www.shz.de Open in urlscan Pro
212.237.244.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mhnpay.dns.boreus.de/
Effective URL:
https://www.shz.de/
Submission: On July 08 via manual (July 8th 2020, 1:56:17 pm UTC) from DE

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 212.237.244.169, located in Germany and belongs to BOREUS, DE. The main domain is www.shz.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 25th 2019. Valid for: 2 years.

This is the only time www.shz.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	212.237.244.169 212.237.244.169	205411 (BOREUS) (BOREUS)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	3

10 212.237.244.169 (Germany) 2 redirects

ASN205411 (BOREUS, DE)
PTR: mhnpay.dns.boreus.de

mhnpay.dns.boreus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	shz.de 1 redirects www.shz.de	231 KB
2	criteo.net static.criteo.net	32 KB
1	boreus.de 1 redirects mhnpay.dns.boreus.de	477 B
10	3

	Domain	Requested by
9	www.shz.de	1 redirects www.shz.de
2	static.criteo.net	www.shz.de
1	mhnpay.dns.boreus.de	1 redirects
10	3

This site contains links to these domains. Also see Links.

Domain
mein.shz.de
www.mhn-medien.de

Subject Issuer	Validity	Valid
*.shz.de Sectigo RSA Domain Validation Secure Server CA	`2019-03-25` - `2021-06-22`	2 years	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.shz.de/
Frame ID: DE492BFCD96C2BF304E2EB1560FD2E4F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mhnpay.dns.boreus.de/ HTTP 301
http://www.shz.de/ HTTP 301
https://www.shz.de/ Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

262 kB
Transfer

618 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://mein.shz.de/angebote/digitalbasis/?ref=VSS
Title: 4 Wochen kostenlos testen

Search URL Search Domain Scan URL

URL: http://www.mhn-medien.de/mediadaten/
Title: Mediadaten

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mhnpay.dns.boreus.de/ HTTP 301
http://www.shz.de/ HTTP 301
https://www.shz.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.shz.de/ Redirect Chain http://mhnpay.dns.boreus.de/ http://www.shz.de/ https://www.shz.de/	78 KB 26 KB	117ms 48ms	Document text/html	212.237.244.169 BOREUS
General Check archive.org Show headers Download Go to Full URL https://www.shz.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.237.244.169 , Germany, ASN205411 (BOREUS, DE), Reverse DNS mhnpay.dns.boreus.de Software / Resource Hash `6a26850646cb716c09a97d2c609f286ef663adce332705b2f84df41db9e69bdb` Request headers :method GET :authority www.shz.de :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie creid=1671657222249894453; BIGipServermhn_pay_http=1080324106.20480.0000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 08 Jul 2020 13:55:58 GMT content-type text/html;charset=UTF-8 set-cookie creid=1671657222249894453; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.shz.de; path=/; httpOnly; SameSite=Lax vary Accept-Encoding cache-control no-cache content-language de-DE cmsid s1 via 1.1 varnish (Varnish/5.2) x-varnish 39544707 39246372 age 19 cmstype s content-encoding gzip Redirect headers Date Wed, 08 Jul 2020 13:55:58 GMT Content-Type application/octet-stream Connection keep-alive Set-Cookie creid=1671657222249894453; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.shz.de; path=/; httpOnly; SameSite=Lax BIGipServermhn_pay_http=1080324106.20480.0000; path=/; Httponly Cache-Control max-age=300 Content-Length 0 Last-Modified Wed, 08 Jul 2020 13:53:48 GMT Via 1.1 varnish (Varnish/5.2) Location https://www.shz.de/ X-Varnish 40371003 39987637 cmsid s1 Age 129 Expires Wed, 08 Jul 2020 13:58:48 GMT cmstype s
GET H2	200	jquery-1.10.2.min.js Show response www.shz.de/resources/1594125790339/ver1-0/js/	91 KB 32 KB	38ms 37ms	Script application/x-javascript	212.237.244.169 BOREUS
General Check archive.org Show headers Download Go to Full URL https://www.shz.de/resources/1594125790339/ver1-0/js/jquery-1.10.2.min.js Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.237.244.169 , Germany, ASN205411 (BOREUS, DE), Reverse DNS mhnpay.dns.boreus.de Software / Resource Hash `0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988` Request headers Referer https://www.shz.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 13:55:59 GMT content-encoding gzip last-modified Wed, 08 Jul 2020 08:32:20 GMT age 19418 vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=864000 x-varnish 36260382 426015 accept-ranges bytes content-length 32837 via 1.1 varnish (Varnish/5.2) expires Sat, 08 Aug 2020 14:32:20 GMT
GET H2	200	styles_part_1.min.css www.shz.de/resources/1594125790339/ver1-0/css/	174 KB 33 KB	44ms 43ms	Stylesheet text/css	212.237.244.169 BOREUS
General Check archive.org Show headers Download Go to Full URL https://www.shz.de/resources/1594125790339/ver1-0/css/styles_part_1.min.css Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.237.244.169 , Germany, ASN205411 (BOREUS, DE), Reverse DNS mhnpay.dns.boreus.de Software / Resource Hash `31d89affa5aab8c3ffaee4945aef43f3376e4b2fca07ea2894f39a990c3b8b39` Request headers Referer https://www.shz.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 13:55:59 GMT content-encoding gzip last-modified Wed, 08 Jul 2020 12:47:09 GMT age 4130 vary Accept-Encoding content-type text/css;charset=UTF-8 status 200 cache-control max-age=864000 x-varnish 97290117 74982827 accept-ranges bytes content-length 33869 via 1.1 varnish (Varnish/5.2) expires Sat, 08 Aug 2020 18:47:09 GMT
GET H2	200	styles_part_2.min.css www.shz.de/resources/1594125790339/ver1-0/css/	44 KB 9 KB	60ms 60ms	Stylesheet text/css	212.237.244.169 BOREUS
General Check archive.org Show headers Download Go to Full URL https://www.shz.de/resources/1594125790339/ver1-0/css/styles_part_2.min.css Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.237.244.169 , Germany, ASN205411 (BOREUS, DE), Reverse DNS mhnpay.dns.boreus.de Software / Resource Hash `fcf4c2797688795c13db7e163779d3ee0c25873414a65366877aa59ab4c0f323` Request headers Referer https://www.shz.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 13:55:59 GMT content-encoding gzip last-modified Wed, 08 Jul 2020 12:47:09 GMT age 4130 vary Accept-Encoding content-type text/css;charset=UTF-8 status 200 cache-control max-age=864000 x-varnish 67854392 74982830 accept-ranges bytes content-length 9318 via 1.1 varnish (Varnish/5.2) expires Sat, 08 Aug 2020 18:47:09 GMT
GET DATA	200 OK	truncated /	436 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f14fe8f3fc06889c04448bc56c0383c4ecd68e3787ba162658cacd3fe9e2ee5a` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	desktop.jpg www.shz.de/resources/1594125790339/ver1-0/img/intropage/	107 KB 108 KB	38ms 37ms	Image image/jpeg	212.237.244.169 BOREUS
General Check archive.org Show headers Download Go to Show image Full URL https://www.shz.de/resources/1594125790339/ver1-0/img/intropage/desktop.jpg Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.237.244.169 , Germany, ASN205411 (BOREUS, DE), Reverse DNS mhnpay.dns.boreus.de Software / Resource Hash `1ebe655ee21cf7552394ca1088ed1bc07cfb3d4b64b963e6531d066bb5574756` Request headers Referer https://www.shz.de/resources/1594125790339/ver1-0/css/styles_part_2.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 13:55:59 GMT via 1.1 varnish (Varnish/5.2) last-modified Wed, 08 Jul 2020 08:32:20 GMT age 19418 x-varnish 39112929 1507382 status 200 cache-control max-age=864000 accept-ranges bytes content-type image/jpeg content-length 109931 expires Sat, 08 Aug 2020 14:32:20 GMT
GET H2	200	OpenSans-CondBold-webfont.woff www.shz.de/resources/1594125790339/ver1-0/fonts/	21 KB 21 KB	36ms 35ms	Font application/x-font-woff	212.237.244.169 BOREUS
General Check archive.org Show headers Download Go to Full URL https://www.shz.de/resources/1594125790339/ver1-0/fonts/OpenSans-CondBold-webfont.woff Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.237.244.169 , Germany, ASN205411 (BOREUS, DE), Reverse DNS mhnpay.dns.boreus.de Software / Resource Hash `6fe4f7d286323fef39e81d9cdbdbf463941ebe9c1044e19653967369bdb34240` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.shz.de/resources/1594125790339/ver1-0/css/styles_part_1.min.css Origin https://www.shz.de Response headers date Wed, 08 Jul 2020 13:55:59 GMT content-encoding gzip last-modified Tue, 07 Jul 2020 12:47:23 GMT age 90516 vary Accept-Encoding access-control-allow-methods GET content-type application/x-font-woff status 200 cache-control max-age=2700000 x-varnish 8974199 14976698 accept-ranges bytes access-control-allow-origin * content-length 21347 via 1.1 varnish (Varnish/5.2) expires Fri, 07 Aug 2020 18:47:23 GMT
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	103 KB 31 KB	51ms 14ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash `488371624e2b23b5e2243c8a40fe23c82cfe992f6c7052421c66e982e68b2fec` Request headers Referer https://www.shz.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 13:55:59 GMT content-encoding gzip last-modified Wed, 01 Jul 2020 10:37:58 GMT server nginx etag W/"5efc6786-19a49" status 200 content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public timing-allow-origin * expires Thu, 09 Jul 2020 13:55:59 GMT
GET H2	200	pixel.gif static.criteo.net/images/	43 B 260 B	48ms 12ms	Image image/gif	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=1 Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Referer https://www.shz.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 13:55:59 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx etag "493ea254-2b" status 200 content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public accept-ranges bytes timing-allow-origin * content-length 43 expires Sat, 03 Jul 2021 13:55:59 GMT
GET H2	200	tofu-justiz.jpg www.shz.de/img/incoming/crop28890714/uD60GHe1Y7-cv16_8-h358/	68 B 268 B	67ms 66ms	Image image/png	212.237.244.169 BOREUS
General Check archive.org Show headers Download Go to Show image Full URL https://www.shz.de/img/incoming/crop28890714/uD60GHe1Y7-cv16_8-h358/tofu-justiz.jpg Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.237.244.169 , Germany, ASN205411 (BOREUS, DE), Reverse DNS mhnpay.dns.boreus.de Software / AdDefend GmbH Resource Hash `adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9` Request headers Referer https://www.shz.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 08 Jul 2020 13:55:59 GMT via 1.1 varnish (Varnish/5.2) age 0 x-powered-by AdDefend GmbH content-type image/png status 200 cache-control max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private x-varnish 39112933 accept-ranges bytes content-length 68 expires 0
GET H2	200	vater-abzug.png www.shz.de/img/incoming/adinclude/crop76991857/uD60GHe1Y7-cv16_8-h358/	68 B 146 B	59ms 59ms	Image image/png	212.237.244.169 BOREUS
General Check archive.org Show headers Download Go to Show image Full URL https://www.shz.de/img/incoming/adinclude/crop76991857/uD60GHe1Y7-cv16_8-h358/vater-abzug.png Requested by Host: www.shz.de URL: https://www.shz.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.237.244.169 , Germany, ASN205411 (BOREUS, DE), Reverse DNS mhnpay.dns.boreus.de Software / AdDefend GmbH Resource Hash `adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9` Request headers Referer https://www.shz.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 08 Jul 2020 13:55:59 GMT via 1.1 varnish (Varnish/5.2) age 0 x-powered-by AdDefend GmbH content-type image/png status 200 cache-control max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private x-varnish 29148407 accept-ranges bytes content-length 68 expires 0

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.shz.de/	1969-12-31 23:59:59	Name: BIGipServermhn_pay_http Value: 1080324106.20480.0000
			.shz.de/	1970-01-25 20:05:16	Name: creid Value: 1671657222249894453

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mhnpay.dns.boreus.de
static.criteo.net
www.shz.de
212.237.244.169
2a02:2638:1::3
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1ebe655ee21cf7552394ca1088ed1bc07cfb3d4b64b963e6531d066bb5574756
31d89affa5aab8c3ffaee4945aef43f3376e4b2fca07ea2894f39a990c3b8b39
488371624e2b23b5e2243c8a40fe23c82cfe992f6c7052421c66e982e68b2fec
6a26850646cb716c09a97d2c609f286ef663adce332705b2f84df41db9e69bdb
6fe4f7d286323fef39e81d9cdbdbf463941ebe9c1044e19653967369bdb34240
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
f14fe8f3fc06889c04448bc56c0383c4ecd68e3787ba162658cacd3fe9e2ee5a
fcf4c2797688795c13db7e163779d3ee0c25873414a65366877aa59ab4c0f323

www.shz.de Open in urlscan Pro 212.237.244.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

262 kBTransfer

618 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

2 Cookies

Indicators

www.shz.de Open in urlscan Pro
212.237.244.169 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

262 kB
Transfer

618 kB
Size

2
Cookies

10 HTTP transactions
1 data transactions