www.mr-window.de Open in urlscan Pro
31.47.253.149 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mr-window.de/
Submission Tags: @phishunt_io
Submission: On February 28 via api (February 28th 2023, 5:16:18 pm UTC) from DE — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 31.47.253.149, located in Germany and belongs to CLOUDPIT, DE. The main domain is www.mr-window.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 28th 2023. Valid for: a year.

This is the only time www.mr-window.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	31.47.253.149 31.47.253.149	45012 (CLOUDPIT) (CLOUDPIT)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:f449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
16	5

12 31.47.253.149 (Germany)

ASN45012 (CLOUDPIT, DE)
PTR: web246.dogado.net

www.mr-window.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mr-window.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f449 (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.sandbox.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mr-window.de www.mr-window.de api.mr-window.de	861 KB
3	paypal.com www.paypal.com — Cisco Umbrella Rank: 2411 www.sandbox.paypal.com — Cisco Umbrella Rank: 37976	106 KB
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 7845	354 B
16	3

	Domain	Requested by
10	www.mr-window.de	www.mr-window.de
2	www.sandbox.paypal.com	www.paypal.com
2	api.mr-window.de	www.mr-window.de
1	hello.myfonts.net	www.mr-window.de
1	www.paypal.com	www.mr-window.de
16	5

This site contains no links.

Subject Issuer	Validity	Valid
mr-window.de Sectigo RSA Domain Validation Secure Server CA	`2023-02-28` - `2024-03-06`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-09`	a year	crt.sh
api.mr-window.de Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-02-09`	a year	crt.sh
www.sandbox.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-01-19` - `2024-02-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.mr-window.de/
Frame ID: AA61DCD7FF34670D2F9AADFF573210D8
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mr. WindowarrowLeftarrowRight

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

966 kB
Transfer

1547 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.mr-window.de/ 1 KB
684 B 100ms
39ms Document
text/html 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mr-window.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: 78bf0d8c646f92a9cc6302449cfceea9f55f50e339343574fd2cff1dd9a574d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Tue, 28 Feb 2023 17:16:11 GMT
etag: W/"63fce1ad-459"
last-modified: Mon, 27 Feb 2023 17:00:29 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 js Show response
www.paypal.com/sdk/ 345 KB
104 KB 1340ms
1223ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?currency=EUR&client-id=ATLqJVa4_IxeHtip02vI4HzmYWG7Lea23NVASsYmu9kvxObSZHYi5V4ENsY9O2hsOGgft_qDS4flwTrr

Requested by

Host: www.mr-window.de
URL: https://www.mr-window.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C9E) /

Resource Hash

83e81cdc9191ce5f964faf589140ddc7935388bdbf76b787abfe6c7da6f41391

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ISvhqCjlDX8QDQnCrfiSKcxyJB+mSW8PSDx+pYlmv3nj5ZET' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ISvhqCjlDX8QDQnCrfiSKcxyJB+mSW8PSDx+pYlmv3nj5ZET' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mr-window.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ISvhqCjlDX8QDQnCrfiSKcxyJB+mSW8PSDx+pYlmv3nj5ZET' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ISvhqCjlDX8QDQnCrfiSKcxyJB+mSW8PSDx+pYlmv3nj5ZET' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 17:16:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: true
paypal-debug-id: 0701329105071
server-timing: traceparent;desc="00-00000000000000000000701329105071-e83bcd2e9d19eb7f-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 104851
x-xss-protection: 1; mode=block
server: ECAcc (frc/4C9E)
traceparent: 00-00000000000000000000701329105071-2eb047a0d2202958-01
etag: W/"19993-E4BQV09M8aX7lgdFzwkWevLgxFw"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
timing-allow-origin: *

GET
H2 200 index.e905097c.js Show response
www.mr-window.de/assets/ 416 KB
129 KB 68ms
67ms Script
application/javascript 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mr-window.de/assets/index.e905097c.js
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: bb49fbf5a843d4f98d909726efdcbb6c3303fbfbcf920f31c8603865da14aeb7

Request headers

Referer: https://www.mr-window.de/
Origin: https://www.mr-window.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:11 GMT
content-encoding: br
last-modified: Mon, 27 Feb 2023 17:00:42 GMT
server: nginx
etag: W/"63fce1ba-67f67"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.9674e329.css
www.mr-window.de/assets/ 51 KB
9 KB 41ms
40ms Stylesheet
text/css 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mr-window.de/assets/index.9674e329.css
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: 9674e329fb7cd0fade8a5205579d107b1247ed0372b477d8d93888042ebc942f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mr-window.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:11 GMT
content-encoding: br
last-modified: Mon, 27 Feb 2023 17:00:41 GMT
server: nginx
etag: W/"63fce1b9-cd32"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 4c891b
hello.myfonts.net/count/ 0
354 B 98ms
33ms Stylesheet
text/css 2606:4700::6811:f449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/4c891b
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/assets/index.9674e329.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mr-window.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7a0ace878bc29207-FRA
content-length: 0
expires: Wed, 28 Feb 2024 17:16:13 GMT

GET
H2 200 virtual_pwa-register.b25d5af1.js Show response
www.mr-window.de/assets/ 863 B
732 B 39ms
39ms Script
application/javascript 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mr-window.de/assets/virtual_pwa-register.b25d5af1.js
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/assets/index.e905097c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: c958ae8eefd9de8d0f23d262b4a96fe8fc07673ae2e47dfb60fd16f94538c17b

Request headers

Referer: https://www.mr-window.de/
Origin: https://www.mr-window.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 17:00:44 GMT
server: nginx
x-accel-version: 0.01
etag: "35f-5f5b16b7a7f7a-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 533

GET
DATA 200
OK truncated
/ 405 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d2192518c7ded371610a68309f7a723194b5bc03985db2ddf9cfd2b7d74d381

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 font.a490bef6.woff2
www.mr-window.de/assets/ 156 KB
157 KB 70ms
69ms Font
font/woff2 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mr-window.de/assets/font.a490bef6.woff2
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/assets/index.9674e329.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: a490bef6ac677ba2c53f300afa0f0fe257448fd728e0c1ab26ed6c0323b726fe

Request headers

Referer: https://www.mr-window.de/assets/index.9674e329.css
Origin: https://www.mr-window.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
last-modified: Mon, 27 Feb 2023 17:00:36 GMT
server: nginx
accept-ranges: bytes
etag: "63fce1b4-270fc"
content-length: 159996
content-type: font/woff2

GET
H2 200 font.b365fbf2.woff2
www.mr-window.de/assets/ 162 KB
162 KB 41ms
41ms Font
font/woff2 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mr-window.de/assets/font.b365fbf2.woff2
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/assets/index.9674e329.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: b365fbf2465574b51cf01a822566986be85d4afee4bf3fa5ffff02ae2dd6ddb5

Request headers

Referer: https://www.mr-window.de/assets/index.9674e329.css
Origin: https://www.mr-window.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
last-modified: Mon, 27 Feb 2023 17:00:37 GMT
server: nginx
accept-ranges: bytes
etag: "63fce1b5-2882c"
content-length: 165932
content-type: font/woff2

GET
H2 200 logo.67ef61d2.svg
www.mr-window.de/assets/ 6 KB
2 KB 62ms
60ms Image
image/svg+xml 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mr-window.de/assets/logo.67ef61d2.svg
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: 67ef61d292a29d3577743efeb16d9a48f43732a686c8bcf6b39e4050aec1552b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mr-window.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 17:00:42 GMT
server: nginx
etag: W/"63fce1ba-1887"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 dummy-home.9889cbce.jpg
www.mr-window.de/assets/ 279 KB
279 KB 62ms
60ms Image
image/jpeg 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mr-window.de/assets/dummy-home.9889cbce.jpg
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: 9889cbce69ec6f134241eb5bb9e5a2f3c9c2aee89b1d1627d3b9251419a3be64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mr-window.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
last-modified: Mon, 27 Feb 2023 17:00:31 GMT
server: nginx
accept-ranges: bytes
etag: "63fce1af-45b2f"
content-length: 285487
content-type: image/jpeg

GET
H2 200 Mr_Window_mockup_home.73361b61.jpg
www.mr-window.de/assets/ 116 KB
116 KB 61ms
60ms Image
image/jpeg 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mr-window.de/assets/Mr_Window_mockup_home.73361b61.jpg
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: 73361b614394e6c896e593fbd5b1faeaad7429af05992fbdd011960b5b7f608e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mr-window.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
last-modified: Mon, 27 Feb 2023 17:00:43 GMT
server: nginx
accept-ranges: bytes
etag: "63fce1bb-1cec0"
content-length: 118464
content-type: image/jpeg

POST
H2 200 graphql Show response
api.mr-window.de/ 7 KB
3 KB 137ms
137ms Fetch
application/json 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mr-window.de/graphql
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/assets/index.e905097c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: 2d3c573b0a9461d6f3c849166e4f81afaf0d1cdbc262cbc02648a7d4be2df80a

Request headers

accept: */*
Referer: https://www.mr-window.de/
accept-language: de-DE,de;q=0.9
authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Authorization
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
link: <https://api.mr-window.de/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"

OPTIONS
H2 200 graphql
api.mr-window.de/ 0
0 161ms
62ms Preflight
text/html 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mr-window.de/graphql
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.mr-window.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type, authorization
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Feb 2023 17:16:13 GMT
server: nginx
vary: Origin

GET
H2 200 workbox-window.prod.es5.6954f450.js Show response
www.mr-window.de/assets/ 5 KB
2 KB 51ms
50ms Script
application/javascript 31.47.253.149
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mr-window.de/assets/workbox-window.prod.es5.6954f450.js
Requested by: Host: www.mr-window.de
URL: https://www.mr-window.de/assets/virtual_pwa-register.b25d5af1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.47.253.149 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: web246.dogado.net
Software: nginx /
Resource Hash: 6096e19f18d38c3990d7e91db124fc86df62977cf035162e681039ec356bf2c3

Request headers

Referer: https://www.mr-window.de/
Origin: https://www.mr-window.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:13 GMT
content-encoding: br
last-modified: Mon, 27 Feb 2023 17:00:45 GMT
server: nginx
etag: W/"63fce1bd-14bf"
vary: Accept-Encoding
content-type: application/javascript

POST
H2 200 logger Show response
www.sandbox.paypal.com/xoplatform/logger/api/ 1010 B
2 KB 253ms
252ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandbox.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=EUR&client-id=ATLqJVa4_IxeHtip02vI4HzmYWG7Lea23NVASsYmu9kvxObSZHYi5V4ENsY9O2hsOGgft_qDS4flwTrr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

50c57867a21a60705807cc42db011e78f4a053ed9958a8acf3c139bddf51a12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.mr-window.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Tue, 28 Feb 2023 17:16:14 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f291137630cf2
server-timing: content-encoding;desc=br
x-served-by: cache-fra-eddf8230085-FRA, cache-hhn-etou8220033-HHN
accept-ch: Sec-CH-UA-Full
x-timer: S1677604574.999585,VS0,VE229
etag: W/W/"3f2-B+rPvN2JjIxgtIGMZQQu6zPogiE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mr-window.de
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.sandbox.paypal.com/xoplatform/logger/api/ 0
0 339ms
173ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandbox.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mr-window.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: none
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.mr-window.de
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
date: Tue, 28 Feb 2023 17:16:13 GMT
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f291137080618
server-timing: content-encoding;desc=br
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: accept-encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230130-FRA, cache-hhn-etou8220033-HHN
x-timer: S1677604574.819407,VS0,VE150

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 10:04:23	Name: tsrce Value: clientsdknodeweb
.paypal.com/	1970-01-20 10:00:06	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 19:36:04	Name: ts Value: vreXpYrS%3D1772298971%26vteXpYrS%3D1677606371%26vr%3D990649201860ad009ffc1240ff233acb%26vt%3D990649201860ad009ffc1240ff233aca%26vtyp%3Dnew
.paypal.com/	1970-01-20 19:36:04	Name: ts_c Value: vr%3D990649201860ad009ffc1240ff233acb%26vt%3D990649201860ad009ffc1240ff233aca
.myfonts.net/	1970-01-20 10:00:06	Name: __cf_bm Value: RVBPZG_HVVUxln7Ao18LPXuEs38d_tZSlPPM_1zcph0-1677604573-0-AZmS7LwvzEmySJOGH8e1mCaIDwXRsKHrh5oGuCgawxtBvTMX2JALOxfF7/nKjJMYRbb8qgxUm2FoF7+ADbSNPw8=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mr-window.de
hello.myfonts.net
www.mr-window.de
www.paypal.com
www.sandbox.paypal.com
151.101.65.21
192.229.221.25
2606:4700::6811:f449
31.47.253.149
1d2192518c7ded371610a68309f7a723194b5bc03985db2ddf9cfd2b7d74d381
2d3c573b0a9461d6f3c849166e4f81afaf0d1cdbc262cbc02648a7d4be2df80a
50c57867a21a60705807cc42db011e78f4a053ed9958a8acf3c139bddf51a12d
6096e19f18d38c3990d7e91db124fc86df62977cf035162e681039ec356bf2c3
67ef61d292a29d3577743efeb16d9a48f43732a686c8bcf6b39e4050aec1552b
73361b614394e6c896e593fbd5b1faeaad7429af05992fbdd011960b5b7f608e
78bf0d8c646f92a9cc6302449cfceea9f55f50e339343574fd2cff1dd9a574d2
83e81cdc9191ce5f964faf589140ddc7935388bdbf76b787abfe6c7da6f41391
9674e329fb7cd0fade8a5205579d107b1247ed0372b477d8d93888042ebc942f
9889cbce69ec6f134241eb5bb9e5a2f3c9c2aee89b1d1627d3b9251419a3be64
a490bef6ac677ba2c53f300afa0f0fe257448fd728e0c1ab26ed6c0323b726fe
b365fbf2465574b51cf01a822566986be85d4afee4bf3fa5ffff02ae2dd6ddb5
bb49fbf5a843d4f98d909726efdcbb6c3303fbfbcf920f31c8603865da14aeb7
c958ae8eefd9de8d0f23d262b4a96fe8fc07673ae2e47dfb60fd16f94538c17b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.mr-window.de Open in urlscan Pro 31.47.253.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

25 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

966 kBTransfer

1547 kBSize

5 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

5 Cookies

Indicators

www.mr-window.de Open in urlscan Pro
31.47.253.149 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

966 kB
Transfer

1547 kB
Size

5
Cookies

16 HTTP transactions
1 data transactions