urlscan.io logo urlscan.io
SecurityTrails logo

www.vwfs-ag.com Open in urlscan Pro
5.175.14.148  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.vwfs-ag.com/service/
Submission: On September 15 via manual from FR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 5.175.14.148, located in Strasbourg, France and belongs to GODADDY, DE. The main domain is www.vwfs-ag.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on September 9th 2021. Valid for: a year.
This is the only time www.vwfs-ag.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volkswagen Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
12 5.175.14.148 20773 (GODADDY)
2 52.84.174.68 16509 (AMAZON-02)
16 3
Apex Domain
Subdomains		 Transfer
12 vwfs-ag.com
www.vwfs-ag.com
2 MB
2 vwfs.de
www.vwfs.de Failed
80 KB
0 iadvize.com Failed
static.iadvize.com Failed
16 3
Domain Requested by
12 www.vwfs-ag.com www.vwfs-ag.com
2 www.vwfs.de www.vwfs-ag.com
0 static.iadvize.com Failed www.vwfs-ag.com
16 3
Subject Issuer Validity Valid
www.vwfs-ag.com
Starfield Secure Certificate Authority - G2		 2021-09-09 -
2022-09-09		 a year crt.sh
www.vwfs.de
Amazon		 2020-10-26 -
2021-11-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.vwfs-ag.com/service/
Frame ID: B411862927966B97555258276301E85F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IT Service für VWFS Mitarbeiter | Volkswagen Leasing

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/

Page Statistics

16
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1657 kB
Transfer

1653 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://halc.iadvize.com/iadvize.js?sid=6595&lang=de HTTP 302
  • https://static.iadvize.com/livechat/3.253.0/live.d7b6cfb6.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.vwfs-ag.com/service/ 		87 KB
87 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
c06af43f00530692eb9dfe0138a72afc696894c0ae7fc23a0da85c76778d1ec1

Request headers

Host
www.vwfs-ag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
Apache
vwfs-sans-regular.woff2
www.vwfs.de/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/fonts/ 		0
0
clientlib-site-bluelabel.2.59.3.min.css
www.vwfs-ag.com/etc/designs/bluelabel/ 		526 KB
526 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
3aa206edb394dd2b5d4604a0c11718e2c68cd7628946914965662c980d625124

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.vwfs-ag.com/service/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:53 GMT
Server
Apache
ETag
"83649-5cb8f4f3390b1"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
538185
targetproduction.1.0.0.js
www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site/js/ 		119 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site/js/targetproduction.1.0.0.js
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
e7127714008f4aadfa5ed934684933f1f6bd72a1da7ae2dfd0c7b4383aa35cae

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.vwfs-ag.com/service/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:48 GMT
Server
Apache
ETag
"77-5cb8f4eea9e7a"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119
launch-EN297f6069de8b4a75961ef39a0fb96373.min.js
www.vwfs-ag.com/assets.adobedtm.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/assets.adobedtm.com/launch-EN297f6069de8b4a75961ef39a0fb96373.min.js
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.vwfs-ag.com/service/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Server
Apache
Vary
accept-language,accept-charset
Content-Language
de
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=utf-8
Expires
Wed, 15 Sep 2021 07:18:52 GMT
logo.svg
www.vwfs.de/etc/designs/bluelabel/clientlib-site-bluelabel/img/ 		7 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vwfs.de/etc/designs/bluelabel/clientlib-site-bluelabel/img/logo.svg
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-68.cdg50.r.cloudfront.net
Software
Apache /
Resource Hash
9aecf57fd0e22e136fdc8f4582de95db08e46b018a9e5d5ef221097605ca1538
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cms.vwfs.tools ; img-src 'self' data: https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://dev.day.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://*.iadvize.com https://maps.googleapis.com https://maps.gstatic.com https://*.google.com https://*.google.de https://*.google.vwfs.de https://*.googlesyndication.com https://*.googleadservices.com https://cm.g.doubleclick.net https://ad.doubleclick.net https://img.youtube.com https://i.ytimg.com https://*.userzoom.com https://*.adform.net https://www.facebook.com https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://t.co https://*.volkswagenbank.de https://cms-assets.vwfs.io https://smetrics.vwfs.de ; script-src 'self' 'unsafe-inline' https://*.volkswagenbank.de https://storagewebcalcweud.blob.core.windows.net https://*.iadvize.com https://*.youtube.com https://*.vimeo.com https://s.ytimg.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://*.fls.doubleclick.net https://maps.googleapis.com https://www.googletagmanager.com https://*.googlesyndication.com https://www.googleadservices.com https://www.google.com https://www.google.de https://cm.g.doubleclick.net https://www.volkswagenbank-cloud.de https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://assets.adobedtm.com https://*.omniture.com https://*.adobe.com https://*.userzoom.com https://*.adform.net https://connect.facebook.net https://*.thunderhead.com https://*.twitter.com https://static.ads-twitter.com https://*.advsearch.vwfs.io https://cc.cdn.civiccomputing.com https://target.vwfs.de https://smetrics.vwfs.de https://*.google.de; style-src 'self' 'unsafe-inline' https://*.iadvize.com https://*.userzoom.com https://fonts.googleapis.com https://target.vwfs.de ; connect-src 'self' https://vimeo.com https://*.youtube.com https://calculator.vwfs.com https://*.iadvize.com wss://*.iadvize.com https://cfpoi-search.p-sunhill.com https://apikeys.civiccomputing.com https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://*.adobedc.net https://*.tt.omtrdc.net https://*.2o7.net https://*.cms.vwfs.io https://*.advsearch.vwfs.io https://cms-content.vwfs.io https://target.vwfs.de https://smetrics.vwfs.de https://www.google.com https://*.facebook.com ; frame-ancestors 'self' https://vwfs.experiencecloud.adobe.com https://vwfs.marketing.adobe.com https://experience.adobe.com ; object-src 'none' ; font-src 'self' https://fonts.gstatic.com https://cdn.bronson.vwfs.io ; frame-src https://player.vimeo.com https://www.youtube-nocookie.com https://*.adform.net https://*.iadvize.com https://*.adobe.com https://*.omniture.com https://*.demdex.net https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://www.facebook.com https://*.googlesyndication.com https://cm.g.doubleclick.net ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
CDG50-P1
x-cache
Miss from cloudfront
x-source
D
vary
Accept-Encoding
x-xss-protection
1; mode=block
access-control-allow-origin
https://customer.identity.tm
referrer-policy
origin
last-modified
Mon, 06 Sep 2021 07:02:58 GMT
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
image/svg+xml
via
1.1 3f1a5dbb6451309426050e13abf469c6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
content-security-policy
default-src 'self' https://*.cms.vwfs.tools ; img-src 'self' data: https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://dev.day.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://*.iadvize.com https://maps.googleapis.com https://maps.gstatic.com https://*.google.com https://*.google.de https://*.google.vwfs.de https://*.googlesyndication.com https://*.googleadservices.com https://cm.g.doubleclick.net https://ad.doubleclick.net https://img.youtube.com https://i.ytimg.com https://*.userzoom.com https://*.adform.net https://www.facebook.com https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://t.co https://*.volkswagenbank.de https://cms-assets.vwfs.io https://smetrics.vwfs.de ; script-src 'self' 'unsafe-inline' https://*.volkswagenbank.de https://storagewebcalcweud.blob.core.windows.net https://*.iadvize.com https://*.youtube.com https://*.vimeo.com https://s.ytimg.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://*.fls.doubleclick.net https://maps.googleapis.com https://www.googletagmanager.com https://*.googlesyndication.com https://www.googleadservices.com https://www.google.com https://www.google.de https://cm.g.doubleclick.net https://www.volkswagenbank-cloud.de https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://assets.adobedtm.com https://*.omniture.com https://*.adobe.com https://*.userzoom.com https://*.adform.net https://connect.facebook.net https://*.thunderhead.com https://*.twitter.com https://static.ads-twitter.com https://*.advsearch.vwfs.io https://cc.cdn.civiccomputing.com https://target.vwfs.de https://smetrics.vwfs.de https://*.google.de; style-src 'self' 'unsafe-inline' https://*.iadvize.com https://*.userzoom.com https://fonts.googleapis.com https://target.vwfs.de ; connect-src 'self' https://vimeo.com https://*.youtube.com https://calculator.vwfs.com https://*.iadvize.com wss://*.iadvize.com https://cfpoi-search.p-sunhill.com https://apikeys.civiccomputing.com https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://*.adobedc.net https://*.tt.omtrdc.net https://*.2o7.net https://*.cms.vwfs.io https://*.advsearch.vwfs.io https://cms-content.vwfs.io https://target.vwfs.de https://smetrics.vwfs.de https://www.google.com https://*.facebook.com ; frame-ancestors 'self' https://vwfs.experiencecloud.adobe.com https://vwfs.marketing.adobe.com https://experience.adobe.com ; object-src 'none' ; font-src 'self' https://fonts.gstatic.com https://cdn.bronson.vwfs.io ; frame-src https://player.vimeo.com https://www.youtube-nocookie.com https://*.adform.net https://*.iadvize.com https://*.adobe.com https://*.omniture.com https://*.demdex.net https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://www.facebook.com https://*.googlesyndication.com https://cm.g.doubleclick.net ;
x-amz-cf-id
RqYZ4o8-86z2fFf8fgp--LAoW2Qa4oI0Xic3WmddBGsD1hFtlpjWsA==
expires
Thu, 15 Sep 2022 07:16:10 GMT
3_man-phone-call-car_Stage.jpg.xl.webp
www.vwfs.de/content/dam/bluelabel/valid/www-vwfs-de/2017-initial-pool-images/people/adults/ 		72 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vwfs.de/content/dam/bluelabel/valid/www-vwfs-de/2017-initial-pool-images/people/adults/3_man-phone-call-car_Stage.jpg.xl.webp
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-68.cdg50.r.cloudfront.net
Software
Apache /
Resource Hash
82f1d30ade1a1ed582fabe0422c75d0cc50a5b3b3282ead16c6a642b9f982f05
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.cms.vwfs.tools ; img-src 'self' data: https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://dev.day.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://*.iadvize.com https://maps.googleapis.com https://maps.gstatic.com https://*.google.com https://*.google.de https://*.google.vwfs.de https://*.googlesyndication.com https://*.googleadservices.com https://cm.g.doubleclick.net https://ad.doubleclick.net https://img.youtube.com https://i.ytimg.com https://*.userzoom.com https://*.adform.net https://www.facebook.com https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://t.co https://*.volkswagenbank.de https://cms-assets.vwfs.io https://smetrics.vwfs.de ; script-src 'self' 'unsafe-inline' https://*.volkswagenbank.de https://storagewebcalcweud.blob.core.windows.net https://*.iadvize.com https://*.youtube.com https://*.vimeo.com https://s.ytimg.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://*.fls.doubleclick.net https://maps.googleapis.com https://www.googletagmanager.com https://*.googlesyndication.com https://www.googleadservices.com https://www.google.com https://www.google.de https://cm.g.doubleclick.net https://www.volkswagenbank-cloud.de https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://assets.adobedtm.com https://*.omniture.com https://*.adobe.com https://*.userzoom.com https://*.adform.net https://connect.facebook.net https://*.thunderhead.com https://*.twitter.com https://static.ads-twitter.com https://*.advsearch.vwfs.io https://cc.cdn.civiccomputing.com https://target.vwfs.de https://smetrics.vwfs.de https://*.google.de; style-src 'self' 'unsafe-inline' https://*.iadvize.com https://*.userzoom.com https://fonts.googleapis.com https://target.vwfs.de ; connect-src 'self' https://vimeo.com https://*.youtube.com https://calculator.vwfs.com https://*.iadvize.com wss://*.iadvize.com https://cfpoi-search.p-sunhill.com https://apikeys.civiccomputing.com https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://*.adobedc.net https://*.tt.omtrdc.net https://*.2o7.net https://*.cms.vwfs.io https://*.advsearch.vwfs.io https://cms-content.vwfs.io https://target.vwfs.de https://smetrics.vwfs.de https://www.google.com https://*.facebook.com ; frame-ancestors 'self' https://vwfs.experiencecloud.adobe.com https://vwfs.marketing.adobe.com https://experience.adobe.com ; object-src 'none' ; font-src 'self' https://fonts.gstatic.com https://cdn.bronson.vwfs.io ; frame-src https://player.vimeo.com https://www.youtube-nocookie.com https://*.adform.net https://*.iadvize.com https://*.adobe.com https://*.omniture.com https://*.demdex.net https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://www.facebook.com https://*.googlesyndication.com https://cm.g.doubleclick.net ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 07:18:52 GMT
via
1.1 3f1a5dbb6451309426050e13abf469c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
CDG50-P1
x-cache
Miss from cloudfront
x-source
D
content-length
73242
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Mon, 06 Sep 2021 10:50:26 GMT
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
image/webp
access-control-allow-origin
https://customer.identity.tm
cache-control
max-age=31536000, public
content-security-policy
default-src 'self' https://*.cms.vwfs.tools ; img-src 'self' data: https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://dev.day.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://*.iadvize.com https://maps.googleapis.com https://maps.gstatic.com https://*.google.com https://*.google.de https://*.google.vwfs.de https://*.googlesyndication.com https://*.googleadservices.com https://cm.g.doubleclick.net https://ad.doubleclick.net https://img.youtube.com https://i.ytimg.com https://*.userzoom.com https://*.adform.net https://www.facebook.com https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://t.co https://*.volkswagenbank.de https://cms-assets.vwfs.io https://smetrics.vwfs.de ; script-src 'self' 'unsafe-inline' https://*.volkswagenbank.de https://storagewebcalcweud.blob.core.windows.net https://*.iadvize.com https://*.youtube.com https://*.vimeo.com https://s.ytimg.com https://googleads.g.doubleclick.net https://static.doubleclick.net https://*.fls.doubleclick.net https://maps.googleapis.com https://www.googletagmanager.com https://*.googlesyndication.com https://www.googleadservices.com https://www.google.com https://www.google.de https://cm.g.doubleclick.net https://www.volkswagenbank-cloud.de https://*.linkedin.com https://snap.licdn.com https://p.adsymptoptic.com https://t23.intelliad.de https://t13.intelliad.de https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://assets.adobedtm.com https://*.omniture.com https://*.adobe.com https://*.userzoom.com https://*.adform.net https://connect.facebook.net https://*.thunderhead.com https://*.twitter.com https://static.ads-twitter.com https://*.advsearch.vwfs.io https://cc.cdn.civiccomputing.com https://target.vwfs.de https://smetrics.vwfs.de https://*.google.de; style-src 'self' 'unsafe-inline' https://*.iadvize.com https://*.userzoom.com https://fonts.googleapis.com https://target.vwfs.de ; connect-src 'self' https://vimeo.com https://*.youtube.com https://calculator.vwfs.com https://*.iadvize.com wss://*.iadvize.com https://cfpoi-search.p-sunhill.com https://apikeys.civiccomputing.com https://*.omtrdc.net https://*.demdex.net https://*.scene7.com https://cm.everesttech.net https://*.adobedc.net https://*.tt.omtrdc.net https://*.2o7.net https://*.cms.vwfs.io https://*.advsearch.vwfs.io https://cms-content.vwfs.io https://target.vwfs.de https://smetrics.vwfs.de https://www.google.com https://*.facebook.com ; frame-ancestors 'self' https://vwfs.experiencecloud.adobe.com https://vwfs.marketing.adobe.com https://experience.adobe.com ; object-src 'none' ; font-src 'self' https://fonts.gstatic.com https://cdn.bronson.vwfs.io ; frame-src https://player.vimeo.com https://www.youtube-nocookie.com https://*.adform.net https://*.iadvize.com https://*.adobe.com https://*.omniture.com https://*.demdex.net https://*.fls.doubleclick.net https://bid.g.doubleclick.net https://www.facebook.com https://*.googlesyndication.com https://cm.g.doubleclick.net ;
accept-ranges
bytes
x-amz-cf-id
XquLBz7QEwk-V5dth52asylhWhFuaSJIoV-5iPaDyB9ZcHSsQUIwng==
expires
Thu, 15 Sep 2022 07:16:10 GMT
clientlib-site-bluelabel.2.59.3.min.js
www.vwfs-ag.com/etc/designs/bluelabel/ 		639 KB
639 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.js
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
8d697d4bd0e5ea4164cf54f6dcea731b5eccd300dbac3652c0c433dc8f2ccc96

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.vwfs-ag.com/service/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:48 GMT
Server
Apache
ETag
"9fb7c-5cb8f4ee8a299"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
654204
clientlib-flatpickr.2.59.3.min.js
www.vwfs-ag.com/etc/designs/bluelabel/ 		55 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-flatpickr.2.59.3.min.js
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
962d830942bcede60be24d87d4d248bce2ea215198baadaafd7466d71f3d3b6a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.vwfs-ag.com/service/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:46 GMT
Server
Apache
ETag
"dbe6-5cb8f4ed2a8e5"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56294
clientlib-adform.2.59.3.min.js
www.vwfs-ag.com/etc/designs/bluelabel/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-adform.2.59.3.min.js
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
676e079897f42e576258f12a0eb6a351984a052dbe1ac314a0c3197a690bca46

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.vwfs-ag.com/service/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:53 GMT
Server
Apache
ETag
"50f-5cb8f4f35b3a2"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1295
clientlib-campaign.2.59.3.min.js
www.vwfs-ag.com/etc/designs/bluelabel/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-campaign.2.59.3.min.js
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/service/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
f6c3dd187270d40ca095bab1dc002f17c64bc2814df426441cbc869474e18888

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.vwfs-ag.com/service/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/service/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:53 GMT
Server
Apache
ETag
"cab-5cb8f4f398452"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3243
logo.svg
www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel/img/logo.svg
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
9aecf57fd0e22e136fdc8f4582de95db08e46b018a9e5d5ef221097605ca1538

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:46 GMT
Server
Apache
ETag
"1d26-5cb8f4ec84850"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7462
bronson-bluelabelaa8a.woff2
www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/icon-fonts/ 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/icon-fonts/bronson-bluelabelaa8a.woff2?v=21077
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
ec5402b13b9f22a2eef3dce1c5a81f526e3a618026ad3df9c6c3bb5b98ad167c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.vwfs-ag.com
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Connection
keep-alive
Referer
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Origin
https://www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:45 GMT
Server
Apache
ETag
"d9f0-5cb8f4ec5b02b"
Content-Type
application/font-woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55792
vwfs-sans-bold.woff2
www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/fonts/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/fonts/vwfs-sans-bold.woff2
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
c87f8a22b4b823306a26f8db71756c802bdfe5e2ea6a666d5dbf507c9b09b283

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.vwfs-ag.com
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Connection
keep-alive
Referer
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Origin
https://www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:45 GMT
Server
Apache
ETag
"185c8-5cb8f4eb9effa"
Content-Type
application/font-woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99784
vwfs-sans-regular.woff2
www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/fonts/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/fonts/vwfs-sans-regular.woff2
Requested by
Host: www.vwfs-ag.com
URL: https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.175.14.148 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS
wp626.webpack.hosteurope.de
Software
Apache /
Resource Hash
4cd4a114c2a0c028c7d746a0235819aa90b75589cbdc149d52ab48183a4146dd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.vwfs-ag.com
Accept-Encoding
gzip, deflate, br
Host
www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Connection
keep-alive
Referer
https://www.vwfs-ag.com/etc/designs/bluelabel/clientlib-site-bluelabel.2.59.3.min.css
Origin
https://www.vwfs-ag.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 07:18:52 GMT
Last-Modified
Thu, 09 Sep 2021 12:40:45 GMT
Server
Apache
ETag
"19e10-5cb8f4ebc610e"
Content-Type
application/font-woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106000
live.d7b6cfb6.js
static.iadvize.com/livechat/3.253.0/
Redirect Chain
  • https://halc.iadvize.com/iadvize.js?sid=6595&lang=de
  • https://static.iadvize.com/livechat/3.253.0/live.d7b6cfb6.js
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.vwfs.de
URL
https://www.vwfs.de/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/fonts/vwfs-sans-regular.woff2
Domain
static.iadvize.com
URL
https://static.iadvize.com/livechat/3.253.0/live.d7b6cfb6.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volkswagen Bank (Banking)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| base64ToArrayBuffer string| file object| data object| blob string| fileName object| a string| url object| lazyLoadedImageSourceTags object| lazyLoadedImageImgTags undefined| sourceSrcset undefined| imgSrcset undefined| script object| VWFSUtils object| VWFS function| setImmediate function| clearImmediate function| SmoothScroll function| tippy function| flatpickr function| objectFitImages function| Waypoint object| bronson object| picturefillCFG function| picturefill object| index object| tracking object| params_to_track

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://www.vwfs-ag.com/assets.adobedtm.com/launch-EN297f6069de8b4a75961ef39a0fb96373.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: https://www.vwfs-ag.com/service/
Message:
Access to font at 'https://www.vwfs.de/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/fonts/vwfs-sans-regular.woff2' from origin 'https://www.vwfs-ag.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://customer.identity.tm' that is not equal to the supplied origin.
network error URL: https://www.vwfs.de/etc/designs/bluelabel/clientlib-site-bluelabel/fonts/fonts/vwfs-sans-regular.woff2
Message:
Failed to load resource: net::ERR_FAILED