www.onlineumfragen.com
Open in
urlscan Pro
92.42.184.212
Public Scan
Effective URL: https://www.onlineumfragen.com/nologin_deaktiv.cfm?status=0&umf=86343&umfi=88670&message=
Submission Tags: falconsandbox
Submission: On April 12 via api from US
Summary
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on July 14th 2020. Valid for: a year.
This is the only time www.onlineumfragen.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 13 | 92.42.184.212 92.42.184.212 | 29691 (NINE) (NINE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 13.226.155.79 13.226.155.79 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 13.226.155.104 13.226.155.104 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 75.2.88.188 75.2.88.188 | 16509 (AMAZON-02) (AMAZON-02) | |
19 | 6 |
ASN29691 (NINE, CH)
PTR: www.onlineumfragen.com
www.onlineumfragen.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-79.dus51.r.cloudfront.net
widget.intercom.io |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-104.dus51.r.cloudfront.net
js.intercomcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
onlineumfragen.com
2 redirects
www.onlineumfragen.com |
102 KB |
4 |
intercomcdn.com
js.intercomcdn.com |
116 KB |
2 |
intercom.io
1 redirects
widget.intercom.io api-iam.intercom.io |
3 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
19 | 5 |
Domain | Requested by | |
---|---|---|
13 | www.onlineumfragen.com |
2 redirects
www.onlineumfragen.com
|
4 | js.intercomcdn.com |
widget.intercom.io
js.intercomcdn.com |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | api-iam.intercom.io |
js.intercomcdn.com
|
1 | widget.intercom.io | 1 redirects |
1 | www.googletagmanager.com |
www.onlineumfragen.com
|
19 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.onlineumfragen.com GeoTrust TLS RSA CA G1 |
2020-07-14 - 2021-07-14 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.intercomcdn.com Amazon |
2021-03-01 - 2022-03-30 |
a year | crt.sh |
*.intercom.com Amazon |
2020-05-13 - 2021-06-13 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.onlineumfragen.com/nologin_deaktiv.cfm?status=0&umf=86343&umfi=88670&message=
Frame ID: 0D255B117C162BE9217C5525E7CBF501
Requests: 15 HTTP requests in this frame
Frame:
https://js.intercomcdn.com/frame-modern.3e236f12.js
Frame ID: D1468B71AAA365D29E59E748812CDFF5
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.onlineumfragen.com/login.cfm?umfrage=86343
HTTP 302
https://www.onlineumfragen.com/login_proceed.cfm?umfrage=86343&sure=0&lang=0&ttuid=0&usqcod=1&usq=&backto=&... HTTP 302
https://www.onlineumfragen.com/nologin_deaktiv.cfm?status=0&umf=86343&umfi=88670&message= Page URL
Detected technologies
CFML (Programming Languages) ExpandDetected patterns
- url /\.cfm(?:$|\?)/i
Adobe ColdFusion (Web Frameworks) Expand
Detected patterns
- url /\.cfm(?:$|\?)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.onlineumfragen.com/login.cfm?umfrage=86343
HTTP 302
https://www.onlineumfragen.com/login_proceed.cfm?umfrage=86343&sure=0&lang=0&ttuid=0&usqcod=1&usq=&backto=&schema=&votingshowgraph=&start=0&opw=&fraset=&mon=&pretest=&sprach=&startpos=0&oulayertn=&oulayerid=&cont=&r=&msc= HTTP 302
https://www.onlineumfragen.com/nologin_deaktiv.cfm?status=0&umf=86343&umfi=88670&message= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://widget.intercom.io/widget/j0kv7on7 HTTP 302
- https://js.intercomcdn.com/shim.latest.js
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
nologin_deaktiv.cfm
www.onlineumfragen.com/ Redirect Chain
|
12 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.onlineumfragen.com/login/jav/jquery360/ |
87 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookieconsent.min.css
www.onlineumfragen.com/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookieconsent.min.js
www.onlineumfragen.com/ |
19 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skin1.css
www.onlineumfragen.com/pic/newskin/ |
11 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top2004_2008_r1_c1.gif
www.onlineumfragen.com/pic/newskin/top2004/ |
746 B 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top2004_2008_r1_c2.gif
www.onlineumfragen.com/pic/newskin/top2004/ |
1 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top2004_2008_r2_c1.gif
www.onlineumfragen.com/pic/newskin/top2004/ |
2 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top2004_2008_r1_c3.gif
www.onlineumfragen.com/pic/newskin/top2004/ |
8 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top2004b_r1_c4.gif
www.onlineumfragen.com/pic/newskin/top2004/ |
121 B 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logoutok.gif
www.onlineumfragen.com/pic/newskin/skin3pic/ |
1 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 70 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shim.latest.js
js.intercomcdn.com/ Redirect Chain
|
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame-modern.3e236f12.js
js.intercomcdn.com/ Frame D146 |
250 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-modern.a5ba650d.js
js.intercomcdn.com/ Frame D146 |
123 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ping
api-iam.intercom.io/messenger/web/ Frame D146 |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locale-de-json-modern.45f81b9a.js
js.intercomcdn.com/ Frame D146 |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| cookieconsent object| intercomSettings function| Intercom function| MM_findObj function| MM_swapImage function| MM_swapImgRestore function| MM_preloadImages object| gaplugins object| gaGlobal object| gaData function| __intercomAssignLocation3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.onlineumfragen.com/ | Name: _gid Value: GA1.2.961273884.1618268865 |
|
.onlineumfragen.com/ | Name: _gat_gtag_UA_228547_1 Value: 1 |
|
.onlineumfragen.com/ | Name: _ga Value: GA1.2.711393465.1618268865 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' blob: *.onlineumfragen.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.onlineumfragen.com www13.onlineumfragen.com:85 https://www.googletagmanager.com https://www.google-analytics.com ajax.googleapis.com www.googleadservices.com platform.twitter.com translate.google.com translate.googleapis.com www.google.com www.gstatic.com code.highcharts.com *.cloudflare.com extreme-ip-lookup.com https://js.intercomcdn.com https://widget.intercom.io https://api.sovendus.com global.localizecdn.com https://polyfill.io https://cdn.jsdelivr.net/npm/mathjax@3/ https://cdn.mathjax.org https://cdn.datatables.net https://assets.adobedtm.com cdn.3cx.com; connect-src 'self' www.onlineumfragen.com cust.onlineumfragen.com https://www5.onlineumfragen.com http://*.amazonaws.com https://*.amazonaws.com translate.googleapis.com translate.google.com extreme-ip-lookup.com https://*.sovendus.com global.localizecdn.com *.intercom.io wss://nexus-websocket-a.intercom.io seal.beyondsecurity.com *.twitter.com www13.onlineumfragen.com:85 *.onlineumfragen.com https://www.googletagmanager.com https://www.google-analytics.com maps.google.ch www.googleadservices.com http://92.42.184.213 *.cloudflare.com ups.xplosion.de *.doubleclick.net *.googlesyndication.com www.gstatic.com www.google.com www.evu-benchmarking.ch chart.googleapis.com api.qrserver.com https://*.intercomcdn.com https://bildungsplan-bw-ext.pirobase.de https://cdn.datatables.net; img-src 'self' data: blob: http://localhost www.onlineumfragen.com cust.onlineumfragen.com http://*.amazonaws.com https://*.amazonaws.com seal.beyondsecurity.com *.twitter.com www13.onlineumfragen.com:85 *.onlineumfragen.com https://www.googletagmanager.com https://www.google-analytics.com maps.google.ch www.googleadservices.com http://92.42.184.213 *.cloudflare.com ups.xplosion.de *.doubleclick.net *.googlesyndication.com www.sovendus.com translate.googleapis.com translate.google.com www.gstatic.com www.google.com www.evu-benchmarking.ch chart.googleapis.com api.qrserver.com global.localizecdn.com https://*.intercomcdn.com https://bildungsplan-bw-ext.pirobase.de https://cdn.datatables.net; media-src 'self' blob: www.onlineumfragen.com cust.onlineumfragen.com *.sensiqol.ch; style-src 'self' 'unsafe-inline' www.onlineumfragen.com cust.onlineumfragen.com fonts.googleapis.com translate.googleapis.com https://cdn.datatables.net; frame-src 'self' www.onlineumfragen.com cust.onlineumfragen.com *.twitter.com www.youtube.com maps.google.ch www.google.com *.onlineumfragen.com www.facebook.com https://*.sovendus.com; font-src 'self' data: blob: www.onlineumfragen.com cust.onlineumfragen.com fonts.gstatic.com https://js.intercomcdn.com https://cdn.jsdelivr.net/npm/mathjax@3/ https://cdnjs.cloudflare.com/ajax/libs/mathjax/ https://cdn.mathjax.org; object-src 'self' blob: www.onlineumfragen.com cust.onlineumfragen.com www.youtube.com |
Strict-Transport-Security | max-age=15768000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-iam.intercom.io
js.intercomcdn.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
www.onlineumfragen.com
13.226.155.104
13.226.155.79
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
75.2.88.188
92.42.184.212
01a2ec4ca967a9d9d7f768816aed9440a4795f5587f6524dce51ed17f19a0e59
08da66d5cd3675542a9675f9e871f4d441e42ef37906a2cb3de80163cec0d913
27003d72f283ccbc0ebd42c48f376c451a39e212a2cee4d868a5545993d2e2eb
39a4241a08e492b29ac6b9ffbf33c6c222244e78fc11bfd03da0c9317091f885
60bfa8b104cdfc5e22cf2dcbd530ddb2aa3a6760d9d8d3ebaa30ee30471b6ce8
64f2ed1b57318a155672633ca4ce920e2cb3359be84939caee2ccbce45058541
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78b2f71d75fd9d5f4e3f1453de67725d5a417ba142cb16ea8f75e01fcbfb9cba
885d3cbb3a549cae50044a34f4be2ac71998ad00324df69d5ba809e079d62227
9c376f32406fda94cad999cebc061c41200d102de51e4a0e6ae418caf9c38897
a60897f9b688487b8124a6a547debb61501e85837688c3d1fc4d5475d0cb942d
add1fd7ce3454812c7e5973028860b95d20722eb501d993ea9c36523e04fb5dc
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b4bce470fb49d98827742b460df24f163838060f3d538d6b5b80b5cbe9cbe39e
bee3f3f15e0b8fa7a1c7f9898d08f87b725c8a8d2e81649e5d771d46b2bf6faa
c497fb27df91579cbdcacb69d4c2e574dd117d42845c9600dbab0c99cf237423
e7fc344c7b79bff0b0971c52cf3000c915f184189e8591587aa060b94cb07bb4
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e