www.vr.de - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 195.200.45.12, located in Germany and belongs to FIDUCIA, DE. The main domain is www.vr.de.
TLS certificate: Issued by QuoVadis Global SSL ICA G3 on October 29th 2021. Valid for: a year.

This is the only time www.vr.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	158.58.187.19 158.58.187.19	57497 (FARASOSAM...) (FARASOSAMANEHPASARGAD)
4	195.200.45.12 195.200.45.12	15590 (FIDUCIA) (FIDUCIA)
5	2

2 158.58.187.19 (Tehran, Iran, Islamic Republic Of) 2 redirects

ASN57497 (FARASOSAMANEHPASARGAD, IR)
PTR: iran2.hostnegar.com

ss.dll.css.3oqr.atiehnorouzzadeh.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.200.45.12 (Germany)

ASN15590 (FIDUCIA, DE)

www.vr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	vr.de www.vr.de	131 KB
2	atiehnorouzzadeh.ir 2 redirects ss.dll.css.3oqr.atiehnorouzzadeh.ir	428 B
5	2

	Domain	Requested by
4	www.vr.de	www.vr.de
2	ss.dll.css.3oqr.atiehnorouzzadeh.ir	2 redirects
5	2

This site contains no links.

Subject Issuer	Validity	Valid
VR.DE QuoVadis Global SSL ICA G3	`2021-10-29` - `2022-10-29`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.vr.de/
Frame ID: C01A606875CAF8DDF8E9CC6FC34B62F7
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ss.dll.css.3oqr.atiehnorouzzadeh.ir/.sdf/.qsx HTTP 301
http://ss.dll.css.3oqr.atiehnorouzzadeh.ir/.sdf/.qsx/ HTTP 302
https://www.vr.de/ Page URL

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

131 kB
Transfer

374 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ss.dll.css.3oqr.atiehnorouzzadeh.ir/.sdf/.qsx HTTP 301
http://ss.dll.css.3oqr.atiehnorouzzadeh.ir/.sdf/.qsx/ HTTP 302
https://www.vr.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.vr.de/ Redirect Chain http://ss.dll.css.3oqr.atiehnorouzzadeh.ir/.sdf/.qsx http://ss.dll.css.3oqr.atiehnorouzzadeh.ir/.sdf/.qsx/ https://www.vr.de/	7 KB 7 KB	57ms 11ms	Document text/html	195.200.45.12 FIDUCIA
General Check archive.org Show headers Download Go to Full URL https://www.vr.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.200.45.12 , Germany, ASN15590 (FIDUCIA, DE), Reverse DNS Software / Resource Hash `338b3f8a03684ccd396e8fd980736c711b11714b5a674c8feb7c84a8211b7eeb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers p3p CP="{}" content-length 7151 cache-control no-store, must-revalidate, no-cache, max-age=0 content-type text/html Redirect headers Connection Keep-Alive Content-Type text/html Content-Length 683 Date Sat, 20 Nov 2021 14:44:43 GMT Cache-Control no-cache, no-store, must-revalidate, max-age=0 Location https://www.vr.de/
GET H2	200	08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175 Show response www.vr.de/TSPD/	279 KB 86 KB	11ms 10ms	Script text/javascript	195.200.45.12 FIDUCIA
General Check archive.org Show headers Download Go to Full URL https://www.vr.de/TSPD/08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175?type=8 Requested by Host: www.vr.de URL: https://www.vr.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.200.45.12 , Germany, ASN15590 (FIDUCIA, DE), Reverse DNS Software / Resource Hash `07b576cc018e148463807607467f726a8d1c4a76c170f8856ef371a8b2f2d307` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.vr.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers cache-control public, max-age=86400 content-encoding gzip content-length 87583 content-type text/javascript
GET H2	200	08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175 Show response www.vr.de/TSPD/	52 KB 37 KB	34ms 34ms	Script text/javascript	195.200.45.12 FIDUCIA
General Check archive.org Show headers Download Go to Full URL https://www.vr.de/TSPD/08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175?type=12 Requested by Host: www.vr.de URL: https://www.vr.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.200.45.12 , Germany, ASN15590 (FIDUCIA, DE), Reverse DNS Software / Resource Hash `552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.vr.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers cache-control public, max-age=86400 content-encoding gzip content-length 37876 content-type text/javascript
GET DATA	200 OK	truncated /	35 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `483d244f19d7105fd875ee8d01223fb50c32409a0a33e6998b0ab644bbdc4a62` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/jpg
GET H2	200	08fcd36271ab2800dc6337374d409cdec4d3aa41bde34936447c96721db5d552651fab45182844b6a78c00f18fcbcdda Show response www.vr.de/TSPD/	566 B 593 B	23ms 23ms	XHR text/html	195.200.45.12 FIDUCIA
General Check archive.org Show headers Download Go to Full URL https://www.vr.de/TSPD/08fcd36271ab2800dc6337374d409cdec4d3aa41bde34936447c96721db5d552651fab45182844b6a78c00f18fcbcdda?type=13 Requested by Host: www.vr.de URL: https://www.vr.de/TSPD/08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175?type=8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.200.45.12 , Germany, ASN15590 (FIDUCIA, DE), Reverse DNS Software / Resource Hash `5f55fe46bf4de7a5a2d701d816ed6dafceebcc5c18d884c7e6c87e27d30cfdcf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.vr.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers cache-control no-store, must-revalidate, no-cache, max-age=0 content-length 566 content-type text/html
GET		/ www.vr.de/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.vr.de
URL: https://www.vr.de/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vr.de/	1969-12-31 23:59:59	Name: TS588fa9c4027 Value: 08fcd36271ab2000445085ff764e4e841f828e866b61f6c28a1301064705c48759d7f4c3c2b51afb08b67639f8113000f943c35602496f5e3bdd53eca7a8bdf1240df29cb4202fa459050459424bbe4dbd97cc9add7ffeb05e89bf9928176aa9
www.vr.de/	1969-12-31 23:59:59	Name: TS00000000076 Value: 08fcd36271ab2800dc6337374d409cdec4d3aa41bde34936447c96721db5d552651fab45182844b6a78c00f18fcbcdda08e45775da09d00085a5e77b3f68557e9eed6f6e65074f15d81f5d19227f43eead8e35d06e4fcba0c07bb7c75e66dfd02c722bbe89531cca8b8a32a69450fce025ba60dc61cd2867583fc3dd12e088569079d60a5e1416cb3291de954814fdbfc61b0416b60f8dfe02806204f0fd45cd9212b7115e17b01c09d7c00afa733d20d26b7007019d3cb32054dba4f33225873fa40aa466144437aeda33bcb87e05e60aa9c5d9241b2987f0dd40de93291a10e21d4e72de2293ea08694c4870a8b8332705051bb7d972c4a6e4bd70c94b8c5a189bf6a8b41b9a7a
www.vr.de/	1969-12-31 23:59:59	Name: TSPD_101_DID Value: 08fcd36271ab2800dc6337374d409cdec4d3aa41bde34936447c96721db5d552651fab45182844b6a78c00f18fcbcdda08e45775da063800e4564fbfa1510718c95bb54d7cf155d8fbce6ae5afe798e245ba3e3d627b62a8d18e08df6b038ac163ad196c58410163288df5ded780b8ae
www.vr.de/	1970-01-19 22:50:19	Name: TSe1634b4e075 Value: 0402b10008fcd36271ab2800dc6337374d409cdec4d3aa41bde34936447c96721db5d552651fab45182844b6a78c00f18fcbcdda:08e45775da0320004e7f515611384eac8ebacd0ab597a238aa2b8c26afdad265858948cb214ac892a00108fcd36271ab2800dc6337374d409cdec4d3aa41bde34936447c96721db5d552651fab45182844b6a78c00f18fcbcdda08e45775da1098008b9eb806df7f615b6b30f0f0f0ac495db648458d19263f57a7ab998d6218a95b8ea9c2f34764f1d5aad7ed462cbeb98890945d3049b25b90537b5a2597427b954ddbcfe81d8afeb1fb7a149d10b0ddb9c1ab403c2d1ddff08287f49c2ce54f2c0163598e974e1655c06ff1c9702a5719d33d3ce0fc434257c4dff4dd5ee7777341c7ea3216cd671827e79b8fc5cfe01b2b96578d02a6fd180001000b00008fcd36271ab2000e7128617c0bd01272702b790c160ef71a5cb8d47c82492840a918827bb48b58c0818607dc70a280027518a5ff10f1cb0c41a73e3666af108b3d706068e46e58c20b3a388d4c35651e2235699e8f5141501000

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.vr.de/TSPD/08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175?type=8(Line 439) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
deprecation	warning	URL: https://www.vr.de/TSPD/08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175?type=8(Line 439) Message: The ScriptProcessorNode is deprecated. Use AudioWorkletNode instead. (https://bit.ly/audio-worklet)
other	warning	URL: https://www.vr.de/TSPD/08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175?type=8(Line 442) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://www.vr.de/TSPD/08fcd36271ab20007eda209a7194af19a0a6747c940119cf0fa6446d42029ef8b951219ae5875175?type=8(Line 443) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ss.dll.css.3oqr.atiehnorouzzadeh.ir
www.vr.de
www.vr.de
158.58.187.19
195.200.45.12
07b576cc018e148463807607467f726a8d1c4a76c170f8856ef371a8b2f2d307
338b3f8a03684ccd396e8fd980736c711b11714b5a674c8feb7c84a8211b7eeb
483d244f19d7105fd875ee8d01223fb50c32409a0a33e6998b0ab644bbdc4a62
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3
5f55fe46bf4de7a5a2d701d816ed6dafceebcc5c18d884c7e6c87e27d30cfdcf

www.vr.de Open in urlscan Pro 195.200.45.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

80 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

131 kBTransfer

374 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

4 Console Messages

Indicators

www.vr.de Open in urlscan Pro
195.200.45.12 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

131 kB
Transfer

374 kB
Size

4
Cookies

5 HTTP transactions
1 data transactions