hrw-online.de Open in urlscan Pro
212.46.103.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eml.gewinnspiele.de/helloclick/186581/185948/09EA30340B63B66094D6C33684C0DF2EC815703A27D3032CAFA60BBE261D7AF6/70/
Effective URL:
https://hrw-online.de/ora-hellomail/form.html
Submission: On October 27 via manual (October 27th 2024, 10:29:12 am UTC) from NL — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 212.46.103.202, located in Germany and belongs to NCORE-AS HKN GmbH, DE. The main domain is hrw-online.de.
TLS certificate: Issued by R11 on September 28th 2024. Valid for: 3 months.

This is the only time hrw-online.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a02:2800::22... 2a02:2800::226:131	15388 (OMC-AS Ha...) (OMC-AS Hamburg)
13	212.46.103.202 212.46.103.202	12676 (NCORE-AS ...) (NCORE-AS HKN GmbH)
3	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	212.46.102.106 212.46.102.106	12676 (NCORE-AS ...) (NCORE-AS HKN GmbH)
19	4

2 2a02:2800::226:131 (Germany) 2 redirects

ASN15388 (OMC-AS Hamburg, Wendenstrasse 408, DE)

eml.gewinnspiele.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 212.46.103.202 (Germany)

ASN12676 (NCORE-AS HKN GmbH, DE)
PTR: c10394.hkn.net

hrw-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.46.102.106 (Germany)

ASN12676 (NCORE-AS HKN GmbH, DE)
PTR: c10392.hkn.net

matomo.geovis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	hrw-online.de hrw-online.de	574 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	83 KB
2	geovis.com matomo.geovis.com	21 KB
2	gewinnspiele.de 2 redirects eml.gewinnspiele.de	743 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	31 KB
19	5

	Domain	Requested by
13	hrw-online.de	hrw-online.de
3	cdn.jsdelivr.net	hrw-online.de
2	matomo.geovis.com	hrw-online.de matomo.geovis.com
2	eml.gewinnspiele.de	2 redirects
1	code.jquery.com	hrw-online.de
19	5

This site contains no links.

Subject Issuer	Validity	Valid
hrw-online.de R11	`2024-09-28` - `2024-12-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
matomo.geovis.com R11	`2024-09-29` - `2024-12-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hrw-online.de/ora-hellomail/form.html
Frame ID: D75B8AC06781ABADC499AA36E299185D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Humboldt ReiseWelt - Einladung

Page URL History Show full URLs

https://eml.gewinnspiele.de/helloclick/186581/185948/09EA30340B63B66094D6C33684C0DF2EC815703A27D3032CAFA... HTTP 301
https://eml.gewinnspiele.de/helloclick/186581/185948/09EA30340B63B66094D6C33684C0DF2EC815703A27D3032CAFA... HTTP 307
https://hrw-online.de/ora-hellomail/form.html Page URL

Detected technologies

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

709 kB
Transfer

1225 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eml.gewinnspiele.de/helloclick/186581/185948/09EA30340B63B66094D6C33684C0DF2EC815703A27D3032CAFA60BBE261D7AF6/70/ HTTP 301
https://eml.gewinnspiele.de/helloclick/186581/185948/09EA30340B63B66094D6C33684C0DF2EC815703A27D3032CAFA60BBE261D7AF6/70 HTTP 307
https://hrw-online.de/ora-hellomail/form.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request form.html Show response
hrw-online.de/ora-hellomail/
Redirect Chain

https://eml.gewinnspiele.de/helloclick/186581/185948/09EA30340B63B66094D6C33684C0DF2EC815703A27D3032CAFA60BBE261D7AF6/70/
https://eml.gewinnspiele.de/helloclick/186581/185948/09EA30340B63B66094D6C33684C0DF2EC815703A27D3032CAFA60BBE261D7AF6/70
https://hrw-online.de/ora-hellomail/form.html

13 KB
4 KB

117ms
36ms

Document
text/html

212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: fd692666e95e7b6f99882c431fcc7409cf0fbd1f24e039ae4203eed0cdeb4e46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Sun, 27 Oct 2024 10:29:06 GMT
ETag: W/"6715e932-3548"
Last-Modified: Mon, 21 Oct 2024 05:40:02 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PleskLin

Redirect headers

Cache-control: no-store, max-age=0, no-cache
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 27 Oct 2024 10:29:06 GMT
Keep-Alive: timeout=3, max=29
Location: https://hrw-online.de/ora-hellomail/form.html
Server: OMCnet Webserver
X-Forwarded-For: (null)
X-Remote-Addr: 2001:1b60:1010:2:1011:f185:5c38:c49a

GET
H/1.1 200
OK fonts.css
hrw-online.de/ora-hellomail/roboto/ 6 KB
708 B 37ms
35ms Stylesheet
text/css 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/roboto/fonts.css
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: 88c131c624078ece41a81c35979d08a0d8b05e305b421866a37b292dc8bf93f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"670458a1-169e"
Connection: keep-alive
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: text/css
Last-Modified: Mon, 07 Oct 2024 21:54:41 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H2 200 uikit.min.css
cdn.jsdelivr.net/npm/uikit@3.5.9/dist/css/ 264 KB
26 KB 75ms
23ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uikit@3.5.9/dist/css/uikit.min.css

Requested by

Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c670f15dbe05be734450b9cce1a36d2d5ae7e5eb59892070730dfedb9f51536f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"421e8-BUWbVqc2dyL7ZqHdNBaCVUoQDGQ"
age: 351534
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 27 Oct 2024 10:29:07 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220116-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26244
x-jsd-version: 3.5.9

GET
H/1.1 200
OK style.css
hrw-online.de/ora-hellomail/ 13 KB
3 KB 70ms
33ms Stylesheet
text/css 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/style.css
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: 845cd360d4c20b31bfa60d6d89e828f19373d414b8c9453876bdab32c4b2c2a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"670458a0-35ed"
Connection: keep-alive
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: text/css
Last-Modified: Mon, 07 Oct 2024 21:54:40 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK gdpr-cookie.css
hrw-online.de/ora-hellomail/js-gdpr/ 1 KB
764 B 81ms
32ms Stylesheet
text/css 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/js-gdpr/gdpr-cookie.css
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: 19124ef092cd5dcf1280f56c718b14462d17386a74fcfed76aa3e48df9c17523

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"670458a1-5c5"
Connection: keep-alive
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: text/css
Last-Modified: Mon, 07 Oct 2024 21:54:41 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK logo.png
hrw-online.de/ora-hellomail/ 24 KB
25 KB 114ms
62ms Image
image/png 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrw-online.de/ora-hellomail/logo.png
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: 8227669bd8853e2cc3c1ceba974adbaf305f7dd179173d2f03606ab193e74422

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

ETag: "670458a0-61b6"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25014
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: image/png
Last-Modified: Mon, 07 Oct 2024 21:54:40 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK formbild.jpg
hrw-online.de/ora-hellomail/ 486 KB
486 KB 113ms
59ms Image
image/jpeg 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hrw-online.de/ora-hellomail/formbild.jpg
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: c930f58c122673d38265f0b67b35b8864c4956ec9a6e0e60583e900c9168d22e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

ETag: "6704589f-79877"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 497783
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 07 Oct 2024 21:54:39 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 83ms
21ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://hrw-online.de
Referer: https://hrw-online.de/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 3976404
x-cache: HIT, HIT
date: Sun, 27 Oct 2024 10:29:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 8, 1200885
x-served-by: cache-lga21931-LGA, cache-fra-etou8220094-FRA
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1730024947.143206,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H/1.1 200
OK startup.js Show response
hrw-online.de/ora-hellomail/ 6 KB
2 KB 40ms
38ms Script
text/javascript 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/startup.js
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: d6d8c08a86b00f1181fd25358ce9c2eb4cb777a2a1d75e8faf31e9a7533987af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"670458a0-16e6"
Connection: keep-alive
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: text/javascript
Last-Modified: Mon, 07 Oct 2024 21:54:40 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H2 200 uikit.min.js Show response
cdn.jsdelivr.net/npm/uikit@3.5.9/dist/js/ 128 KB
39 KB 23ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uikit@3.5.9/dist/js/uikit.min.js

Requested by

Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"201b2-DDuvqLG/S+qo6cMZrV8u5Z83++8"
age: 421043
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 27 Oct 2024 10:29:07 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220116-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39885
x-jsd-version: 3.5.9

GET
H2 200 uikit-icons.min.js Show response
cdn.jsdelivr.net/npm/uikit@3.5.9/dist/js/ 63 KB
18 KB 29ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uikit@3.5.9/dist/js/uikit-icons.min.js

Requested by

Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"fa1c-gX8UQz34CvHUR4OXyugn6tB3enY"
age: 1038628
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 27 Oct 2024 10:29:07 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220116-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18390
x-jsd-version: 3.5.9

GET
H/1.1 200
OK gdpr-cookie.js Show response
hrw-online.de/ora-hellomail/js-gdpr/ 18 KB
4 KB 39ms
38ms Script
text/javascript 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/js-gdpr/gdpr-cookie.js
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: 801e631a1d711b63f88e8070763519103eb82c417dc2c6da690ac8322b737809

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"670458a1-490b"
Connection: keep-alive
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: text/javascript
Last-Modified: Mon, 07 Oct 2024 21:54:41 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK gdpr-init.js Show response
hrw-online.de/ora-hellomail/js-gdpr/ 3 KB
1 KB 39ms
39ms Script
text/javascript 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/js-gdpr/gdpr-init.js
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: 2cfb9a19b8d6db911120f8f5c4f8878abc535115fd89b2e2e9f82954cb305a3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"670458a1-a89"
Connection: keep-alive
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: text/javascript
Last-Modified: Mon, 07 Oct 2024 21:54:41 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK matomo.js Show response
matomo.geovis.com/matomo/ 65 KB
21 KB 151ms
68ms Script
text/javascript 212.46.102.106
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.geovis.com/matomo/matomo.js
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/form.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.102.106 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10392.hkn.net
Software: nginx / PleskLin
Resource Hash: b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
ETag: W/"6627c9bb-1042f"
Connection: keep-alive
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: text/javascript
Last-Modified: Tue, 23 Apr 2024 14:46:19 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK roboto-v29-latin-regular.woff2
hrw-online.de/ora-hellomail/roboto/fonts/ 15 KB
16 KB 58ms
36ms Font
font/woff2 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/roboto/fonts/roboto-v29-latin-regular.woff2
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/roboto/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://hrw-online.de
Referer: https://hrw-online.de/ora-hellomail/roboto/fonts.css

Response headers

ETag: "670458a3-3d48"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15688
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: font/woff2
Last-Modified: Mon, 07 Oct 2024 21:54:43 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK roboto-v29-latin-300.woff2
hrw-online.de/ora-hellomail/roboto/fonts/ 15 KB
16 KB 87ms
62ms Font
font/woff2 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/roboto/fonts/roboto-v29-latin-300.woff2
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/roboto/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: 33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://hrw-online.de
Referer: https://hrw-online.de/ora-hellomail/roboto/fonts.css

Response headers

ETag: "670458a2-3d74"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15732
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: font/woff2
Last-Modified: Mon, 07 Oct 2024 21:54:42 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK roboto-v29-latin-500.woff2
hrw-online.de/ora-hellomail/roboto/fonts/ 16 KB
16 KB 84ms
58ms Font
font/woff2 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/ora-hellomail/roboto/fonts/roboto-v29-latin-500.woff2
Requested by: Host: hrw-online.de
URL: https://hrw-online.de/ora-hellomail/roboto/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx / PleskLin
Resource Hash: bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://hrw-online.de
Referer: https://hrw-online.de/ora-hellomail/roboto/fonts.css

Response headers

ETag: "670458a2-3e30"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15920
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: font/woff2
Last-Modified: Mon, 07 Oct 2024 21:54:42 GMT
Server: nginx
X-Powered-By: PleskLin

POST
H/1.1 204
No Response matomo.php
matomo.geovis.com/matomo/ 0
246 B 191ms
190ms Ping
text/plain 212.46.102.106
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.geovis.com/matomo/matomo.php?action_name=Humboldt%20ReiseWelt%20-%20Einladung&idsite=3&rec=1&r=345417&h=11&m=29&s=7&url=https%3A%2F%2Fhrw-online.de%2Fora-hellomail%2Fform.html&_id=&_idn=1&send_image=0&_refts=0&pv_id=mCxcOk&pf_net=81&pf_srv=35&pf_tfr=2&pf_dm1=211&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: matomo.geovis.com
URL: https://matomo.geovis.com/matomo/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.102.106 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10392.hkn.net
Software: nginx / PHP/8.2.24, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://hrw-online.de/

Response headers

Access-Control-Allow-Origin: https://hrw-online.de
Date: Sun, 27 Oct 2024 10:29:07 GMT
X-Powered-By: PHP/8.2.24, PleskLin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 404
Not Found favicon.ico
hrw-online.de/ 135 B
273 B 38ms
38ms Other
text/html 212.46.103.202
NCORE-AS HKN GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://hrw-online.de/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.46.103.202 , Germany, ASN12676 (NCORE-AS HKN GmbH, DE),
Reverse DNS: c10394.hkn.net
Software: nginx /
Resource Hash: 7992b20b94f8c41695a85b2a34cc17f4a49b5eea619e167f1d542347778e856f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hrw-online.de/ora-hellomail/form.html

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
Date: Sun, 27 Oct 2024 10:29:07 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hrw-online.de/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
eml.gewinnspiele.de
hrw-online.de
matomo.geovis.com
212.46.102.106
212.46.103.202
2a02:2800::226:131
2a04:4e42:400::649
2a04:4e42::485
19124ef092cd5dcf1280f56c718b14462d17386a74fcfed76aa3e48df9c17523
2cfb9a19b8d6db911120f8f5c4f8878abc535115fd89b2e2e9f82954cb305a3e
30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c
7992b20b94f8c41695a85b2a34cc17f4a49b5eea619e167f1d542347778e856f
801e631a1d711b63f88e8070763519103eb82c417dc2c6da690ac8322b737809
8227669bd8853e2cc3c1ceba974adbaf305f7dd179173d2f03606ab193e74422
845cd360d4c20b31bfa60d6d89e828f19373d414b8c9453876bdab32c4b2c2a3
88c131c624078ece41a81c35979d08a0d8b05e305b421866a37b292dc8bf93f7
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c670f15dbe05be734450b9cce1a36d2d5ae7e5eb59892070730dfedb9f51536f
c930f58c122673d38265f0b67b35b8864c4956ec9a6e0e60583e900c9168d22e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d6d8c08a86b00f1181fd25358ce9c2eb4cb777a2a1d75e8faf31e9a7533987af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd692666e95e7b6f99882c431fcc7409cf0fbd1f24e039ae4203eed0cdeb4e46
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

hrw-online.de Open in urlscan Pro 212.46.103.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

709 kBTransfer

1225 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

hrw-online.de Open in urlscan Pro
212.46.103.202 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

709 kB
Transfer

1225 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions