www.wn.de Open in urlscan Pro
91.216.108.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-v...
Submission: On March 23 via manual (March 23rd 2021, 12:48:36 pm UTC) from DE

Summary HTTP 40 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 40 HTTP transactions. The main IP is 91.216.108.5, located in Germany and belongs to ASCHENDORFF DE, NRW, Muenster, DE. The main domain is www.wn.de.
TLS certificate: Issued by R3 on March 2nd 2021. Valid for: 3 months.

This is the only time www.wn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	91.216.108.5 91.216.108.5	39077 (ASCHENDOR...) (ASCHENDORFF DE)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100::687e:2498	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
40	13

23 91.216.108.5 (Germany)

ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE)
PTR: www.wn.de

www.wn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::687e:2498 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.stroeerdigitalgroup.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	wn.de www.wn.de	367 KB
4	google-analytics.com www.google-analytics.com	54 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	16 KB
2	google.de www.google.de	590 B
2	google.com www.google.com	249 B
2	doubleclick.net stats.g.doubleclick.net	504 B
2	gstatic.com fonts.gstatic.com	46 KB
1	stroeerdigitalgroup.de cdn.stroeerdigitalgroup.de	63 KB
1	googletagmanager.com www.googletagmanager.com	68 KB
1	googleapis.com fonts.googleapis.com	500 B
40	10

	Domain	Requested by
23	www.wn.de	www.wn.de
4	www.google-analytics.com	www.googletagmanager.com www.wn.de www.google-analytics.com
2	www.google.de	www.wn.de
2	www.google.com	www.wn.de
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	de.ioam.de	1 redirects www.wn.de
1	cdn.stroeerdigitalgroup.de	www.googletagmanager.com
1	www.googletagmanager.com	www.wn.de
1	fonts.googleapis.com	www.wn.de
1	script.ioam.de	www.wn.de
40	11

This site contains links to these domains. Also see Links.

Domain
www.karriere.ms
www.immomarkt.ms
www.trauer.ms
www.flohmarkt.ms
www.azubi.ms
www.gruss.ms
www.kfzmarkt.ms
abo.wn.de
meine.wn.de
sonderthemen.wn.de
login.wn.de
www.zeitungsgruppe-muenster.de
www.senioren-sind-auf-zack.de
www.polizei-beratung.de
www.facebook.com
twitter.com
aschendorff-medien.de
www.instagram.com
www.youtube.com
www.stroeer.de
onelink.to
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
*.wn.de R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
cdn.stroeerdigitalgroup.de DigiCert Secure Site ECC CA-1	`2020-02-13` - `2021-04-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Frame ID: C2C4B84B18FFF9051A2A3A4A9C210ECE
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

40
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

11
Subdomains

13
IPs

2
Countries

615 kB
Transfer

1534 kB
Size

7
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.karriere.ms/?utm_source=WN.de&utm_medium=Meta-Textlink&utm_campaign=Meta-Navi-Wn
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.immomarkt.ms/?utm_source=WN.de&utm_medium=Meta-Textlink&utm_campaign=Meta-Navi-Wn
Title: immomarkt.ms

Search URL Search Domain Scan URL

URL: http://www.trauer.ms/?utm_source=WN&utm_medium=Header%20wn.de&utm_campaign=Header%20wn.de
Title: trauer.ms

Search URL Search Domain Scan URL

URL: https://www.flohmarkt.ms/?utm_source=WN.de&utm_medium=Meta-Textlink&utm_campaign=Meta-Navi-Wn
Title: flohmarkt.ms

Search URL Search Domain Scan URL

URL: https://www.azubi.ms/?utm_source=WN&utm_medium=Metanavi&utm_campaign=Metanavi%20WN%20
Title: azubi.ms

Search URL Search Domain Scan URL

URL: https://www.gruss.ms/?utm_source=WN%20&utm_medium=Metanavi&utm_campaign=Metanavi%20WN
Title: gruss.ms

Search URL Search Domain Scan URL

URL: https://www.kfzmarkt.ms/?utm_source=WN.de&utm_medium=Meta-Textlink&utm_campaign=Meta-Navi-Wn
Title: kfzmarkt.ms

Search URL Search Domain Scan URL

URL: https://abo.wn.de/abo-bestellung/zeitungsangebote.html?wmh_source=Website&wmh_medium=Metanavi&wmh_campaign=Zeitungsangebote
Title: Zeitungsangebote

Search URL Search Domain Scan URL

URL: https://abo.wn.de/abo-bestellung/digitale-angebote.html?wmh_source=Website&wmh_medium=Metanavi&wmh_campaign=DigitaleAngebote
Title: Digitale Angebote

Search URL Search Domain Scan URL

URL: https://abo.wn.de/abo-bestellung/angebote-mit-tablet.html?wmh_source=Website&wmh_medium=Metanavi&wmh_campaign=Tabletangebote
Title: Tabletangebote

Search URL Search Domain Scan URL

URL: https://abo.wn.de/abo-bestellung/Angebot-des-Monats.html?wmh_source=Website&wmh_medium=Metanavi&wmh_campaign=Aktionsangebote
Title: Aktionsangebote

Search URL Search Domain Scan URL

URL: https://meine.wn.de/
Title: Abo-Service

Search URL Search Domain Scan URL

URL: http://sonderthemen.wn.de/
Title: Sonderthemen

Search URL Search Domain Scan URL

URL: https://login.wn.de/wn/login?red=1&redurl=https%3A%2F%2Fwww.wn.de%2FMuensterland%2F4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Title: Login

Search URL Search Domain Scan URL

URL: https://login.wn.de/wn
Title: Account verwalten

Search URL Search Domain Scan URL

URL: https://login.wn.de/wn/login?em_action=logout&red=1&redurl=https%3A%2F%2Fwww.wn.de%2FMuensterland%2F4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Title: Logout

Search URL Search Domain Scan URL

URL: http://www.zeitungsgruppe-muenster.de/
Title:

Search URL Search Domain Scan URL

URL: http://www.senioren-sind-auf-zack.de/
Title: www.senioren-sind-auf-zack.de

Search URL Search Domain Scan URL

URL: http://www.polizei-beratung.de/
Title: www.polizei-beratung.de

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS%3Futm_source=Facebook%26utm_medium=Shared%2dLink
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Fake-Nachricht%20mit%20Schadsoftware:%20%22Ihr%20Paket%20wurde%20verschickt%22%3A%20Polizei%20warnt%20vor%20Betrugs-SMS&via=WN_Redaktion&url=https%3A%2F%2Fwww.wn.de%2FMuensterland%2F4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS%3Futm_source%3DTwitter%26utm_medium%3DShared%252dLink
Title:

Search URL Search Domain Scan URL

URL: https://aschendorff-medien.de/moeglichkeiten/downloads
Title: Mediadaten

Search URL Search Domain Scan URL

URL: http://www.facebook.com/wnonline
Title: WN bei Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wnonline/?utm_source=WN&utm_medium=Footer%20Link
Title: WN bei Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/wn_redaktion
Title: WN bei Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wntvchannel
Title: WN bei YouTube

Search URL Search Domain Scan URL

URL: https://www.stroeer.de/digitale-werbung/werbemedien/targeting-data/datenschutz.html
Title: Nutzungsbasierte Online-Werbung

Search URL Search Domain Scan URL

URL: http://onelink.to/v9knjw

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=de.msh.android.as

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/wn-epaper/id550451242?ls=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://de.ioam.de/tx.io?mg=yes&st=westnach&cp=nachrichten_muensterland&oc=nachrichten_muensterland&sv=ke&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.wn.de&xy=1600x1200x24&lo=BE%2FBrussels%20Hoofdstedelijk%20Gewest&cb=000f&i2=000f696ad6fd805f56059e390&ep=1640635059&vr=423&id=qn28vx&i3=000f696ad6fd805f56059e390%3A1645274896648%3A1616503696648%3A.wn.de%3A1%3Awestnach%3Anachrichten_muensterland%3Anoevent%3A1616503696648&n1=1&dntt=0&lt=1616503696649&ev=&cs=lzo2kb&mo=1 HTTP 302
https://de.ioam.de/tx.io?mg=yes&st=westnach&cp=nachrichten_muensterland&oc=nachrichten_muensterland&sv=ke&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.wn.de&xy=1600x1200x24&lo=BE%2FBrussels%20Hoofdstedelijk%20Gewest&cb=000f&i2=000f696ad6fd805f56059e390&ep=1640635059&vr=423&id=qn28vx&i3=000f696ad6fd805f56059e390%3A1645274896648%3A1616503696648%3A.wn.de%3A1%3Awestnach%3Anachrichten_muensterland%3Anoevent%3A1616503696648&n1=1&dntt=0&lt=1616503696649&ev=&cs=lzo2kb&mo=1&sr=71

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS Show response
www.wn.de/Muensterland/ 200 KB
34 KB 234ms
135ms Document
text/html 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: a5b3a4b73b8247bad50fe4e477b258a1039a87e2fd6ba6a211d08708ceaa61cf

Request headers

Host: www.wn.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: creid=1695026979979385346; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.www.wn.de; path=/; httpOnly; SameSite=Lax
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Last-Modified: Tue, 23 Mar 2021 12:48:16 GMT
Content-language: de-DE
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Expires: Tue, 23 Mar 2021 12:50:16 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, no-store

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 48 KB
14 KB 94ms
41ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.13 000f
Resource Hash: 4e124c006c4c117d2ed288d94e43929c6122e3944b124464a7295be5bcf8bb75

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Mar 2021 12:48:16 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 000f
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Tue, 23 Mar 2021 14:48:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
500 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400i

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3233cf8492b92a61a68bb7531498a0157010df7b1db56f14db29eaf24c1d891b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 11:22:28 GMT
server: ESF
date: Tue, 23 Mar 2021 12:48:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 12:48:16 GMT

GET
H/1.1 200
OK fd096af49504f05f94075d28182086f4_161536658517051fe2c7a0f5eeba17959d64013061.css
www.wn.de/var/cache/public/stylesheets/ 61 KB
11 KB 96ms
36ms Stylesheet
text/css 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/var/cache/public/stylesheets/fd096af49504f05f94075d28182086f4_161536658517051fe2c7a0f5eeba17959d64013061.css
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 76edd61358a3d49d20781ac07aed5e26d6145d6d37fd8b9126538758ded91466

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 09:11:48 GMT
location
X-Varnish-beresp-ttl: 43200.000
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10568

GET
H/1.1 200
OK cc935b874b7253a7f20196eebfdae69d_1615366845d41d8cd98f00b204e9800998ecf8427e.js Show response
www.wn.de/var/cache/public/javascript/ 179 KB
57 KB 95ms
34ms Script
text/javascript 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/var/cache/public/javascript/cc935b874b7253a7f20196eebfdae69d_1615366845d41d8cd98f00b204e9800998ecf8427e.js
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 92f030364c7b80c00f05c1c4b831c862d95f5f03735a79e2d7304301f0c6ec94

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 09:11:49 GMT
location
X-Varnish-beresp-ttl: 43200.000
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58179

GET
H/1.1 200
OK feature.js Show response
www.wn.de/cre-1.0/tracking/ 5 KB
2 KB 93ms
31ms Script
application/javascript 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/cre-1.0/tracking/feature.js
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: de5c53db753b84425164c8ce67a855353ff51c85412209d5be3d01a867f874b3

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Connection: close
Content-Type: application/javascript

GET
H/1.1 200
OK templateclient.js Show response
www.wn.de/cre-1.0/api/tracking/service/wn/ 4 KB
2 KB 93ms
32ms Script
application/javascript 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/cre-1.0/api/tracking/service/wn/templateclient.js
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 886b054134441f948788863a98b7fcd0643b218f7fff9924fdf56fc37942b2d1

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Connection: close
Content-Type: application/javascript

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?mg=yes&st=westnach&cp=nachrichten_muensterland&oc=nachrichten_muensterland&sv=ke&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.wn.de&xy=1600x1200x24&lo=BE%2FBruss...
https://de.ioam.de/tx.io?mg=yes&st=westnach&cp=nachrichten_muensterland&oc=nachrichten_muensterland&sv=ke&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.wn.de&xy=1600x1200x24&lo=BE%2FBruss...

0
717 B

30ms
29ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?mg=yes&st=westnach&cp=nachrichten_muensterland&oc=nachrichten_muensterland&sv=ke&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.wn.de&xy=1600x1200x24&lo=BE%2FBrussels%20Hoofdstedelijk%20Gewest&cb=000f&i2=000f696ad6fd805f56059e390&ep=1640635059&vr=423&id=qn28vx&i3=000f696ad6fd805f56059e390%3A1645274896648%3A1616503696648%3A.wn.de%3A1%3Awestnach%3Anachrichten_muensterland%3Anoevent%3A1616503696648&n1=1&dntt=0&lt=1616503696649&ev=&cs=lzo2kb&mo=1&sr=71
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 0039
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 0039
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 0039
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Tue, 23 Mar 2021 12:48:16 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?mg=yes&st=westnach&cp=nachrichten_muensterland&oc=nachrichten_muensterland&sv=ke&sc=yes&ct=0000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.wn.de&xy=1600x1200x24&lo=BE%2FBrussels%20Hoofdstedelijk%20Gewest&cb=000f&i2=000f696ad6fd805f56059e390&ep=1640635059&vr=423&id=qn28vx&i3=000f696ad6fd805f56059e390%3A1645274896648%3A1616503696648%3A.wn.de%3A1%3Awestnach%3Anachrichten_muensterland%3Anoevent%3A1616503696648&n1=1&dntt=0&lt=1616503696649&ev=&cs=lzo2kb&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Mon, 23 Mar 2020 12:48:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
68 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQTTLXS&gtm_auth=_lraC9mCsaxnimzlY4JTbQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cb6e1967c63170e1753b30c370852b0b1cefe172fa89596ddeca7ad8ffb63ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 12:48:16 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69906
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
www.wn.de/extension/av_responsive/design/wn/stylesheets/vendor/font-awesome/fonts/ 66 KB
66 KB 35ms
35ms Font
application/octet-stream 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/extension/av_responsive/design/wn/stylesheets/vendor/font-awesome/fonts/fa-solid-900.woff2
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Origin: https://www.wn.de
Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Jan 2019 21:43:46 GMT
location
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Content-Length: 67401

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ef1487ad62eadd61e6fd29e449e179384be52f743088e3dca00020953913f5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 200
OK fa-brands-400.woff2
www.wn.de/extension/av_responsive/design/wn/stylesheets/vendor/font-awesome/fonts/ 64 KB
64 KB 41ms
40ms Font
application/octet-stream 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/extension/av_responsive/design/wn/stylesheets/vendor/font-awesome/fonts/fa-brands-400.woff2
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

Origin: https://www.wn.de
Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Jan 2019 21:43:46 GMT
location
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Content-Length: 65344

GET
H/1.1 200
OK c8e419bec81cf0490d52757c74519a6f_1615366584c990510168ac618b51471bddcceb0697.css
www.wn.de/var/cache/public/stylesheets/ 61 KB
11 KB 37ms
36ms Stylesheet
text/css 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/var/cache/public/stylesheets/c8e419bec81cf0490d52757c74519a6f_1615366584c990510168ac618b51471bddcceb0697.css
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 93dda752a92a89a528cb8f8026bbf3fb29b1c703ac8879b5cc82a8551052eef6

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 09:11:47 GMT
location
X-Varnish-beresp-ttl: 43200.000
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10443

GET
H/1.1 200
OK 005f39895c4489fb8dd10e280c1dcd86_1615366584644f48b0430890000f7a3017e3cbd894.css
www.wn.de/var/cache/public/stylesheets/ 58 KB
10 KB 49ms
32ms Stylesheet
text/css 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/var/cache/public/stylesheets/005f39895c4489fb8dd10e280c1dcd86_1615366584644f48b0430890000f7a3017e3cbd894.css
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 8535b4df9d604b213f9edf41b8aab8fd5218b811d16ebf2de0b53ef66c5e291d

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 09:11:47 GMT
location
X-Varnish-beresp-ttl: 43200.000
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9819

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.wn.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:06:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 463302
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 18 Mar 2022 04:06:34 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.wn.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:16:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 484336
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:16:00 GMT

GET
H/1.1 200
OK favicon.ico
www.wn.de/extension/av_responsive/design/wn/images/ 1 KB
629 B 40ms
39ms Image
image/vnd.microsoft.icon 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wn.de/extension/av_responsive/design/wn/images/favicon.ico
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: d98e1e438b745b2a32983fc9b7d05e4677c377188a6b33e05e20839d05c6c320

Request headers

Origin: https://www.wn.de
Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jan 2018 09:10:48 GMT
location
X-Varnish-beresp-ttl: 43200.000
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Content-Type: image/vnd.microsoft.icon
Access-Control-Allow-Origin: *
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238

GET
H/1.1 200
OK cubelogo.png
www.wn.de/extension/av_responsive/design/wn/images/ 4 KB
4 KB 36ms
35ms Image
image/png 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wn.de/extension/av_responsive/design/wn/images/cubelogo.png
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 9e22988c5d684ececd6e8930db0a2a05d43bc33e14d9f7f8cd150223d1c6ffe3

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Last-Modified: Mon, 04 Jun 2018 12:20:25 GMT
location
X-Varnish-beresp-ttl: 43200.000
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4006

GET
H/1.1 200
OK zgm_logo.gif
www.wn.de/extension/av_responsive/design/wn/images/ 5 KB
5 KB 33ms
32ms Image
image/gif 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wn.de/extension/av_responsive/design/wn/images/zgm_logo.gif
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 94f1f97ead7369d42bbc06f34b605d686afe10fecf323262a262215566bebd48

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Last-Modified: Wed, 17 Jan 2018 09:10:51 GMT
location
X-Varnish-beresp-ttl: 43200.000
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4737

GET
H/1.1 200
OK Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS1_image_1024_width.jpg
www.wn.de/var/storage/images/wn/startseite/muensterland/4387506-fake-nachricht-mit-schadsoftware-ihr-paket-wurde-verschickt-polizei-warnt-vor-betrugs-sms/124470619-1-ger-DE/ 74 KB
75 KB 71ms
35ms Image
image/jpeg 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wn.de/var/storage/images/wn/startseite/muensterland/4387506-fake-nachricht-mit-schadsoftware-ihr-paket-wurde-verschickt-polizei-warnt-vor-betrugs-sms/124470619-1-ger-DE/Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS1_image_1024_width.jpg
Requested by: Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 7e1020a5320a8dad11e5293dea1ea7c487e488c472b9951db1b3ec552e629257

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Last-Modified: Fri, 19 Mar 2021 11:35:39 GMT
location
X-Varnish-beresp-ttl: 43200.000
Vary: Accept-Encoding,X-MCS-LB-Info-S,User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76119

GET
H/1.1 200
OK call.js Show response
www.wn.de/cre-1.0/tracking/ 378 B
550 B 71ms
32ms Script
application/javascript 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/cre-1.0/tracking/call.js?action=pageview&serviceid=wn&origin=web&site=www.wn.de&contentid=%2FMuensterland%2F4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS&cms_id=4387506&channel=93&doctype=wn_article&elementid=entitlement_wn_web&subchannel=7875131&entitlement=not%20set&_u=https%3A%2F%2Fwww.wn.de%2FMuensterland%2F4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS&_r=&_c=cre_callback_65715
Requested by: Host: www.wn.de
URL: https://www.wn.de/cre-1.0/tracking/feature.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: bd68f9e907077784957b7a808b58c9834a71c5deb7a794dc8f327a971dc04130

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 12:48:16 GMT
Cache-Control: no-cache, no-cache, max-age=0, must-revalidate, no-store
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Connection: close
Content-Encoding: gzip
Content-Type: application/javascript

GET
H/1.1 200
OK kreide Show response
www.wn.de/ 1 KB
778 B 66ms
40ms XHR
text/html 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/kreide
Requested by: Host: www.wn.de
URL: https://www.wn.de/var/cache/public/javascript/cc935b874b7253a7f20196eebfdae69d_1615366845d41d8cd98f00b204e9800998ecf8427e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: df8eb42cf93bfb2730acd8239cdeccbbebba5881299e7871b7aee05bf2a61389

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:48:16 GMT
Content-Encoding: gzip
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Vary: ,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQTTLXS&gtm_auth=_lraC9mCsaxnimzlY4JTbQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2741
date: Tue, 23 Mar 2021 12:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Mar 2021 14:02:35 GMT

POST
H/1.1 200
OK pageview.php
www.wn.de/_tools/frontpage-heatmap/ 0
272 B 34ms
34ms Other
text/html 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wn.de/_tools/frontpage-heatmap/pageview.php?nc

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),

Reverse DNS

www.wn.de

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 12:48:17 GMT
X-Cache: MISS
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK layer.html Show response
www.wn.de/_paywall/wn/wn-standard-footer-flyin/ 9 KB
3 KB 36ms
35ms XHR
text/html 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wn.de/_paywall/wn/wn-standard-footer-flyin/layer.html

Requested by

Host: www.wn.de
URL: https://www.wn.de/var/cache/public/javascript/cc935b874b7253a7f20196eebfdae69d_1615366845d41d8cd98f00b204e9800998ecf8427e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),

Reverse DNS

www.wn.de

Software

Resource Hash

f343049affe3a947964e9486c4736d73aa9fae5cdebe164f2b8b7283071ef462

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:44:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Mar 2021 08:54:41 GMT
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3054
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK device.js Show response
www.wn.de/cre-1.0/tracking/ 23 B
326 B 45ms
45ms Script
application/javascript 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/cre-1.0/tracking/device.js?width=1600&height=1200&dpi_x=96&dpi_y=96&tracking_id=1695026979979385346&_c=cre_callback_80816
Requested by: Host: www.wn.de
URL: https://www.wn.de/cre-1.0/tracking/feature.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: f367fabac96f8185da78b2b9631f9c7e854a5453f66b98667c9fb6bba6a55135

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 12:48:17 GMT
Cache-Control: no-cache, no-cache, max-age=0, must-revalidate, no-store
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Connection: close
Content-Encoding: gzip
Content-Type: application/javascript

GET
H2 200 metaTag.min.js Show response
cdn.stroeerdigitalgroup.de/metatag/live/OMS_wn/ 262 KB
63 KB 22ms
7ms Script
application/javascript 2a02:26f0:7100::687e:2498
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_wn/metaTag.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQTTLXS&gtm_auth=_lraC9mCsaxnimzlY4JTbQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:2498 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: KONICHIWA/1.0 /
Resource Hash: 0a4b63a2e8fd59d4b36eaf182d036322d2d457be35406b49624521654eda9e1c

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 12:48:17 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: QKW32KP1YVJYJ6MJ
content-length: 63874
x-amz-id-2: LwHqf2eTVXD2PtJ8ZOsJjqqsV+Ov0Frm5AVLtD/j/UZ2n1jjHOVQ/hX26o2Z97Uw+LzApf7zuyA=
last-modified: Mon, 22 Mar 2021 14:54:44 GMT
server: KONICHIWA/1.0
etag: "5f474f02acad5739089ae2d76156f5c4"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=409
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-19082793-17&cid=810996125.1616503697&jid=407969652&gjid=1196155625&_gid=196735014.1616503697&_u=YGBAgEABAAAAAE~&z=250605220

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 12:48:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.wn.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 33ms
20ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=733771296&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wn.de%2FMuensterland%2F4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS&ul=en-us&de=UTF-8&dt=Fake-Nachricht%20mit%20Schadsoftware%3A%20%22Ihr%20Paket%20wurde%20verschickt%22%3A%20Polizei%20warnt%20vor%20Betrugs-SMS%20-%20M%C3%BCnsterland%20-%20Westf%C3%A4lische%20Nachrichten&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=407969652&gjid=1196155625&cid=810996125.1616503697&tid=UA-19082793-17&_gid=196735014.1616503697&gtm=2wg3h0KQTTLXS&cd2=wn_article&cd3=93&cd5=nachrichten_muensterland&cd6=nationalnews%2Fmuensterland_uebersicht&cd7=0&cd8=4387506&cd9=4&cd11=nationalnews&cd12=Aktiviert&cd13=null&cd17=&cd18=Volle%20Ansicht&cd19=null&cm2=4&cm3=157&cm4=1089&cm5=0&z=2001378396

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 04:41:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29232
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
122 B 18ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=733771296&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.wn.de%2FMuensterland%2F4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS&ul=en-us&de=UTF-8&dt=Fake-Nachricht%20mit%20Schadsoftware%3A%20%22Ihr%20Paket%20wurde%20verschickt%22%3A%20Polizei%20warnt%20vor%20Betrugs-SMS%20-%20M%C3%BCnsterland%20-%20Westf%C3%A4lische%20Nachrichten&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Paywall%20Layer%20(wn-standard-footer-flyin)&ea=Laden&el=4387506&_u=aGDAAEABAAAAAG~&jid=341458372&gjid=451495916&cid=810996125.1616503697&tid=UA-19082793-17&_gid=196735014.1616503697&_r=1&gtm=2wg3h0KQTTLXS&cd1=anonymous&cd2=wn_article&cd3=93&cd5=nachrichten_muensterland&cd6=nationalnews%2Fmuensterland_uebersicht&cd7=0&cd8=4387506&cd9=4&cd11=nationalnews&cd12=Aktiviert&cd13=null&cd14=open&cd15=&cd16=metering&cd17=&cd18=Volle%20Ansicht&cd19=null&cm1=1&cm2=4&cm3=157&cm4=1089&cm5=0&z=1205120993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 12:48:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wn.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 91 KB
35 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-N86W292&t=gtm32&cid=810996125.1616503697&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f74615629e35f1d5a5db42195fdd6a82c49be8f4d9a8aa6064c8d87b5e30108b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 12:48:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35955
x-xss-protection: 0
expires: Tue, 23 Mar 2021 12:48:17 GMT

GET
H/1.1 200
OK call.js Show response
www.wn.de/cre-1.0/tracking/ 284 B
494 B 46ms
45ms XHR
application/javascript 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wn.de/cre-1.0/tracking/call.js?action=pageview&serviceid=wn&site=www.wn.de&doctype=paywall&origin=web&cms_id=%2Foffer%2Fview&contentid=%2Foffer%2Fview&channel=offer&subchannel=view&offerids=offer_wn_digi&variantids=standard%2Cstandard&disrupterids=standard%2Cstandard
Requested by: Host: www.wn.de
URL: https://www.wn.de/var/cache/public/javascript/cc935b874b7253a7f20196eebfdae69d_1615366845d41d8cd98f00b204e9800998ecf8427e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),
Reverse DNS: www.wn.de
Software: /
Resource Hash: 6f2dba931eaf5cb62a43fdcb49ec643fc1ab5ac0fccec873823ada6afc7837e0

Request headers

Accept: */*
Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 12:48:17 GMT
Cache-Control: no-cache, no-cache, max-age=0, must-revalidate, no-store
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Connection: close
Content-Encoding: gzip
Content-Type: application/javascript

GET
H/1.1 200
OK wn-epaper-app-icon.svg
www.wn.de/_paywall/wn/wn-standard-footer-flyin/images/ 3 KB
3 KB 46ms
45ms Image
image/svg+xml 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wn.de/_paywall/wn/wn-standard-footer-flyin/images/wn-epaper-app-icon.svg

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),

Reverse DNS

www.wn.de

Software

Resource Hash

569c9fae2d233698cafa0ce6a170b5e7b08155caffaf0cf7e904f0c7c3d98596

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:28:57 GMT
Last-Modified: Fri, 19 Mar 2021 08:51:25 GMT
X-Cache: HIT
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2740
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK close-button-gray.svg
www.wn.de/_paywall/wn/wn-standard-footer-flyin/images/ 1 KB
1 KB 45ms
44ms Image
image/svg+xml 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wn.de/_paywall/wn/wn-standard-footer-flyin/images/close-button-gray.svg

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),

Reverse DNS

www.wn.de

Software

Resource Hash

41f2a4ee284bb52265c0f6a76f314f268a99721016ba458d4dbf0f3a6563b064

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:28:57 GMT
Last-Modified: Fri, 19 Mar 2021 08:51:25 GMT
X-Cache: HIT
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1102
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK google-play-badge.svg
www.wn.de/_paywall/wn/wn-standard-footer-flyin/images/ 7 KB
7 KB 82ms
33ms Image
image/svg+xml 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wn.de/_paywall/wn/wn-standard-footer-flyin/images/google-play-badge.svg

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),

Reverse DNS

www.wn.de

Software

Resource Hash

61b4f95e0782ed88ecf8312a9540437545d8c5383be701bad6aac9cb9875ff3c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:28:57 GMT
Last-Modified: Fri, 19 Mar 2021 08:51:25 GMT
X-Cache: HIT
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6672
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app-store-badge.svg
www.wn.de/_paywall/wn/wn-standard-footer-flyin/images/ 9 KB
9 KB 83ms
35ms Image
image/svg+xml 91.216.108.5
ASCHENDORFF DE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wn.de/_paywall/wn/wn-standard-footer-flyin/images/app-store-badge.svg

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

91.216.108.5 , Germany, ASN39077 (ASCHENDORFF DE, NRW, Muenster, DE),

Reverse DNS

www.wn.de

Software

Resource Hash

4f2967e1f642dd16eec36ac4022f07b7a881cab6301a13be3a4ccfcd3206a614

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 12:28:57 GMT
Last-Modified: Fri, 19 Mar 2021 08:51:25 GMT
X-Cache: HIT
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9217
X-XSS-Protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 24ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-19082793-17&cid=810996125.1616503697&jid=407969652&_u=YGBAgEABAAAAAE~&z=2024676705

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 12:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 22ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-19082793-17&cid=810996125.1616503697&jid=407969652&_u=YGBAgEABAAAAAE~&z=2024676705

Requested by

Host: www.wn.de
URL: https://www.wn.de/Muensterland/4387506-Fake-Nachricht-mit-Schadsoftware-Ihr-Paket-wurde-verschickt-Polizei-warnt-vor-Betrugs-SMS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 12:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
420 B 43ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-19082793-17&cid=810996125.1616503697&jid=341458372&gjid=451495916&_gid=196735014.1616503697&_u=aGDAAEABAAAAAG~&z=767634503

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 12:48:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.wn.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
142 B 18ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-19082793-17&cid=810996125.1616503697&jid=341458372&_u=aGDAAEABAAAAAG~&z=1496570076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 12:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 47ms
33ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-19082793-17&cid=810996125.1616503697&jid=341458372&_u=aGDAAEABAAAAAG~&z=1496570076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 12:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wn.de/	1970-01-19 17:01:43	Name: _gat_UA-19082793-17 Value: 1
.wn.de/	1970-01-19 17:01:43	Name: _dc_gtm_UA-19082793-17 Value: 1
.wn.de/	1970-01-19 17:03:10	Name: _gid Value: GA1.2.196735014.1616503697
.wn.de/	1970-01-20 10:32:55	Name: _ga Value: GA1.2.810996125.1616503697
.wn.de/	1970-01-19 17:08:52	Name: iom_consent Value: 0000000000&1616503696646
.wn.de/	1970-01-20 01:01:14	Name: ioam2018 Value: 000f696ad6fd805f56059e390:1645274896648:1616503696648:.wn.de:2:westnach:nachrichten_muensterland:noevent:1616503696648:eoobo5
.www.wn.de/	1969-12-31 23:59:59	Name: creid Value: 1695026979979385346

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.wn.de/var/cache/public/javascript/cc935b874b7253a7f20196eebfdae69d_1615366845d41d8cd98f00b204e9800998ecf8427e.js(Line 2) Message: error avObjectUpdates:
console-api	log	URL: https://www.wn.de/var/cache/public/javascript/cc935b874b7253a7f20196eebfdae69d_1615366845d41d8cd98f00b204e9800998ecf8427e.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.stroeerdigitalgroup.de
de.ioam.de
fonts.googleapis.com
fonts.gstatic.com
script.ioam.de
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.wn.de
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c0a::9b
2a00:1450:400c:c1b::9a
2a02:26f0:7100::687e:2498
91.215.100.40
91.215.103.64
91.216.108.5
0a4b63a2e8fd59d4b36eaf182d036322d2d457be35406b49624521654eda9e1c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
3233cf8492b92a61a68bb7531498a0157010df7b1db56f14db29eaf24c1d891b
41f2a4ee284bb52265c0f6a76f314f268a99721016ba458d4dbf0f3a6563b064
4e124c006c4c117d2ed288d94e43929c6122e3944b124464a7295be5bcf8bb75
4f2967e1f642dd16eec36ac4022f07b7a881cab6301a13be3a4ccfcd3206a614
569c9fae2d233698cafa0ce6a170b5e7b08155caffaf0cf7e904f0c7c3d98596
5cb6e1967c63170e1753b30c370852b0b1cefe172fa89596ddeca7ad8ffb63ec
61b4f95e0782ed88ecf8312a9540437545d8c5383be701bad6aac9cb9875ff3c
6f2dba931eaf5cb62a43fdcb49ec643fc1ab5ac0fccec873823ada6afc7837e0
76edd61358a3d49d20781ac07aed5e26d6145d6d37fd8b9126538758ded91466
7e1020a5320a8dad11e5293dea1ea7c487e488c472b9951db1b3ec552e629257
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8535b4df9d604b213f9edf41b8aab8fd5218b811d16ebf2de0b53ef66c5e291d
886b054134441f948788863a98b7fcd0643b218f7fff9924fdf56fc37942b2d1
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
92f030364c7b80c00f05c1c4b831c862d95f5f03735a79e2d7304301f0c6ec94
93dda752a92a89a528cb8f8026bbf3fb29b1c703ac8879b5cc82a8551052eef6
94f1f97ead7369d42bbc06f34b605d686afe10fecf323262a262215566bebd48
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
99ef1487ad62eadd61e6fd29e449e179384be52f743088e3dca00020953913f5
9e22988c5d684ececd6e8930db0a2a05d43bc33e14d9f7f8cd150223d1c6ffe3
a5b3a4b73b8247bad50fe4e477b258a1039a87e2fd6ba6a211d08708ceaa61cf
bd68f9e907077784957b7a808b58c9834a71c5deb7a794dc8f327a971dc04130
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
d98e1e438b745b2a32983fc9b7d05e4677c377188a6b33e05e20839d05c6c320
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5c53db753b84425164c8ce67a855353ff51c85412209d5be3d01a867f874b3
df8eb42cf93bfb2730acd8239cdeccbbebba5881299e7871b7aee05bf2a61389
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f343049affe3a947964e9486c4736d73aa9fae5cdebe164f2b8b7283071ef462
f367fabac96f8185da78b2b9631f9c7e854a5453f66b98667c9fb6bba6a55135
f74615629e35f1d5a5db42195fdd6a82c49be8f4d9a8aa6064c8d87b5e30108b

www.wn.de Open in urlscan Pro 91.216.108.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

40 Requests

100 %HTTPS

75 %IPv6

10 Domains

11 Subdomains

13 IPs

2 Countries

615 kBTransfer

1534 kBSize

7 Cookies

30 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wn.de Open in urlscan Pro
91.216.108.5 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

11
Subdomains

13
IPs

2
Countries

615 kB
Transfer

1534 kB
Size

7
Cookies

40 HTTP transactions
1 data transactions