urlscan.io logo urlscan.io
SecurityTrails logo

login.vwgroup.com Open in urlscan Pro
194.114.33.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://soco.volkswagen.com/
Effective URL: https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
Submission: On March 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 194.114.33.147, located in Germany and belongs to VOLKSWAGEN Volkswagen AG, Wolfsburg, DE. The main domain is login.vwgroup.com.
TLS certificate: Issued by QuoVadis Global SSL ICA G3 on November 23rd 2022. Valid for: a year.
This is the only time login.vwgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 194.114.32.10 206618 (VOLKSWAGE...)
2 10 194.114.33.147 206618 (VOLKSWAGE...)
16 2
Apex Domain
Subdomains		 Transfer
10 vwgroup.com
login.vwgroup.com
442 KB
8 volkswagen.com
soco.volkswagen.com
168 KB
16 2
Domain Requested by
10 login.vwgroup.com 2 redirects login.vwgroup.com
8 soco.volkswagen.com soco.volkswagen.com
16 2

This site contains links to these domains. Also see Links.

Domain
www.volkswagenag.com
Subject Issuer Validity Valid
soco.volkswagen.com
QuoVadis Global SSL ICA G3		 2022-03-23 -
2023-03-23		 a year crt.sh
login.vwgroup.com
QuoVadis Global SSL ICA G3		 2022-11-23 -
2023-11-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
Frame ID: 350E06A8A5CF66D1EDA3A2003F4066DC
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GroupLogin

Page URL History Show full URLs

  1. https://soco.volkswagen.com/ Page URL
  2. https://soco.volkswagen.com/isam/sps/sp_soco_volkswagen_com/saml20/logininitial?RequestBinding=HTTPPost&... Page URL
  3. https://login.vwgroup.com/isam/sps/idpextprodws/saml20/login HTTP 302
    https://login.vwgroup.com/isam/sps/auth HTTP 302
    https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

609 kB
Transfer

731 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://soco.volkswagen.com/ Page URL
  2. https://soco.volkswagen.com/isam/sps/sp_soco_volkswagen_com/saml20/logininitial?RequestBinding=HTTPPost&Target=/..%2F Page URL
  3. https://login.vwgroup.com/isam/sps/idpextprodws/saml20/login HTTP 302
    https://login.vwgroup.com/isam/sps/auth HTTP 302
    https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
soco.volkswagen.com/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://soco.volkswagen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.32.10 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
3df5beafc6756f25bef58a1a21c2c76ff7e424a86405192770339b7ca123e049
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-length
7527
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Mon, 13 Mar 2023 21:56:40 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1
main.css
soco.volkswagen.com/localdocs/styles/themes/volkswagenag/ 		127 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://soco.volkswagen.com/localdocs/styles/themes/volkswagenag/main.css
Requested by
Host: soco.volkswagen.com
URL: https://soco.volkswagen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.32.10 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
17ed676f4473830c8b364edd995f389b741e2922ab80b30c9bc9f311f6c93b94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://soco.volkswagen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
text/css
date
Mon, 13 Mar 2023 21:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Aug 2022 12:03:30 GMT
content-length
130199
x-frame-options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
samlsso.js
soco.volkswagen.com/localdocs/extra/ 		805 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soco.volkswagen.com/localdocs/extra/samlsso.js
Requested by
Host: soco.volkswagen.com
URL: https://soco.volkswagen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.32.10 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
f591cfa5643fca03027fd2248c4cbd80221fba9dd87d52c2538d4c72b40831cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://soco.volkswagen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 13 Mar 2023 21:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Aug 2022 12:03:29 GMT
content-length
805
x-frame-options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
brand.png
soco.volkswagen.com/localdocs/pics/volkswagenag/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://soco.volkswagen.com/localdocs/pics/volkswagenag/brand.png
Requested by
Host: soco.volkswagen.com
URL: https://soco.volkswagen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.32.10 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
c3266fe0a7c2e5c78fbe9db94e0667023ce24ea8f48ff08334a3af7a4247c8cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://soco.volkswagen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/png
date
Mon, 13 Mar 2023 21:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Aug 2022 12:03:29 GMT
content-length
1513
x-frame-options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
header-logo.png
soco.volkswagen.com/localdocs/pics/ 		128 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://soco.volkswagen.com/localdocs/pics/header-logo.png
Requested by
Host: soco.volkswagen.com
URL: https://soco.volkswagen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.32.10 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://soco.volkswagen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/png
date
Mon, 13 Mar 2023 21:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Aug 2022 12:03:29 GMT
content-length
376080
x-frame-options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
token.png
soco.volkswagen.com/localdocs/pics/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://soco.volkswagen.com/localdocs/pics/token.png
Requested by
Host: soco.volkswagen.com
URL: https://soco.volkswagen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.32.10 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://soco.volkswagen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/png
date
Mon, 13 Mar 2023 21:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Aug 2022 12:03:29 GMT
content-length
3502
x-frame-options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
pki_2.png
soco.volkswagen.com/localdocs/pics/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://soco.volkswagen.com/localdocs/pics/pki_2.png
Requested by
Host: soco.volkswagen.com
URL: https://soco.volkswagen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.32.10 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://soco.volkswagen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/png
date
Mon, 13 Mar 2023 21:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Aug 2022 12:03:29 GMT
content-length
19340
x-frame-options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
logininitial
soco.volkswagen.com/isam/sps/sp_soco_volkswagen_com/saml20/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://soco.volkswagen.com/isam/sps/sp_soco_volkswagen_com/saml20/logininitial?RequestBinding=HTTPPost&Target=/..%2F
Requested by
Host: soco.volkswagen.com
URL: https://soco.volkswagen.com/localdocs/extra/samlsso.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.32.10 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
1f656b81285f67caa418441b65cf89a5f552728d19f719f50a49e7e08a1a2bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://soco.volkswagen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-language
en-US
content-type
text/html;charset=UTF-8
date
Mon, 13 Mar 2023 21:56:40 GMT
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
transfer-encoding
chunked
x-frame-options
SAMEORIGIN
Primary Request redirect.html
login.vwgroup.com/
Redirect Chain
  • https://login.vwgroup.com/isam/sps/idpextprodws/saml20/login
  • https://login.vwgroup.com/isam/sps/auth
  • https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
25 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.33.147 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
922ce75cd7161eb7d17a306890a33bca220464fbad1dbf8f4c4f1baebdd816a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://selfservice.wob.vw.vwg
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://soco.volkswagen.com
Referer
https://soco.volkswagen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-length
25326
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
content-type
text/html
date
Mon, 13 Mar 2023 21:56:40 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
x-xss-protection
1; mode=block

Redirect headers

content-language
en-US
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
date
Mon, 13 Mar 2023 21:56:39 GMT
location
https://login.vwgroup.com/isam/../redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
p3p
CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security
max-age=31536000
transfer-encoding
chunked
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
style.min.css
login.vwgroup.com/localdocs/css/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.vwgroup.com/localdocs/css/style.min.css?v=1645640336767
Requested by
Host: login.vwgroup.com
URL: https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.33.147 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
9eeb700cf0a9feb748b018d951823ff1889328065fc1097b95aa7695358d25f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
Strict-Transport-Security max-age=31536000
X-Frame-Options ALLOW-FROM https://selfservice.wob.vw.vwg

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 21:56:40 GMT
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
strict-transport-security
max-age=31536000
last-modified
Tue, 25 Jan 2022 11:00:32 GMT
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
text/css
content-length
39073
icons.svg
login.vwgroup.com/localdocs/svg/ 		157 KB
158 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.vwgroup.com/localdocs/svg/icons.svg
Requested by
Host: login.vwgroup.com
URL: https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.33.147 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
835ac33dc6f5b4775a0ebc71291c72e2cdfdda7a50c526955e7ac2b332364c88
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
Strict-Transport-Security max-age=31536000
X-Frame-Options ALLOW-FROM https://selfservice.wob.vw.vwg

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 21:56:40 GMT
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Jun 2021 16:34:20 GMT
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
image/svg+xml
content-length
161053
vwag-logo.svg
login.vwgroup.com/localdocs/svg/brand/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.vwgroup.com/localdocs/svg/brand/vwag-logo.svg
Requested by
Host: login.vwgroup.com
URL: https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.33.147 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
6700043046fa7640823bfc7e10585c04dae183763e71715497c6ccf49050cc67
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
Strict-Transport-Security max-age=31536000
X-Frame-Options ALLOW-FROM https://selfservice.wob.vw.vwg

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 21:56:40 GMT
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Jun 2021 16:34:20 GMT
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
image/svg+xml
content-length
6135
token.svg
login.vwgroup.com/localdocs/svg/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.vwgroup.com/localdocs/svg/images/token.svg
Requested by
Host: login.vwgroup.com
URL: https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.33.147 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
df2791677def9ff8ae6a7f9bb58af48782db357bd2f8d65fd79f3f789855245a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
Strict-Transport-Security max-age=31536000
X-Frame-Options ALLOW-FROM https://selfservice.wob.vw.vwg

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 21:56:40 GMT
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Jun 2021 16:34:20 GMT
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
image/svg+xml
content-length
2065
main.min.js
login.vwgroup.com/localdocs/js/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.vwgroup.com/localdocs/js/main.min.js?v=1645640336767
Requested by
Host: login.vwgroup.com
URL: https://login.vwgroup.com/redirect.html?nonce=1678744600696&type=1234s&Target=/../isam/sps/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.33.147 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
77b632f0adf87620d98ce1c1cfca5b4b7705ab4387b7ed35ed5b84b807668f33
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
Strict-Transport-Security max-age=31536000
X-Frame-Options ALLOW-FROM https://selfservice.wob.vw.vwg

Request headers

Referer
Origin
https://login.vwgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 21:56:40 GMT
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
strict-transport-security
max-age=31536000
last-modified
Mon, 07 Mar 2022 17:43:00 GMT
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
application/x-javascript
content-length
8563
VWAGTheSans-Regular.woff2
login.vwgroup.com/localdocs/fonts/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.vwgroup.com/localdocs/fonts/VWAGTheSans-Regular.woff2
Requested by
Host: login.vwgroup.com
URL: https://login.vwgroup.com/localdocs/css/style.min.css?v=1645640336767
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.33.147 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
4cd4a114c2a0c028c7d746a0235819aa90b75589cbdc149d52ab48183a4146dd
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
Strict-Transport-Security max-age=31536000
X-Frame-Options ALLOW-FROM https://selfservice.wob.vw.vwg

Request headers

Referer
https://login.vwgroup.com/localdocs/css/style.min.css?v=1645640336767
Origin
https://login.vwgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 21:56:40 GMT
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
strict-transport-security
max-age=31536000
last-modified
Fri, 25 Jun 2021 09:50:06 GMT
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
text/plain
content-length
106000
VWAGTheSans-Bold.woff2
login.vwgroup.com/localdocs/fonts/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login.vwgroup.com/localdocs/fonts/VWAGTheSans-Bold.woff2
Requested by
Host: login.vwgroup.com
URL: https://login.vwgroup.com/localdocs/css/style.min.css?v=1645640336767
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.114.33.147 , Germany, ASN206618 (VOLKSWAGEN Volkswagen AG, Wolfsburg, DE),
Reverse DNS
Software
/
Resource Hash
c87f8a22b4b823306a26f8db71756c802bdfe5e2ea6a666d5dbf507c9b09b283
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
Strict-Transport-Security max-age=31536000
X-Frame-Options ALLOW-FROM https://selfservice.wob.vw.vwg

Request headers

Referer
https://login.vwgroup.com/localdocs/css/style.min.css?v=1645640336767
Origin
https://login.vwgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 21:56:40 GMT
content-security-policy
frame-ancestors https://selfservice.wob.vw.vwg https://www.volkswagen-net.de https://volkswagen-net.de
strict-transport-security
max-age=31536000
last-modified
Fri, 25 Jun 2021 09:50:06 GMT
x-frame-options
ALLOW-FROM https://selfservice.wob.vw.vwg
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
text/plain
content-length
99784

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

9 Cookies

Domain/Path Name / Value
soco.volkswagen.com/ Name: PD-S-SESSION-ID
Value: /kkzm3iM7X3Zkihs+/ZR/g==:1_2_0_QDnCgFapM044qvLhyo0Fr0yxnDOtJNA-2DNL6WeO1gOGzR26|
soco.volkswagen.com/ Name: AMWEBJCT!%2Fisam!JSESSIONID
Value: 0000fjwqjCVb7vGYG90QWjNqSLf:0ca0801d-0b68-4cd1-8aac-4790f4066361
soco.volkswagen.com/ Name: AMWEBJCT!%2Fisam!https%3A%2F%2Fsoco.volkswagen.com%2Fisam%2Fsps%2Fsp_soco_volkswagen_com%2Fsaml20FIMSAML20
Value: uuid99e59614-c940-4150-8f35-0cc4d7e86bca
soco.volkswagen.com/ Name: PD_STATEFUL_385fc570-9bca-11ed-aece-001a4acb0242
Value: %2Fisam
soco.volkswagen.com/ Name: IV_JCT
Value: %2Fisam
login.vwgroup.com/ Name: AMWEBJCT!%2Fisam!JSESSIONID
Value: 0000f32AqbcBjC5fyqAQQEIVsJ9:0ca0801d-0b68-4cd1-8aac-4790f4066361
login.vwgroup.com/ Name: AMWEBJCT!%2Fisam!https%3A%2F%2Flogin.vwgroup.com%2Fisam%2Fsps%2Fidpextprodws%2Fsaml20FIMSAML20
Value: uuid730fb08d-ff35-4176-98f4-74c65bba1196
login.vwgroup.com/ Name: PD_STATEFUL_2045ac32-9f71-11ea-a8c3-001a4acb023f
Value: %2Fisam
.login.vwgroup.com/ Name: PD-S-SESSION-ID
Value: /kkzm3iM7X0hsL0p6etfNQ==:1_2_0_A6l1HH8B00NATxGk-MuE6Hqu6DDe6t7-gSf2yFDJXckKDLxL|

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1