urlscan.io logo urlscan.io
SecurityTrails logo

www.derwesten.de Open in urlscan Pro
192.0.66.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.derwesten.de/
Effective URL: https://www.derwesten.de/
Submission: On October 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 2 domains to perform 33 HTTP transactions. The main IP is 192.0.66.149, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.derwesten.de. The Cisco Umbrella rank of the primary domain is 198591.
TLS certificate: Issued by R3 on September 20th 2023. Valid for: 3 months.
This is the only time www.derwesten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27 192.0.66.149 2635 (AUTOMATTIC)
3 185.102.94.213 29423 (GRIDSCALE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.149.49.103 15169 (GOOGLE)
2 34.111.164.192 396982 (GOOGLE-CL...)
33 5
27    192.0.66.149 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
www.derwesten.de
3    185.102.94.213 (Germany)

ASN29423 (GRIDSCALE, DE)
PTR: relay-client-c05.iocnt.net
data-ee807be806.derwesten.de
1    2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
runforrest.derwesten.de
1    34.149.49.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.49.149.34.bc.googleusercontent.com
spark.cloud.funkedigital.de
2    34.111.164.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.164.111.34.bc.googleusercontent.com
anonym.data.funkedigital.de
Apex Domain
Subdomains		 Transfer
31 derwesten.de
www.derwesten.de — Cisco Umbrella Rank: 198591
data-ee807be806.derwesten.de
runforrest.derwesten.de — Cisco Umbrella Rank: 358210
960 KB
3 funkedigital.de
spark.cloud.funkedigital.de — Cisco Umbrella Rank: 109875
anonym.data.funkedigital.de — Cisco Umbrella Rank: 113556
16 KB
33 2
Domain Requested by
27 www.derwesten.de 1 redirects www.derwesten.de
3 data-ee807be806.derwesten.de www.derwesten.de
data-ee807be806.derwesten.de
2 anonym.data.funkedigital.de spark.cloud.funkedigital.de
1 spark.cloud.funkedigital.de www.derwesten.de
1 runforrest.derwesten.de www.derwesten.de
33 5
Subject Issuer Validity Valid
derwesten.de
R3		 2023-09-20 -
2023-12-19		 3 months crt.sh
data-ee807be806.derwesten.de
R3		 2023-08-24 -
2023-11-22		 3 months crt.sh
runforrest.derwesten.de
GTS CA 1D4		 2023-10-08 -
2024-01-06		 3 months crt.sh
spark.cloud.funkedigital.de
GTS CA 1D4		 2023-09-06 -
2023-12-05		 3 months crt.sh
anonym.data.funkedigital.de
GTS CA 1D4		 2023-10-11 -
2024-01-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.derwesten.de/
Frame ID: 07A740ED3CB7D3444F1A111462587954
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

derwesten.de - Nachrichten für den Westen - DerWesten.de

Page URL History Show full URLs

  1. http://www.derwesten.de/ HTTP 301
    https://www.derwesten.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

33
Requests

100 %
HTTPS

20 %
IPv6

2
Domains

5
Subdomains

5
IPs

2
Countries

975 kB
Transfer

1798 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.derwesten.de/ HTTP 301
    https://www.derwesten.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.derwesten.de/
Redirect Chain
  • http://www.derwesten.de/
  • https://www.derwesten.de/
256 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
1d734afc1b15e0fd78e5dac9f39d975033468b91c72cbc065bdfeeda16950e0c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
194
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-length
38389
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 15:16:32 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.derwesten.de/wp-json/>; rel="https://api.w.org/" <https://www.derwesten.de/wp-json/wp/v2/pages/311>; rel="alternate"; type="application/json" <https://www.derwesten.de/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
hit
x-distributor
yes
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn2 111 253 443

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 18 Oct 2023 15:16:32 GMT
Location
https://www.derwesten.de/
Server
nginx
bundle.js
data-ee807be806.derwesten.de/iomm/latest/manager/base/es6/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-ee807be806.derwesten.de/iomm/latest/manager/base/es6/bundle.js
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.102.94.213 , Germany, ASN29423 (GRIDSCALE, DE),
Reverse DNS
relay-client-c05.iocnt.net
Software
nginx /
Resource Hash
45f29c2a70206a91a8dc2ade7db7a374fd14b283e00c40e44fcf2e82320d4e36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
last-modified
Tue, 06 Jun 2023 08:09:00 GMT
server
nginx
etag
W/"647ee99c-f760"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public, must-revalidate
x-robots-tag
noindex, nofollow, nosnippet, noarchive
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies,X-Robots-Tag
expires
Thu, 19 Oct 2023 15:16:32 GMT
loader.js
data-ee807be806.derwesten.de/iomm/latest/bootstrap/ 		739 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data-ee807be806.derwesten.de/iomm/latest/bootstrap/loader.js
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.102.94.213 , Germany, ASN29423 (GRIDSCALE, DE),
Reverse DNS
relay-client-c05.iocnt.net
Software
nginx /
Resource Hash
4faffa80abd838474ed12f6e43dff5503327c05fa6165915d986a879ca96deeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
last-modified
Tue, 06 Jun 2023 08:09:00 GMT
server
nginx
etag
W/"647ee99c-2e3"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public, must-revalidate
x-robots-tag
noindex, nofollow, nosnippet, noarchive
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies,X-Robots-Tag
expires
Thu, 19 Oct 2023 15:16:32 GMT
style.min.css
www.derwesten.de/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/wp-includes/css/dist/block-library/style.min.css?m=1697500969g
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
x-rq
hhn2 111 253 443
last-modified
Tue, 17 Oct 2023 00:02:49 GMT
server
nginx
etag
W/"652dcf29-19824"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
/
www.derwesten.de/_static/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGppZmpsaGFiaGwAAROku5w==
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
x-rq
hhn2 111 253 443
last-modified
Tue, 17 Oct 2023 00:02:50 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
related-posts-block-styles.min.css
www.derwesten.de/wp-content/mu-plugins/search/elasticpress-next/dist/css/ 		222 B
405 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css?m=1693499496g
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 111 254 443
last-modified
Thu, 31 Aug 2023 16:31:36 GMT
server
nginx
etag
"64f0c068-de"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
222
/
www.derwesten.de/_static/ 		297 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/_static/??-eJyFjtsKwjAQRH/IdKnWSB/ET5EaF63NZelsCf69GikEfPBtdjiHHcpiXIrKUUn8chsjKHKGDG4yF5/cBLqOUCr5DH16RuOADVWm3jlwJc5ZqKB/yXJ/2aqFpIg0/z4Ki1lXPlgL224bS29uLT7OKRxb2x/sbt/13QvCxVRl
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9fb8d6ab69eb1c3cdd79b7117a69bbc92cab27ea6082ab1697ac2bf9d2174a3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
x-rq
hhn2 111 253 443
last-modified
Wed, 18 Oct 2023 13:24:54 GMT
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cropped-derwesten.png
www.derwesten.de/wp-content/uploads/sites/8/2022/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2022/02/cropped-derwesten.png
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3d7b809185b525f8e3261879357deae30d964900d5ccacda47cf69094a459d8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 140 443
last-modified
Wed, 03 May 2023 15:32:39 GMT
server
nginx
etag
"91b17590bb9f006c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4276
dortmund-bremen-e1697629494400.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/dortmund-bremen-e1697629494400.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dffe7697b90ba1240b2e95403ba009e4e07645c8af878d92c8473f4f1d87c526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 196 443
last-modified
Wed, 18 Oct 2023 15:03:06 GMT
server
nginx
etag
"bb05aff1a3d4273a"
vary
Accept
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
109866
430534984-e1697569880277.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/430534984-e1697569880277.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1df4316bdb3bb9a957c30f352e8824e9d2d896ac35de53b80d5035d1a286111a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 88 443
last-modified
Wed, 18 Oct 2023 09:03:53 GMT
server
nginx
etag
"b2dd39f8ae5dbe80"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30512
imago0257446614h-e1696752722829.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/imago0257446614h-e1696752722829.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
24d9543a3f357a44bdd2a0ff530b9b6cb1e34494821f86c7c962ecb44d82e8fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 140 443
last-modified
Sun, 08 Oct 2023 15:11:29 GMT
server
nginx
etag
"dd263024477b61f8"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
52262
funke_logo_red.svg
www.derwesten.de/wp-content/themes/newspack-rwp/assets/ 		2 KB
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/themes/newspack-rwp/assets/funke_logo_red.svg
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c26e3bcb95b4e65c884ca82b0ea0ceeee1126dd123eec93d0c239fd9992d7d5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
x-rq
hhn2 111 253 443
last-modified
Mon, 27 Mar 2023 13:39:45 GMT
server
nginx
etag
W/"64219ca1-6f4"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=31536000
view.css
www.derwesten.de/wp-content/plugins/newspack-blocks/dist/homepage-articles/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/wp-content/plugins/newspack-blocks/dist/homepage-articles/view.css?m=1679924384g
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2b7c6661d4208cb7bcfa366f322f64ad1873c100d81db2ba50be0b2dae6bb3ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
x-rq
hhn2 111 253 443
last-modified
Mon, 27 Mar 2023 13:39:44 GMT
server
nginx
etag
W/"64219ca0-37be"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
bundle.js
data-ee807be806.derwesten.de/iomm/latest/manager/base/es6/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-ee807be806.derwesten.de/iomm/latest/manager/base/es6/bundle.js
Requested by
Host: data-ee807be806.derwesten.de
URL: https://data-ee807be806.derwesten.de/iomm/latest/bootstrap/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.102.94.213 , Germany, ASN29423 (GRIDSCALE, DE),
Reverse DNS
relay-client-c05.iocnt.net
Software
nginx /
Resource Hash
45f29c2a70206a91a8dc2ade7db7a374fd14b283e00c40e44fcf2e82320d4e36

Request headers

Referer
https://www.derwesten.de/
Origin
https://www.derwesten.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
last-modified
Tue, 06 Jun 2023 08:09:00 GMT
server
nginx
etag
W/"647ee99c-f760"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.derwesten.de
cache-control
max-age=86400, public, must-revalidate
x-robots-tag
noindex, nofollow, nosnippet, noarchive
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies,X-Robots-Tag
expires
Thu, 19 Oct 2023 15:16:32 GMT
print.css
www.derwesten.de/wp-content/themes/newspack-theme/styles/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/wp-content/themes/newspack-theme/styles/print.css?m=1697635494g
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
47ea730c0d1c221e563585b077e9d6a26ff978e497dfa31551503d627f9fc26d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
content-encoding
gzip
x-rq
hhn2 111 254 443
last-modified
Wed, 18 Oct 2023 13:24:54 GMT
server
nginx
etag
W/"652fdca6-da8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
leaguespartan-bold.woff2
www.derwesten.de/wp-content/themes/newspack-rwp/fonts/league-spartan/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/wp-content/themes/newspack-rwp/fonts/league-spartan/leaguespartan-bold.woff2
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
704535e4d21edf9be26df22091fb8c7d33b2a36d87f03a059f52d7d5a0e0148a

Request headers

Referer
https://www.derwesten.de/
Origin
https://www.derwesten.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 111 253 443
last-modified
Mon, 27 Mar 2023 13:39:45 GMT
server
nginx
etag
"64219ca1-31a0"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12704
noto-sans-v25-latin-regular.woff2
www.derwesten.de/wp-content/themes/newspack-rwp/fonts/noto-sans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.derwesten.de/wp-content/themes/newspack-rwp/fonts/noto-sans/noto-sans-v25-latin-regular.woff2
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b

Request headers

Referer
https://www.derwesten.de/
Origin
https://www.derwesten.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 111 254 443
last-modified
Mon, 27 Mar 2023 13:39:45 GMT
server
nginx
etag
"64219ca1-3ed8"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16088
ivw-logo-nordrhein-westfalen.webp
www.derwesten.de/wp-content/themes/newspack-rwp/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/themes/newspack-rwp/assets/ivw-logo-nordrhein-westfalen.webp
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4c7431ff0a0c099a08b23bbe1d4a46591b62d645ab1be6f0018a92dfe678f4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 111 254 443
last-modified
Mon, 27 Mar 2023 13:39:45 GMT
server
nginx
etag
"64219ca1-e5a"
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3674
420004195-e1697265016718.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/420004195-e1697265016718.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
74b49e2997b3bd3f8c467af58e221ce411fabd6ab105e40a41db2140a3bad785

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 142 443
last-modified
Sat, 14 Oct 2023 12:46:19 GMT
server
nginx
etag
"ef65fb40813321f5"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20912
imago0307902912h-1-e1697611182372.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/imago0307902912h-1-e1697611182372.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
336e4326f37fea8b81a21b9c643c1866264d3d89a0bb462e3df2590e5668af9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 86 443
last-modified
Wed, 18 Oct 2023 13:59:09 GMT
server
nginx
etag
"c65a0cf22d612bb5"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12290
5fadb000cc036ea8-1-e1697550874246.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/5fadb000cc036ea8-1-e1697550874246.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6a527d59c88c22047283ec7ff00d02adc2d6a62690f98b19cc8905ca19b65c3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 140 443
last-modified
Tue, 17 Oct 2023 14:14:46 GMT
server
nginx
etag
"836e62e127c814b4"
vary
Accept
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
85395
imago1034826599h-e1697618963388.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/imago1034826599h-e1697618963388.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a7894d266bca9c1288d6b9daf94d407171e75c07a7d8920c7d47f2dbe91ed02e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 27 443
last-modified
Wed, 18 Oct 2023 12:55:16 GMT
server
nginx
etag
"db374ef5c1eccc21"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
43674
387846559-714002287426321-8528852568800522834-n-e1697632171644.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/387846559-714002287426321-8528852568800522834-n-e1697632171644.jpg?resize=1200,900
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b062887a6e6ae46e94aa3a3b6110f1b9e4efc05b19cea873dd74541bd2341847

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 84 443
last-modified
Wed, 18 Oct 2023 13:59:31 GMT
server
nginx
etag
"b22cde4146846436"
vary
Accept
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
114942
da98b-e1697469573394.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/da98b-e1697469573394.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
958de6f3994c5504d2935ef3aa8115078fa69df592c394a60fc09d0c4a9fe85a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 32 443
last-modified
Wed, 18 Oct 2023 14:01:15 GMT
server
nginx
etag
"840a4e9911e6bca2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30190
imago1035513431h-e1697529569378.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/imago1035513431h-e1697529569378.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
caefd521e6f1aaad3a881b19f168ede127662aa4b1457a1b317536810fe81238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 198 443
last-modified
Tue, 17 Oct 2023 08:04:53 GMT
server
nginx
etag
"af30f6dbfdef3bca"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27246
rente-steuer-steuererklaerung-lohnsteuer.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/rente-steuer-steuererklaerung-lohnsteuer.jpg?resize=800,600
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f28589113f1d960ae087c392928cb821de5625c36ce7c47647322ac16ae2c299

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 200 443
last-modified
Wed, 18 Oct 2023 12:05:02 GMT
server
nginx
etag
"236464a16c0e69af"
vary
Accept
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55377
1634926-e1697630039125.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/1634926-e1697630039125.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
11920d76dba8f6025ee12b3b1bf13a0c033cd1a4893380280366a48635473e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 32 443
last-modified
Wed, 18 Oct 2023 12:02:40 GMT
server
nginx
etag
"e0d45cacc9a0e753"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
67592
anolvqxruq0p-hartz-und-herzlich-tag-fuer-tag-rostock-268-jasmin-maik-e1697103361949.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/anolvqxruq0p-hartz-und-herzlich-tag-fuer-tag-rostock-268-jasmin-maik-e1697103361949.jpg?resize=800,600
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b04ee03b062263e6a5ea013ad81ea58498a3e89e1bcecf6ca85e6f9ec1f89fb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 140 443
last-modified
Thu, 12 Oct 2023 13:32:20 GMT
server
nginx
etag
"d708086d88092379"
vary
Accept
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
52312
imago0307606214h-e1697199441898.jpg
www.derwesten.de/wp-content/uploads/sites/8/2023/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.derwesten.de/wp-content/uploads/sites/8/2023/10/imago0307606214h-e1697199441898.jpg?w=800&h=600&crop=1
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.149 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
635ec2836f7baf5619c262c05cd48fa4e5790761a0c9e621b7cf0db77b27512d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
x-rq
hhn2 109 196 443
last-modified
Fri, 13 Oct 2023 12:25:44 GMT
server
nginx
etag
"ecf54b01509f8de2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17020
nnamdnas.js
runforrest.derwesten.de/ 		203 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://runforrest.derwesten.de/nnamdnas.js?id=GTM-NGPP53C
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fb9fd9599bdb0def286b2653fcbf8b5956f06973789451adcd8818508c73733f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Wed, 18 Oct 2023 15:16:32 GMT
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
access-control-allow-headers
Cache-Control
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
liteblower.js
spark.cloud.funkedigital.de/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spark.cloud.funkedigital.de/liteblower.js
Requested by
Host: www.derwesten.de
URL: https://www.derwesten.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.49.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.49.149.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e050d473f0c3a785a85c23ceda9475815bb8ac262059db0da57e859cc817e191

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.derwesten.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 21:03:37 GMT
content-encoding
gzip
age
1447975
x-guploader-uploadid
ADPycdvNIdObr9ZtJg5DJKqAwYTwHLVe1JqfWg5ZGlyVKKj9LXuZg__e0KtH9PoJDQiZie2_5GwBkYNa04OqbFKjtxP2xJf8cmbl
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15230
last-modified
Mon, 04 Sep 2023 13:31:26 GMT
server
UploadServer
etag
"b64bb14bad071f1cebc9529e56b65111"
vary
Accept-Encoding
x-goog-hash
crc32c=qgD04w==, md5=tkuxS60HHxzryVKeVrZREQ==
x-goog-generation
1693834286276685
content-language
en
content-type
application/javascript
cache-control
max-age=604800,public
x-goog-stored-content-length
15230
accept-ranges
bytes
tp2
anonym.data.funkedigital.de/com.snowplowanalytics.snowplow/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://anonym.data.funkedigital.de/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.164.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.164.111.34.bc.googleusercontent.com
Software
akka-http/10.2.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sp-anonymous
Access-Control-Request-Method
POST
Origin
https://www.derwesten.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.derwesten.de
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Oct 2023 15:16:32 GMT
server
akka-http/10.2.9
via
1.1 google
tp2
anonym.data.funkedigital.de/com.snowplowanalytics.snowplow/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://anonym.data.funkedigital.de/com.snowplowanalytics.snowplow/tp2
Requested by
Host: spark.cloud.funkedigital.de
URL: https://spark.cloud.funkedigital.de/liteblower.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.164.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.164.111.34.bc.googleusercontent.com
Software
akka-http/10.2.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

SP-Anonymous
*
Referer
https://www.derwesten.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 18 Oct 2023 15:16:32 GMT
via
1.1 google
server
akka-http/10.2.9
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.derwesten.de
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer string| IOMmGlobalObject function| IOMm object| iom boolean| pmDOMLoaded string| pmClickTarget function| pmTriggerDOMListener function| pmTriggerDelayedScripts function| pmDelayEventListeners function| pmDelayJQueryReady function| pmProcessDocumentWrite function| pmSortDelayedScripts function| pmPreloadDelayedScripts function| pmLoadDelayedScripts function| pmReplaceScript function| pmTriggerEventListeners function| pmNextFrame function| pmClickHandler function| pmReplayClicks function| pmTouchStartHandler function| pmTouchMoveHandler function| pmTouchEndHandler function| pmRenameDOMAttribute boolean| pmPersisted object| google_tag_manager object| google_tag_data string| cmp_imprinturl string| cmp_privacyurl string| cmp_logo boolean| cmp_custombutton2 string| cmp_custombutton2_name number| cmp_custombutton2_pos number| cmp_custombutton2_screen object| cmp_custombutton2_purposes number| cmp_pur_mode object| cmp_pur_purposes number| cmp_custombutton2_logic boolean| cmp_custombutton string| cmp_custombutton_name number| cmp_custombutton_pos number| cmp_custombutton_screen object| cmp_custombutton_purposes number| cmp_custombutton_logic number| cmp_custombutton_behavior boolean| cmp_disablegpp object| GlobalSnowplowNamespace function| plow

0 Cookies

2 Console Messages

Source Level URL
Text
other warning URL: https://data-ee807be806.derwesten.de/iomm/latest/bootstrap/loader.js
Message:
A preload for 'https://data-ee807be806.derwesten.de/iomm/latest/manager/base/es6/bundle.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript warning URL: https://www.derwesten.de/
Message:
The resource https://data-ee807be806.derwesten.de/iomm/latest/manager/base/es6/bundle.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anonym.data.funkedigital.de
data-ee807be806.derwesten.de
runforrest.derwesten.de
spark.cloud.funkedigital.de
www.derwesten.de
185.102.94.213
192.0.66.149
2a00:1450:4001:80e::2013
34.111.164.192
34.149.49.103
11920d76dba8f6025ee12b3b1bf13a0c033cd1a4893380280366a48635473e41
1d734afc1b15e0fd78e5dac9f39d975033468b91c72cbc065bdfeeda16950e0c
1df4316bdb3bb9a957c30f352e8824e9d2d896ac35de53b80d5035d1a286111a
24d9543a3f357a44bdd2a0ff530b9b6cb1e34494821f86c7c962ecb44d82e8fb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b7c6661d4208cb7bcfa366f322f64ad1873c100d81db2ba50be0b2dae6bb3ae
336e4326f37fea8b81a21b9c643c1866264d3d89a0bb462e3df2590e5668af9e
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
3d7b809185b525f8e3261879357deae30d964900d5ccacda47cf69094a459d8c
45f29c2a70206a91a8dc2ade7db7a374fd14b283e00c40e44fcf2e82320d4e36
47ea730c0d1c221e563585b077e9d6a26ff978e497dfa31551503d627f9fc26d
4c7431ff0a0c099a08b23bbe1d4a46591b62d645ab1be6f0018a92dfe678f4c3
4faffa80abd838474ed12f6e43dff5503327c05fa6165915d986a879ca96deeb
635ec2836f7baf5619c262c05cd48fa4e5790761a0c9e621b7cf0db77b27512d
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6a527d59c88c22047283ec7ff00d02adc2d6a62690f98b19cc8905ca19b65c3c
704535e4d21edf9be26df22091fb8c7d33b2a36d87f03a059f52d7d5a0e0148a
74b49e2997b3bd3f8c467af58e221ce411fabd6ab105e40a41db2140a3bad785
958de6f3994c5504d2935ef3aa8115078fa69df592c394a60fc09d0c4a9fe85a
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
9fb8d6ab69eb1c3cdd79b7117a69bbc92cab27ea6082ab1697ac2bf9d2174a3d
a7894d266bca9c1288d6b9daf94d407171e75c07a7d8920c7d47f2dbe91ed02e
b04ee03b062263e6a5ea013ad81ea58498a3e89e1bcecf6ca85e6f9ec1f89fb4
b062887a6e6ae46e94aa3a3b6110f1b9e4efc05b19cea873dd74541bd2341847
c26e3bcb95b4e65c884ca82b0ea0ceeee1126dd123eec93d0c239fd9992d7d5d
caefd521e6f1aaad3a881b19f168ede127662aa4b1457a1b317536810fe81238
dffe7697b90ba1240b2e95403ba009e4e07645c8af878d92c8473f4f1d87c526
e050d473f0c3a785a85c23ceda9475815bb8ac262059db0da57e859cc817e191
f28589113f1d960ae087c392928cb821de5625c36ce7c47647322ac16ae2c299
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
fb9fd9599bdb0def286b2653fcbf8b5956f06973789451adcd8818508c73733f