdCPGdsdNHPWwcGDdhQu6Wqpsg==
upScore.js
files.upscore.com/async/
40 KB
14 KB
Script
General
Full URL
https://files.upscore.com/async/upScore.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ba287a1a52d4ee6877affa8e40a939dd4fb1d483ca6d78ef9717b4413762d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:11:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Nov 2022 13:55:12 GMT
server
cloudflare
x-amz-request-id
2QJW8TBW3V5FVFQG
age
8174
etag
W/"a647643e563bec9faed7d25e9da7fbd2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
76e3f88e7dbd9b67-FRA
x-amz-id-2
Y2L0J4tLFaCUOT9yg8Y4nQ0GGv8+4SfiW70NR+phygp2a8wn1aGZAQ8pO6ZJftnwmK3fkf46Opk=
/
www.rhein-zeitung.de/pu_rz/assets/login/
2 KB
1 KB
Script
General
Full URL
https://www.rhein-zeitung.de/pu_rz/assets/login/?t=0.9350883488962491
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
cfa13ce439f3b3dd86daf643fd432cd2975563f24377827a37706b5f6a3daaff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
0
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
latest-version
consent.rhein-zeitung.de/consent/tcfv2/vendor-list/
204 B
699 B
XHR
General
Full URL
https://consent.rhein-zeitung.de/consent/tcfv2/vendor-list/latest-version?siteId=16747&accountId=1724&hasCsp=true
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
/
Resource Hash
7fcea801e636d58ecfe0078dbc072a2e6f0a279a363c54987793e423af921671
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Nov 2022 19:02:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
543
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=0, s-maxage=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
204
x-amz-cf-id
V6leZYm0ctCuk_qEvF2tKmghuO_bxO3EeaQnf6qGeKnDCo5217vtYg==
latest-version
consent.rhein-zeitung.de/consent/tcfv2/vendor-list/ Frame
0
0
Preflight
General
Full URL
https://consent.rhein-zeitung.de/consent/tcfv2/vendor-list/latest-version?siteId=16747&accountId=1724&hasCsp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.rhein-zeitung.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
600
age
163
cache-control
max-age=0, s-maxage=600
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 22 Nov 2022 19:08:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id
qnrurc3KlRYOofrDzgDeNyBtDruOqJfyXOZmYrgt66WlQJdvq2ZweQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
assets_ico.png
www.rhein-zeitung.de/pu_rz/images/icons/
9 KB
10 KB
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/icons/assets_ico.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/cms_minify/6/styles/style_1669135466.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
53bf7016e1c2d2bf665ee3df7eea750ca7f88c7e4dbd1978d293bad81cfebcab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/cms_minify/6/styles/style_1669135466.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
184
ETag
"256e-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9582
Expires
Tue, 29 Nov 2022 19:08:22 GMT
magnify.png
www.rhein-zeitung.de/pu_rz/images/icons/
1 KB
2 KB
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/icons/magnify.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/cms_minify/6/styles/style_1669135466.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
5a45d491e14af52982990407b771f67d120516ad6698633684847befb3037070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/cms_minify/6/styles/style_1669135466.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
184
ETag
"4c7-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1223
Expires
Tue, 29 Nov 2022 19:08:22 GMT
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
26 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
228 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f273308e60bbbb2c422149e912c93453e6e1fe15ca38a1bcdd4c6fc5536b6da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
338 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59b05f9b2f0e5d27ba66c2fd31e288fd409d2a500e619809c3f7d2bdae6ea08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
377 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d648839e474173a011e3251136147e26762d7b121249688c7aac0873c20eee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
sudoku_white.png
www.rhein-zeitung.de/pu_rz/images/icons/
909 B
1 KB
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/icons/sudoku_white.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/cms_minify/6/styles/style_1669135466.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
1c3f860d9fa1fb411cd50a7d0bb30059cbfcb8cd58e2ce6c8e03aa1219bf61ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/cms_minify/6/styles/style_1669135466.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
184
ETag
"38d-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
909
Expires
Tue, 29 Nov 2022 19:08:22 GMT
new-user
consent.rhein-zeitung.de/wrapper/tcfv2/v2/gdpr/native-message/
525 KB
29 KB
XHR
General
Full URL
https://consent.rhein-zeitung.de/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A16747%2C%22accountId%22%3A1724%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.rhein-zeitung.de%2F%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.rhein-zeitung.de%22%2C%22targetingParams%22%3A%22%7B%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
2e935244d32e75de4e342691c07356c1d58d06d261f2d7879b1c509a1c1845f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Nov 2022 19:11:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
aLj1myJRdFIOGEBPZOnb3PICHjblNWUJZpWfVG28ermqujT7WCn_JQ==
new-user
consent.rhein-zeitung.de/wrapper/tcfv2/v2/gdpr/native-message/ Frame
0
0
Preflight
General
Full URL
https://consent.rhein-zeitung.de/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A16747%2C%22accountId%22%3A1724%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.rhein-zeitung.de%2F%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.rhein-zeitung.de%22%2C%22targetingParams%22%3A%22%7B%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.rhein-zeitung.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=1200
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 22 Nov 2022 19:11:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id
SUJcLZILvIu_WctThtD2dsqheZQjOgHezeJkciCJp69OFOlTHNH6VA==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-powered-by
Express
regiomap.html
www.rhein-zeitung.de/pu_rz/ajax/
11 KB
3 KB
XHR
General
Full URL
https://www.rhein-zeitung.de/pu_rz/ajax/regiomap.html
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/pu_rz/scripts/jquery.3.5.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
b4442083fa57743ae53f14a2086eb0aa0eb67dd7c5bfe8913aee72124595817d

Request headers

Accept
*/*
Referer
https://www.rhein-zeitung.de/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Content-Encoding
gzip
Via
1.1 varnish
Last-Modified
Tue, 26 May 2020 13:35:51 GMT
Age
0
ETag
"2b3c-5a68d2c83fbc0-gzip"
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
3160
rhein-zeitung.de.js
files.upscore.com/config/
1 KB
925 B
Script
General
Full URL
https://files.upscore.com/config/rhein-zeitung.de.js
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69417cf9df325f1a23484a3ca7d584b3765c451f63424ee374b99e99c0ddfb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:11:26 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 02 Nov 2022 10:31:12 GMT
server
cloudflare
x-amz-request-id
5Z8Z4S5ND69CGPK0
age
5686
etag
W/"1544426b7b7b3c4891f6fb3d40fbf021"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
76e3f88ece679b67-FRA
x-amz-id-2
ZPouVj3HxZkNeV1nokcW/NfkR1NalgoMwAPCFEv5lv41OuV/uHwY6uQVE42oGTkMPRPw+aqjA8U=
matomo.js
analytics.rhein-zeitung.de/
65 KB
65 KB
Script
General
Full URL
https://analytics.rhein-zeitung.de/matomo.js
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.105.103.44 Koblenz, Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
analytics.rhein-zeitung.de
Software
Apache/2.4.37 (Oracle Linux) OpenSSL/1.1.1k /
Resource Hash
a98bcbffd5d9ea7bf01dfdc4d0b7f0c75bfcefffa62a51e237082f7d05d18987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Last-Modified
Tue, 08 Nov 2022 13:29:25 GMT
Server
Apache/2.4.37 (Oracle Linux) OpenSSL/1.1.1k
ETag
"10300-5ecf5875524c8"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
66304
regiomap_blank.png
www.rhein-zeitung.de/pu_rz/images/regiomap/
1 KB
1 KB
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/regiomap/regiomap_blank.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
44dbcffdb934b78196f81bd0238ae25302903b4f0ea8e6b84dba21b9eb8e94dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
159
ETag
"418-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1048
Expires
Tue, 29 Nov 2022 19:08:47 GMT
regiomap_locations.png
www.rhein-zeitung.de/pu_rz/images/regiomap/
16 KB
17 KB
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/regiomap/regiomap_locations.png
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
35058b0df3e7076a7d3b310c63a2efe6b4952b8c8406d5e2780c6e5522a13a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Mon, 01 Jul 2019 19:46:35 GMT
Age
159
ETag
"4131-58ca3e2babcc0"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16689
Expires
Tue, 29 Nov 2022 19:08:47 GMT
/
hit-pool.upscore.com/
3 B
94 B
Ping
General
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Nov 2022 19:11:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
76e3f88f1f8d9b67-FRA
2533652_1_mrvlargeteaser_DSC05695.jpg
www.rhein-zeitung.de/cms_media/module_img/5067/
40 KB
40 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/5067/2533652_1_mrvlargeteaser_DSC05695.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
8a6a660da71ee4448fd693537a9df0752ef96dd72bc8a6ea9870a40f88277a4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Tue, 22 Nov 2022 18:24:47 GMT
Age
0
ETag
"a023-5ee13496b4e2e"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
40995
Expires
Tue, 29 Nov 2022 19:11:26 GMT
2532984_1_mrvmediumteaser_384517796.jpg
www.rhein-zeitung.de/cms_media/module_img/5065/
33 KB
34 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/5065/2532984_1_mrvmediumteaser_384517796.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
80993372b7d38b5562a111cfcbc4b902abf97b87cf460e25437db06d752b8f39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Tue, 22 Nov 2022 17:26:39 GMT
Age
0
ETag
"84ac-5ee12798c19c3"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
33964
Expires
Tue, 29 Nov 2022 19:11:26 GMT
2505028_3_mrvmediumteaser_image_2d8aeaadd6305a5d.jpg
www.rhein-zeitung.de/cms_media/module_img/5010/
12 KB
13 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/5010/2505028_3_mrvmediumteaser_image_2d8aeaadd6305a5d.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
ebd91a30ab7aa10ad0afe6ae834cc18ba4a89e4671cf50c78faf7209fa397b1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Tue, 22 Nov 2022 18:50:53 GMT
Age
0
ETag
"31c9-5ee13a6c24d87"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
12745
Expires
Tue, 29 Nov 2022 19:11:26 GMT
2519401_1_mrvsmallteaser_image_6b613bde7d0c94a9.jpg
www.rhein-zeitung.de/cms_media/module_img/5038/
11 KB
11 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/5038/2519401_1_mrvsmallteaser_image_6b613bde7d0c94a9.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
d17d668adb079b5503554b413aa2dc7a3c68dba7f85b1a2655e21de5ded16a99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Fri, 14 Oct 2022 18:34:46 GMT
Age
0
ETag
"2c8b-5eb02e14fee11"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
11403
Expires
Tue, 29 Nov 2022 19:11:26 GMT
2533424_1_mrvsmallteaser_27554586.jpg
www.rhein-zeitung.de/cms_media/module_img/5066/
22 KB
23 KB
Image
General
Full URL
https://www.rhein-zeitung.de/cms_media/module_img/5066/2533424_1_mrvsmallteaser_27554586.jpg
Requested by
Host: www.rhein-zeitung.de
URL: https://www.rhein-zeitung.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
8ddf21eb9334bca4bfcb4a063fb543ea18fb90259f46854343ff7a0b2698ace4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Tue, 22 Nov 2022 12:47:05 GMT
Age
0
ETag
"596d-5ee0e91ba34e4"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes, bytes
Content-Length
22893
Expires
Tue, 29 Nov 2022 19:11:26 GMT
/
hit-pool.upscore.com/
3 B
76 B
Ping
General
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Nov 2022 19:11:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
76e3f88f68249b67-FRA
index.html
consent.rhein-zeitung.de/ Frame 5EBE
4 KB
2 KB
Document
General
Full URL
https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a405860260dadbd78688ec63ce024916f2288129e3628179c91c7bbfe2ba590b

Request headers

Referer
https://www.rhein-zeitung.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
416
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html
date
Tue, 22 Nov 2022 19:04:31 GMT
etag
W/"1e32e4597c21f654e66a1b98d84d1a3d"
last-modified
Tue, 15 Nov 2022 17:31:50 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
OtDHy43jQldZKVhX6w9fPKLf6-eUjOfmeGhs3WhDtvZDykpFwh23mA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
Notice.7d8e6.css
consent.rhein-zeitung.de/ Frame 5EBE
33 KB
6 KB
Stylesheet
General
Full URL
https://consent.rhein-zeitung.de/Notice.7d8e6.css
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a711248c5a23004438b0c89115d89f6526096747a4e19af70986c6133cc20ab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:44:37 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 15:11:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1615
etag
W/"fc388b941a6d8060609a792783f8f583"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-cf-id
i44_1hHUFxflZwjtI1ETHREtxQtPi2iR3_wSxLUXmI8GZvuBfMARUg==
polyfills.d36c5.js
consent.rhein-zeitung.de/ Frame 5EBE
5 KB
2 KB
Script
General
Full URL
https://consent.rhein-zeitung.de/polyfills.d36c5.js
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:44:37 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 16:37:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1619
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
iuLGRY-bkcaaBSscB29lpClZn09HxZvxJ_od8rD1qlcsoSOnoh8k_A==
Notice.b07b7.js
consent.rhein-zeitung.de/ Frame 5EBE
259 KB
69 KB
Script
General
Full URL
https://consent.rhein-zeitung.de/Notice.b07b7.js
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92fc78ecf5f8be6daceee2abbddf07cca5cd958ae10989411f721ce44b52d2fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:08:19 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Tue, 15 Nov 2022 17:31:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
232
etag
W/"4195db9fa399a2354b44bbac52db5ded"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
opB7hYr9hgQST9sNF_pY1jri9tGmu18ZRuV9sMtGoP0x6Nr7n4B8cw==
matomo.php
analytics.rhein-zeitung.de/
0
298 B
Ping
General
Full URL
https://analytics.rhein-zeitung.de/matomo.php?action_name=www.rhein-zeitung.de%2FRhein-Zeitung&idsite=1&rec=1&r=363681&h=19&m=11&s=26&url=https%3A%2F%2Fwww.rhein-zeitung.de%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=qPyX73&pf_net=90&pf_srv=30&pf_tfr=46&pf_dm1=269&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: analytics.rhein-zeitung.de
URL: https://analytics.rhein-zeitung.de/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.105.103.44 Koblenz, Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
analytics.rhein-zeitung.de
Software
Apache/2.4.37 (Oracle Linux) OpenSSL/1.1.1k / PHP/8.0.13
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
https://www.rhein-zeitung.de
Date
Tue, 22 Nov 2022 19:11:26 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.37 (Oracle Linux) OpenSSL/1.1.1k
Connection
Keep-Alive
X-Powered-By
PHP/8.0.13
Keep-Alive
timeout=5, max=99
categories
consent.rhein-zeitung.de/consent/tcfv2/vendor-list/ Frame 5EBE
1 KB
1 KB
Fetch
General
Full URL
https://consent.rhein-zeitung.de/consent/tcfv2/vendor-list/categories?siteId=16747&consentLanguage=de
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/Notice.b07b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-75.fra6.r.cloudfront.net
Software
/
Resource Hash
2136428307dd5b9f53e823d1d7fa58b8f82bfb020c369800c5f0dae7ce817ce5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:04:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
441
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=0, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
xHzOdZ-QodLY3N6n3lM0KsTQJRrZVqk3rUA5uB91PctDEFZGploQ1w==
rhein-zeitung-heimatausgaben-cmp.png
www.rhein-zeitung.de/pu_rz/images/logos/ Frame 5EBE
7 KB
7 KB
Image
General
Full URL
https://www.rhein-zeitung.de/pu_rz/images/logos/rhein-zeitung-heimatausgaben-cmp.png
Requested by
Host: consent.rhein-zeitung.de
URL: https://consent.rhein-zeitung.de/index.html?message_id=516568&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&hasCsp=true&consent_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fconsent.rhein-zeitung.de%2Fmms%2Fv2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.132.224.41 , Germany, ASN203441 (DE-MITTELRHEIN-VERLAG-1-AS, DE),
Reverse DNS
Software
/
Resource Hash
d495c3693a73a123f064c5bb5b3b1a12c13ffc60f71868f4bb24337ec4f57b4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent.rhein-zeitung.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 19:11:26 GMT
Via
1.1 varnish
Last-Modified
Wed, 24 Jun 2020 12:37:22 GMT
Age
184
ETag
"1bd7-5a8d3bcc2c480"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7127
Expires
Tue, 29 Nov 2022 19:08:22 GMT
/
hit-pool.upscore.com/
3 B
99 B
Ping
General
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Nov 2022 19:11:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
76e3f891ee009b67-FRA
/
hit-pool.upscore.com/
3 B
99 B
Ping
General
Full URL
https://hit-pool.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:bb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Nov 2022 19:11:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cf-ray
76e3f89b8c059b67-FRA
/
positions.upscore.com/
3 B
96 B
Ping
General
Full URL
https://positions.upscore.com/
Requested by
Host: files.upscore.com
URL: https://files.upscore.com/async/upScore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.51.141 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.141.51.9.176.clients.your-server.de
Software
nginx /
Resource Hash
d447c165c155b9805a250c3542dd300bad0171352cce2db6f374799990bb4c5a

Request headers

Referer
https://www.rhein-zeitung.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Nov 2022 19:11:28 GMT
server
nginx
content-type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| MSOdataLayer object| dataLayer function| __tcfapi object| _sp_ function| upScore object| handleLogin object| fse function| $ function| jQuery function| addWindowOnLoadEvent function| jsonp function| setIntervalRedirect function| openLinkWindow function| getLayer function| showHideAdLayer function| getItemStatisticResource function| getItemStatisticImage function| item_statistic function| getUnobscuredLink function| unobscure function| onClickSetCachingHashCookie function| autoHeightIframe function| nfyStroeerSlot function| nfyStroeerLoadSlot function| ClusterMarker object| NFYAdvertisement object| dragobjekt number| dragx number| dragy number| posx number| posy function| draginit function| dragstart function| dragstop function| drag function| NFYF_GoogleMapsV3 function| rwInitial function| onclick_statistic object| swfobject string| pu_dir function| isMobildeDevice function| checkMobileNavigation function| openMobileNavigation function| moveNavigationElements function| removeNavigationElements function| checkMobileNavWrapper function| fixedNavigation function| handleSearchLayer function| insertRelatedQuote function| playEmbeddedYouTubeVideo function| articleShareButtons function| mrvPageHead function| ArticleCall function| WebAppCall function| checkWebAppDisplayMode function| mrvScrollToTop function| mobileTouchMenu function| cloneMenuForMobileScrollElement function| markSelectedPageInScrollMenu function| showMobileTouchMenuOnScroll function| handleEventFormRequests function| mrvXMLHttpRequest function| mrv_itemstatistic function| mrv_htmldecode function| getAricleTimeDiff function| adCopyrightToCopy function| initVmap function| removeClassFromMap function| formatVmapText boolean| loginLayerFlag function| elementHasClass function| initLoginLayer function| hideUnusedModals function| electionTableLayer function| handleElectionJsonErrors function| fetchElectionJson function| electionGetCobo function| loadElectionImages function| electionGetWkMenu function| initElectionMenu function| capitalizeFirstLetter function| electionGetWkResult function| initElectionResultChart function| electionchartbarheight function| electionchartresultsign function| buildTableLayer function| reloadIvw function| getSsoDomain function| handlePaymentFormAction function| getUpdatedText object| mrvTeaserScrollWrapper function| newsletterUnsubscribeForm function| getCustomFormSelectFields function| formSendController function| sendMailForm function| checkExternalContentConsent function| externalContentConsentCookie function| externalContentLoader function| deleteExternalContentConsentCookie function| externalContentWriteIframe function| externalContentLoaderTwitter function| externalContentLoaderFlourish function| externalContentLoaderConsentCookieSlider function| externalContentLoaderConsentCookieInput function| externalContentLoaderConsentCookieRemoveLink function| externalContentLoaderCapitalizeFirstLetter function| setSmartserverCookie object| lazySizesConfig object| lazySizes object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| sas object| googletag object| adsbygoogle function| docReady object| google_tag_manager object| google_tag_data object| _paq object| _sp_queue object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log string| nfyLoginLink string| nfyPaymentLoginLink string| nfyLoginScriptContent boolean| isGuest undefined| loginLink string| registerLink string| nfySsoDomain string| nfySSoClientId

6 Cookies

Domain/Path Name / Value
.rhein-zeitung.de/ Name: _sp_enable_dfp_personalized_ads
Value: false
www.rhein-zeitung.de/ Name: _sp_v1_uid
Value: 1:98:89662901-46d7-4b6a-bc62-df1d1da23bba
www.rhein-zeitung.de/ Name: _sp_v1_data
Value: 2:365147:1669144286:0:1:0:1:0:0:_:-1
www.rhein-zeitung.de/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKRmbkgRgGtbE6MUqpIGZeaU4OkF0CVlBdi1tCKRYAmuD4I1IAAAA%3D
.rhein-zeitung.de/ Name: sampledUser
Value: false
www.rhein-zeitung.de/ Name: rfFUS
Value: ccd54d051c6ac97c51b38054106a230b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.rhein-zeitung.de
consent.rhein-zeitung.de
files.upscore.com
hit-pool.upscore.com
positions.upscore.com
rz-online.de
www.googletagmanager.com
www.rhein-zeitung.de
176.9.51.141
185.132.224.41
193.105.103.44
2606:4700:10::ac43:bb0
2a00:1450:4001:830::2008
99.86.4.75
07b0157e24b339e2ff858fddf1f47122cc4c6befdfd39983e84c1c5a28a5803a
09935100b8bb1bb67a8ca8973df3f364a29a626f4b5d7d695268c65d8e1adb53
1c39c930845a79483c26edd785de5fbdda499dfdc6474859c562fc961e45da82
1c3f860d9fa1fb411cd50a7d0bb30059cbfcb8cd58e2ce6c8e03aa1219bf61ae
2136428307dd5b9f53e823d1d7fa58b8f82bfb020c369800c5f0dae7ce817ce5
2e935244d32e75de4e342691c07356c1d58d06d261f2d7879b1c509a1c1845f0
332b162795130c2b6b378998a2791d6c9f63c0b3ef8de2794f31db8b1259293c
35058b0df3e7076a7d3b310c63a2efe6b4952b8c8406d5e2780c6e5522a13a19
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
43ba287a1a52d4ee6877affa8e40a939dd4fb1d483ca6d78ef9717b4413762d4
44dbcffdb934b78196f81bd0238ae25302903b4f0ea8e6b84dba21b9eb8e94dd
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
53bf7016e1c2d2bf665ee3df7eea750ca7f88c7e4dbd1978d293bad81cfebcab
55cd49237a0f954bd30bce28fbf1867a7d51f4b9148acf72a99b7e3d700ddd0c
59b05f9b2f0e5d27ba66c2fd31e288fd409d2a500e619809c3f7d2bdae6ea08b
5a45d491e14af52982990407b771f67d120516ad6698633684847befb3037070
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6b9f0a9b992ec55a15f8d5e1cb55a6486b466358e20e2e7acb7bcdefd0bdd3eb
71ec8bd3b7b268124c089c12751dc8ea31da4da41a28237d40b13d4a1f2b309e
723335fcbd25db6cefa4769a3093b639f4505ba4dfe2fbea64a25834ef899450
7fcea801e636d58ecfe0078dbc072a2e6f0a279a363c54987793e423af921671
80993372b7d38b5562a111cfcbc4b902abf97b87cf460e25437db06d752b8f39
889c51dbfd9139ca159ab6149650e2d8574463ebed4eadc6bfb9e03c3ee340e4
8a6a660da71ee4448fd693537a9df0752ef96dd72bc8a6ea9870a40f88277a4f
8ddf21eb9334bca4bfcb4a063fb543ea18fb90259f46854343ff7a0b2698ace4
901efdc3f23b224ef936b58b25ad62856326f92b8b92502f3d954de9206a9890
92fc78ecf5f8be6daceee2abbddf07cca5cd958ae10989411f721ce44b52d2fc
9d648839e474173a011e3251136147e26762d7b121249688c7aac0873c20eee6
9f273308e60bbbb2c422149e912c93453e6e1fe15ca38a1bcdd4c6fc5536b6da
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a405860260dadbd78688ec63ce024916f2288129e3628179c91c7bbfe2ba590b
a711248c5a23004438b0c89115d89f6526096747a4e19af70986c6133cc20ab0
a98bcbffd5d9ea7bf01dfdc4d0b7f0c75bfcefffa62a51e237082f7d05d18987
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4442083fa57743ae53f14a2086eb0aa0eb67dd7c5bfe8913aee72124595817d
b457e5f1cc2fccd5e286a8dcf728fb33bf4abfec6afdfa79edc05b0c048c5e60
c69417cf9df325f1a23484a3ca7d584b3765c451f63424ee374b99e99c0ddfb4
cc3e7224a34abb5692775d6f734097cd94236ff88cc4c740316a312bcaae9734
cfa13ce439f3b3dd86daf643fd432cd2975563f24377827a37706b5f6a3daaff
cfb0d3887b5638108229b6e785dbae0e1bf675c21eed176a0a0e7434fb1f825b
d17d668adb079b5503554b413aa2dc7a3c68dba7f85b1a2655e21de5ded16a99
d19653f2f25cda4d3f954b99b168d752c298c9cd290f547a3b254483049a6394
d447c165c155b9805a250c3542dd300bad0171352cce2db6f374799990bb4c5a
d495c3693a73a123f064c5bb5b3b1a12c13ffc60f71868f4bb24337ec4f57b4f
dd0934e70cccc753423ada323bba83fb3523fae61d12b3d05d16c422460dc21b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd91a30ab7aa10ad0afe6ae834cc18ba4a89e4671cf50c78faf7209fa397b1c