private.volkswagen.ru Open in urlscan Pro
213.232.229.117  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response private.volkswagen.ru/	2 KB 2 KB	191ms 58ms	Document text/html	213.232.229.117 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://private.volkswagen.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.232.229.117 , Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS kodix.ru Software istio-envoy / Resource Hash 21fc12b5afd2a7ed1474c33c865bafc94c4eaffa95df39293a2ed10f4d790602 Security Headers Name Value Content-Security-Policy frame-ancestors *; Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers :method GET :authority private.volkswagen.ru :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 server istio-envoy date Fri, 07 Feb 2020 10:39:03 GMT content-type text/html; charset=utf-8 last-modified Fri, 07 Feb 2020 07:44:01 GMT cache-control private, max-age=60 vary User-Agent, Accept-Encoding accept-ranges bytes x-envoy-upstream-service-time 1 x-envoy-upstream-healthchecked-cluster vgr-pkw-personal-production.vgr content-encoding gzip content-security-policy frame-ancestors *; x-frame-options sameorigin x-content-type-options nosniff x-xss-protection 1; mode=block x-download-options noopen x-referrer-policy same-origin x-dns-prefetch-control off feature-policy camera 'self';microphone 'self';geolocation *;encrypted-media 'self';payment 'self';speaker 'self';usb 'none'; strict-transport-security max-age=2592000; preload
GET H2	200	2.5bf743a0.chunk.js Show response private.volkswagen.ru/static/js/	1 MB 521 KB	60ms 59ms	Script application/javascript	213.232.229.117 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://private.volkswagen.ru/static/js/2.5bf743a0.chunk.js Requested by Host: private.volkswagen.ru URL: https://private.volkswagen.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.232.229.117 , Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS kodix.ru Software istio-envoy / Resource Hash 466ec4d071dd63eca79f4cf7e033368ca212300db8bef8a3908d13489c2493bd Security Headers Name Value Content-Security-Policy frame-ancestors *; Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://private.volkswagen.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 10:39:03 GMT content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off status 200 x-envoy-upstream-service-time 1 strict-transport-security max-age=2592000; preload x-xss-protection 1; mode=block last-modified Fri, 07 Feb 2020 07:44:01 GMT server istio-envoy cache-control private, max-age=60 x-frame-options sameorigin x-download-options noopen vary User-Agent, Accept-Encoding content-type application/javascript; charset=utf-8 x-referrer-policy same-origin feature-policy camera 'self';microphone 'self';geolocation *;encrypted-media 'self';payment 'self';speaker 'self';usb 'none'; content-security-policy frame-ancestors *; accept-ranges bytes
GET H2	200	main.ab04ed49.chunk.js Show response private.volkswagen.ru/static/js/	539 KB 174 KB	124ms 124ms	Script application/javascript	213.232.229.117 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://private.volkswagen.ru/static/js/main.ab04ed49.chunk.js Requested by Host: private.volkswagen.ru URL: https://private.volkswagen.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.232.229.117 , Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS kodix.ru Software istio-envoy / Resource Hash 135c97cb15411ad5c1fa10e038a6cb3068a48395dde7a6251e6703a48ddca277 Security Headers Name Value Content-Security-Policy frame-ancestors *; Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://private.volkswagen.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 10:39:03 GMT content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off status 200 x-envoy-upstream-service-time 24 strict-transport-security max-age=2592000; preload x-xss-protection 1; mode=block last-modified Fri, 07 Feb 2020 07:44:01 GMT server istio-envoy cache-control private, max-age=60 x-frame-options sameorigin x-download-options noopen vary User-Agent, Accept-Encoding content-type application/javascript; charset=utf-8 x-referrer-policy same-origin feature-policy camera 'self';microphone 'self';geolocation *;encrypted-media 'self';payment 'self';speaker 'self';usb 'none'; content-security-policy frame-ancestors *; accept-ranges bytes
GET H2	200	authFrame Show response private.volkswagen.ru/ Frame 587A	2 KB 1 KB	58ms 58ms	Document text/html	213.232.229.117 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://private.volkswagen.ru/authFrame Requested by Host: private.volkswagen.ru URL: https://private.volkswagen.ru/static/js/2.5bf743a0.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.232.229.117 , Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS kodix.ru Software istio-envoy / Resource Hash 21fc12b5afd2a7ed1474c33c865bafc94c4eaffa95df39293a2ed10f4d790602 Security Headers Name Value Content-Security-Policy frame-ancestors *; Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers :method GET :authority private.volkswagen.ru :scheme https :path /authFrame pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site same-origin sec-fetch-mode nested-navigate referer https://private.volkswagen.ru/ accept-encoding gzip, deflate, br cookie VW_USER= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://private.volkswagen.ru/ Response headers status 200 server istio-envoy date Fri, 07 Feb 2020 10:39:03 GMT content-type text/html; charset=utf-8 last-modified Fri, 07 Feb 2020 07:44:01 GMT cache-control private, max-age=60 vary User-Agent, Accept-Encoding accept-ranges bytes x-envoy-upstream-service-time 1 content-encoding gzip content-security-policy frame-ancestors *; x-frame-options sameorigin x-content-type-options nosniff x-xss-protection 1; mode=block x-download-options noopen x-referrer-policy same-origin x-dns-prefetch-control off feature-policy camera 'self';microphone 'self';geolocation *;encrypted-media 'self';payment 'self';speaker 'self';usb 'none'; strict-transport-security max-age=2592000; preload
GET H2	200	2.5bf743a0.chunk.js Show response private.volkswagen.ru/static/js/ Frame 587A	1 MB 521 KB	57ms 57ms	Script application/javascript	213.232.229.117 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://private.volkswagen.ru/static/js/2.5bf743a0.chunk.js Requested by Host: private.volkswagen.ru URL: https://private.volkswagen.ru/authFrame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.232.229.117 , Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS kodix.ru Software istio-envoy / Resource Hash 466ec4d071dd63eca79f4cf7e033368ca212300db8bef8a3908d13489c2493bd Security Headers Name Value Content-Security-Policy frame-ancestors *; Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://private.volkswagen.ru/authFrame User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 10:39:03 GMT content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off status 200 x-envoy-upstream-service-time 1 strict-transport-security max-age=2592000; preload x-xss-protection 1; mode=block last-modified Fri, 07 Feb 2020 07:44:01 GMT server istio-envoy cache-control private, max-age=60 x-frame-options sameorigin x-download-options noopen vary User-Agent, Accept-Encoding content-type application/javascript; charset=utf-8 x-referrer-policy same-origin feature-policy camera 'self';microphone 'self';geolocation *;encrypted-media 'self';payment 'self';speaker 'self';usb 'none'; content-security-policy frame-ancestors *; accept-ranges bytes
GET H2	200	main.ab04ed49.chunk.js Show response private.volkswagen.ru/static/js/ Frame 587A	539 KB 174 KB	75ms 75ms	Script application/javascript	213.232.229.117 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://private.volkswagen.ru/static/js/main.ab04ed49.chunk.js Requested by Host: private.volkswagen.ru URL: https://private.volkswagen.ru/authFrame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.232.229.117 , Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS kodix.ru Software istio-envoy / Resource Hash 135c97cb15411ad5c1fa10e038a6cb3068a48395dde7a6251e6703a48ddca277 Security Headers Name Value Content-Security-Policy frame-ancestors *; Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://private.volkswagen.ru/authFrame User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 10:39:03 GMT content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off status 200 x-envoy-upstream-service-time 17 strict-transport-security max-age=2592000; preload x-xss-protection 1; mode=block last-modified Fri, 07 Feb 2020 07:44:01 GMT server istio-envoy cache-control private, max-age=60 x-frame-options sameorigin x-download-options noopen vary User-Agent, Accept-Encoding content-type application/javascript; charset=utf-8 x-referrer-policy same-origin feature-policy camera 'self';microphone 'self';geolocation *;encrypted-media 'self';payment 'self';speaker 'self';usb 'none'; content-security-policy frame-ancestors *; accept-ranges bytes
GET H/1.1	200 OK	Cookie set login-status-iframe.html idp-test.vwgroup.ru/auth/realms/vw/protocol/openid-connect/ Frame A6B1	0 0	412ms 91ms	Document text/html	188.164.211.13 VWRUS-AS
General Check archive.org Show headers Download Go to Full URL https://idp-test.vwgroup.ru/auth/realms/vw/protocol/openid-connect/login-status-iframe.html Requested by Host: private.volkswagen.ru URL: https://private.volkswagen.ru/static/js/main.ab04ed49.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.164.211.13 , Russian Federation, ASN204357 (VWRUS-AS, RU), Reverse DNS Software / Resource Hash Request headers Host idp-test.vwgroup.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://private.volkswagen.ru/authFrame Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://private.volkswagen.ru/authFrame Response headers Connection keep-alive Cache-Control no-cache, must-revalidate, no-transform, no-store P3P CP="-B> =5 ?>;8B8:0 P3P!" Content-Type text/html;charset=utf-8 Content-Length 5038 Date Fri, 07 Feb 2020 10:39:04 GMT Set-Cookie BIGipServer~EPI-B2C-ENTRY_pt~Keycloak_pool=rd1o00000000000000000000ffffac1f050fo8443; path=/; Httponly; Secure f5avrbbbbbbbbbbbbbbbb=AFLPDIGFJJDLPCFNAJLEIBEJJBPBJMOAJAPJNMFMAOICALNIJMFNDJOHJFNOGMBIIEICKPDDMGEDIEFBMEDEMHNGKMCAIGECNNGMFPDPOHEOCBENPDMDDNOIDLLJINGC; HttpOnly; secure f5_cspm=1234;
GET H/1.1	400 Bad Request	auth idp-test.vwgroup.ru/auth/realms/vw/protocol/openid-connect/ Frame 587A	0 0	96ms 96ms	Document text/html	188.164.211.13 VWRUS-AS
General Check archive.org Show headers Download Go to Full URL https://idp-test.vwgroup.ru/auth/realms/vw/protocol/openid-connect/auth?client_id=vwpersonal&redirect_uri=https%3A%2F%2Fprivate.volkswagen.ru%2FauthFrame&state=8671e33e-afe6-400b-8e3e-7be7094f76e1&response_mode=fragment&response_type=code&scope=openid%20email%20profile%20phone%20phone_required&nonce=92016935-9dcc-49fd-b8b3-b7982bf1c0b2&code_challenge=eNv4pwyd1SlnCTryZwfudzGiM8Jqj3UhMBNGyju6Qv4&code_challenge_method=S256 Requested by Host: private.volkswagen.ru URL: https://private.volkswagen.ru/static/js/main.ab04ed49.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.164.211.13 , Russian Federation, ASN204357 (VWRUS-AS, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy frame-src self https://www.google.com; frame-ancestors self; object-src none; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM https://www.google.com X-Xss-Protection 1; mode=block Request headers Host idp-test.vwgroup.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://private.volkswagen.ru/authFrame Accept-Encoding gzip, deflate, br Cookie f5avrbbbbbbbbbbbbbbbb=AFLPDIGFJJDLPCFNAJLEIBEJJBPBJMOAJAPJNMFMAOICALNIJMFNDJOHJFNOGMBIIEICKPDDMGEDIEFBMEDEMHNGKMCAIGECNNGMFPDPOHEOCBENPDMDDNOIDLLJINGC; f5_cspm=1234; BIGipServer~EPI-B2C-ENTRY_pt~Keycloak_pool=rd1o00000000000000000000ffffac1f050fo8443 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://private.volkswagen.ru/authFrame Response headers X-XSS-Protection 1; mode=block X-Frame-Options ALLOW-FROM https://www.google.com Content-Security-Policy frame-src self https://www.google.com; frame-ancestors self; object-src none; Date Fri, 07 Feb 2020 10:39:04 GMT Connection keep-alive X-Robots-Tag none Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Content-Type text/html;charset=utf-8 Content-Length 3912 Content-Language ru

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonppersonal object| scCGSHMRCache function| sha256 object| base64js number| __mobxInstanceCount object| __mobxGlobals object| regeneratorRuntime function| _ object| __APOLLO_CLIENT__ object| __localeData__ string| __localeId__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			private.volkswagen.ru/	1969-12-31 23:59:59	Name: VW_USER Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *;
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

idp-test.vwgroup.ru
private.volkswagen.ru
188.164.211.13
213.232.229.117
135c97cb15411ad5c1fa10e038a6cb3068a48395dde7a6251e6703a48ddca277
21fc12b5afd2a7ed1474c33c865bafc94c4eaffa95df39293a2ed10f4d790602
466ec4d071dd63eca79f4cf7e033368ca212300db8bef8a3908d13489c2493bd