kunde.vnrag.de Open in urlscan Pro
35.156.16.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kunde.vnrag.de/vnr
Effective URL:
https://kunde.vnrag.de/home
Submission: On March 24 via manual (March 24th 2023, 12:27:20 pm UTC) from DE — Scanned from DE

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 35.156.16.26, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is kunde.vnrag.de.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 13th 2023. Valid for: 5 months.

This is the only time kunde.vnrag.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	35.156.16.26 35.156.16.26	16509 (AMAZON-02) (AMAZON-02)
9	148.251.5.29 148.251.5.29	24940 (HETZNER-AS) (HETZNER-AS)
18	3

10 35.156.16.26 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com

kunde.vnrag.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 148.251.5.29 (Grossmuehlingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.5.251.148.clients.your-server.de

5f3c395.ccm19.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	vnrag.de 1 redirects kunde.vnrag.de	571 KB
9	ccm19.de 5f3c395.ccm19.de — Cisco Umbrella Rank: 258705	102 KB
18	2

	Domain	Requested by
10	kunde.vnrag.de	1 redirects kunde.vnrag.de
9	5f3c395.ccm19.de	kunde.vnrag.de 5f3c395.ccm19.de
18	2

This site contains links to these domains. Also see Links.

Domain
www.vnrag.de

Subject Issuer	Validity	Valid
kunde.vnrag.de Amazon RSA 2048 M02	`2023-02-13` - `2023-07-04`	5 months	crt.sh
cloud.ccm19.de R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kunde.vnrag.de/home
Frame ID: E04BB30B7976B50A8EFF4A95879ED852
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Self-Service

Page URL History Show full URLs

https://kunde.vnrag.de/vnr HTTP 302
https://kunde.vnrag.de/home Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

673 kB
Transfer

757 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vnrag.de/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.vnrag.de/datenschutz/
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kunde.vnrag.de/vnr HTTP 302
https://kunde.vnrag.de/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home Show response
kunde.vnrag.de/
Redirect Chain

https://kunde.vnrag.de/vnr
https://kunde.vnrag.de/home

6 KB
6 KB

341ms
340ms

Document
text/html

35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.vnrag.de/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3d8ac06cbdc5a54c635e0ff4a695f00acee52b685353fdbc72ef9546ef013a55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: *
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 24 Mar 2023 12:27:15 GMT
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: *
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 24 Mar 2023 12:27:14 GMT
location: https://kunde.vnrag.de/home
server: nginx

GET
H2 200 ccm19.js Show response
5f3c395.ccm19.de/app/public/ 138 KB
29 KB 64ms
13ms Script
application/javascript 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/app/public/ccm19.js?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d

Requested by

Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

c14fd83be736a402b29031d099cb803edd34d41687529adc296ce189b1f1564e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunde.vnrag.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
content-encoding: gzip
strict-transport-security: max-age=16000000; includeSubDomains; preload
server: Apache/2.4.54 (Ubuntu)
x-powered-by: PHP/8.1.10
etag: "6988d95ac06f26b269ab92a5641d609d-gzip"
vary: Accept-Language,Accept-Encoding,Referer
content-type: application/javascript
cache-control: max-age=0, must-revalidate, public, s-maxage=0
x-robots-tag: noindex, nofollow
link: <https://5f3c395.ccm19.de/app.css?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2&theme=63ff89611f2975560003cdca&v=1679646848>;rel="preload";as="style";nopush
content-length: 29461

GET
H2 200 vnr.css
kunde.vnrag.de/css/ 211 KB
211 KB 8ms
8ms Stylesheet
text/css 35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Requested by: Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: be601758c9d91cecabef8bd32dbcd4bff3659b8603ade79718d8b13ddcde3498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunde.vnrag.de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
last-modified: Thu, 02 Mar 2023 16:50:09 GMT
server: nginx
accept-ranges: bytes
etag: "6400d3c1-34a19"
content-length: 215577
content-type: text/css

GET
H2 200 logo-vnr.png
kunde.vnrag.de/img/ 6 KB
6 KB 8ms
8ms Image
image/png 35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kunde.vnrag.de/img/logo-vnr.png
Requested by: Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f72b8b7c0903b21b0174e30577c7ea458993faaceb9ffaf3e6f3cabb7b1f5c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunde.vnrag.de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
last-modified: Thu, 02 Mar 2023 16:50:09 GMT
server: nginx
accept-ranges: bytes
etag: "6400d3c1-18d9"
content-length: 6361
content-type: image/png

GET
H2 200 verlagslogos-vnr.png
kunde.vnrag.de/img/ 79 KB
80 KB 8ms
8ms Image
image/png 35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kunde.vnrag.de/img/verlagslogos-vnr.png
Requested by: Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 485fcda21991b0f3da7b1028103b6c4a8ff9b206f6197f422c24051b25d2daed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunde.vnrag.de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
last-modified: Wed, 15 Feb 2023 07:34:43 GMT
server: nginx
accept-ranges: bytes
etag: "63ec8b13-13d84"
content-length: 81284
content-type: image/png

GET
H2 200 app.js Show response
kunde.vnrag.de/js/ 209 KB
209 KB 8ms
8ms Script
application/javascript 35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.vnrag.de/js/app.js?id=4a7f925a6955bfa3324fe995217dc99f
Requested by: Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ad6b5df96f1658bc7e01acac0444d339f99817dcc234e99fa04f0cb542c7b51a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunde.vnrag.de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
last-modified: Wed, 15 Feb 2023 07:34:43 GMT
server: nginx
accept-ranges: bytes
etag: "63ec8b13-34227"
content-length: 213543
content-type: application/javascript

GET
H2 200 app.css
5f3c395.ccm19.de/ 43 KB
9 KB 52ms
52ms Stylesheet
text/css 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/app.css?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2&theme=63ff89611f2975560003cdca&v=1679646848

Requested by

Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

4579c4773c0e1b76384462d73f07ba51686d8a98fed87a0a6b8e08a680ffc3af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'none'; connect-src 'none'; form-action 'none'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunde.vnrag.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
content-security-policy: default-src 'self' ; script-src 'none'; connect-src 'none'; form-action 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload
content-encoding: gzip
x-powered-by: PHP/8.1.10
server: Apache/2.4.54 (Ubuntu)
access-control-max-age: 3600
access-control-allow-methods: GET,POST,PUT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: immutable, max-age=31536000, public
access-control-allow-credentials: true
permissions-policy: interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
vary: Accept-Encoding
access-control-allow-headers: Content-Type,X-Requested-With,X-CCM19State

GET
H2 200 open-sans-v18-latin-regular.woff2
kunde.vnrag.de/fonts/ 14 KB
14 KB 10ms
9ms Font
font/woff2 35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.vnrag.de/fonts/open-sans-v18-latin-regular.woff2?f57a62e9efddf6ace18b15572f81905b
Requested by: Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

Referer: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Origin: https://kunde.vnrag.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
last-modified: Thu, 02 Mar 2023 16:50:09 GMT
server: nginx
accept-ranges: bytes
etag: "6400d3c1-382c"
content-length: 14380
content-type: font/woff2

GET
H2 200 open-sans-v18-latin-600.woff2
kunde.vnrag.de/fonts/ 15 KB
15 KB 9ms
8ms Font
font/woff2 35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.vnrag.de/fonts/open-sans-v18-latin-600.woff2?9526470852428b4340ed994462821463
Requested by: Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Request headers

Referer: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Origin: https://kunde.vnrag.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
last-modified: Wed, 15 Feb 2023 07:34:43 GMT
server: nginx
accept-ranges: bytes
etag: "63ec8b13-3a20"
content-length: 14880
content-type: font/woff2

GET
H2 200 details
5f3c395.ccm19.de/widget/ 0
58 KB 621ms
589ms Other
text/x-html-fragment 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/widget/details?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2&theme=63ff89611f2975560003cdca&lang=de_DE&v=1679646848

Requested by

Host: 5f3c395.ccm19.de
URL: https://5f3c395.ccm19.de/app/public/ccm19.js?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://kunde.vnrag.de/
Origin: https://kunde.vnrag.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload
content-encoding: gzip
x-powered-by: PHP/8.1.10
server: Apache/2.4.54 (Ubuntu)
access-control-max-age: 3600
access-control-allow-methods: GET,POST,PUT
content-language: de-DE
access-control-allow-origin: *
content-type: text/x-html-fragment; charset=utf-8
cache-control: immutable, max-age=31536000, public
access-control-allow-credentials: true
permissions-policy: interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
x-frame-options: sameorigin
x-robots-tag: noindex
access-control-allow-headers: Content-Type,X-Requested-With,X-CCM19State
vary: Accept-Encoding

GET
H2 200 widget Show response
5f3c395.ccm19.de/ 8 KB
4 KB 97ms
96ms XHR
text/x-html-fragment 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/widget?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2&theme=63ff89611f2975560003cdca&lang=de_DE&v=1679646848

Requested by

Host: 5f3c395.ccm19.de
URL: https://5f3c395.ccm19.de/app/public/ccm19.js?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

abf74d07785132f4c41b204c4725419d739bd7c83c48b50a7f159b7a96f31d31

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://kunde.vnrag.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload
content-encoding: gzip
x-powered-by: PHP/8.1.10
server: Apache/2.4.54 (Ubuntu)
access-control-max-age: 3600
access-control-allow-methods: GET,POST,PUT
content-language: de-DE
access-control-allow-origin: *
content-type: text/x-html-fragment; charset=utf-8
cache-control: immutable, max-age=31536000, public
access-control-allow-credentials: true
permissions-policy: interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
x-frame-options: sameorigin
x-robots-tag: noindex
access-control-allow-headers: Content-Type,X-Requested-With,X-CCM19State
vary: Accept-Encoding

OPTIONS
H2 204 widget
5f3c395.ccm19.de/ 0
0 77ms
52ms Preflight 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/widget?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2&theme=63ff89611f2975560003cdca&lang=de_DE&v=1679646848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://kunde.vnrag.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-CCM19State
access-control-allow-methods: GET,POST,PUT
access-control-allow-origin: *
access-control-max-age: 3600
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
date: Fri, 24 Mar 2023 12:27:15 GMT
permissions-policy: interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=16000000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: sameorigin
x-powered-by: PHP/8.1.10

OPTIONS
H2 204 consent
5f3c395.ccm19.de/statistics/ 0
0 43ms
43ms Preflight 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/statistics/consent?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2&theme=63ff89611f2975560003cdca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://kunde.vnrag.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-CCM19State
access-control-allow-methods: GET,POST,PUT
access-control-allow-origin: *
access-control-max-age: 3600
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
date: Fri, 24 Mar 2023 12:27:15 GMT
permissions-policy: interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=16000000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: sameorigin
x-powered-by: PHP/8.1.10

POST
H2 200 consent Show response
5f3c395.ccm19.de/statistics/ 16 B
793 B 176ms
176ms XHR
application/json 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/statistics/consent?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2&theme=63ff89611f2975560003cdca

Requested by

Host: 5f3c395.ccm19.de
URL: https://5f3c395.ccm19.de/app/public/ccm19.js?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://kunde.vnrag.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload
content-encoding: gzip
x-powered-by: PHP/8.1.10
content-length: 36
server: Apache/2.4.54 (Ubuntu)
access-control-max-age: 3600
access-control-allow-methods: GET,POST,PUT
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
x-frame-options: sameorigin
access-control-allow-headers: Content-Type,X-Requested-With,X-CCM19State
vary: Accept-Encoding

GET
H2 200 open-sans-v18-latin-700.woff2
kunde.vnrag.de/fonts/ 15 KB
15 KB 10ms
9ms Font
font/woff2 35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.vnrag.de/fonts/open-sans-v18-latin-700.woff2?92425c623934facef057b0cfe2e13f95
Requested by: Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Request headers

Referer: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Origin: https://kunde.vnrag.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
last-modified: Thu, 02 Mar 2023 16:50:09 GMT
server: nginx
accept-ranges: bytes
etag: "6400d3c1-3ad0"
content-length: 15056
content-type: font/woff2

GET
H2 200 open-sans-v18-latin-300.woff2
kunde.vnrag.de/fonts/ 15 KB
15 KB 8ms
8ms Font
font/woff2 35.156.16.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.vnrag.de/fonts/open-sans-v18-latin-300.woff2?b871ad6e5cbe2a1c8c7362c81a234f93
Requested by: Host: kunde.vnrag.de
URL: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.16.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-16-26.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Request headers

Referer: https://kunde.vnrag.de/css/vnr.css?id=200969cef3b00bbaa0df9818a5154f16
Origin: https://kunde.vnrag.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:27:15 GMT
last-modified: Wed, 15 Feb 2023 07:34:43 GMT
server: nginx
accept-ranges: bytes
etag: "63ec8b13-3a54"
content-length: 14932
content-type: font/woff2

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 report Show response
5f3c395.ccm19.de/page_check/ 16 B
795 B 38ms
38ms XHR
application/json 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/page_check/report?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2

Requested by

Host: 5f3c395.ccm19.de
URL: https://5f3c395.ccm19.de/app/public/ccm19.js?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://kunde.vnrag.de/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Mar 2023 12:27:16 GMT
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload
content-encoding: gzip
x-powered-by: PHP/8.1.10
content-length: 36
server: Apache/2.4.54 (Ubuntu)
access-control-max-age: 3600
access-control-allow-methods: GET,POST,PUT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=30, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
x-frame-options: sameorigin
access-control-allow-headers: Content-Type,X-Requested-With,X-CCM19State
vary: Accept-Encoding

OPTIONS
H2 204 report
5f3c395.ccm19.de/page_check/ 0
0 95ms
95ms Preflight 148.251.5.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3c395.ccm19.de/page_check/report?apiKey=5d8c70493d06c746b56b4dfc2d0c01dafe9a1e0721f44a6d&domain=63ff880f1f2975561aeaec7d&gen=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.5.29 Grossmuehlingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.29.5.251.148.clients.your-server.de

Software

Apache/2.4.54 (Ubuntu) / PHP/8.1.10

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://kunde.vnrag.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-CCM19State
access-control-allow-methods: GET,POST,PUT
access-control-allow-origin: *
access-control-max-age: 3600
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
date: Fri, 24 Mar 2023 12:27:16 GMT
permissions-policy: interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=16000000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: sameorigin
x-powered-by: PHP/8.1.10

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| Ccm19Plugins object| CCM object| webpackChunk

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			kunde.vnrag.de/	1970-01-20 10:34:24	Name: self_service_prod_session Value: eyJpdiI6Ii9iRlZKeEVrYlZlRmxsWDF0eHNldlE9PSIsInZhbHVlIjoiRXVhZ2pkQjBRZkMwMjlpSG5GN1p5N3Q2bThqZEFBODFYdG1HWkRoSC9STnF4clg4NytJR1dwVExHOUxneENoRkc4YlcveloraXlXZ1NRdHFmMUNVdFBkcE1Ia1NHY3pNVDVnM1JQMWZmRDhEWGQ1N2NkTGh1S3lCSWRiTmFmUlkiLCJtYWMiOiIyZGVmMTI2NGI4OWU1ODFmOTM4ZTQ2Njg1YTgwNzllNjBiZjJjMThmMmYzZWQ4ZTE5MDA0NTZiNzkzNTYyYzI4IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f3c395.ccm19.de
kunde.vnrag.de
148.251.5.29
35.156.16.26
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
3d8ac06cbdc5a54c635e0ff4a695f00acee52b685353fdbc72ef9546ef013a55
4579c4773c0e1b76384462d73f07ba51686d8a98fed87a0a6b8e08a680ffc3af
485fcda21991b0f3da7b1028103b6c4a8ff9b206f6197f422c24051b25d2daed
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
8f72b8b7c0903b21b0174e30577c7ea458993faaceb9ffaf3e6f3cabb7b1f5c0
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
abf74d07785132f4c41b204c4725419d739bd7c83c48b50a7f159b7a96f31d31
ad6b5df96f1658bc7e01acac0444d339f99817dcc234e99fa04f0cb542c7b51a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
be601758c9d91cecabef8bd32dbcd4bff3659b8603ade79718d8b13ddcde3498
c14fd83be736a402b29031d099cb803edd34d41687529adc296ce189b1f1564e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

kunde.vnrag.de Open in urlscan Pro 35.156.16.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

673 kBTransfer

757 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

kunde.vnrag.de Open in urlscan Pro
35.156.16.26 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

673 kB
Transfer

757 kB
Size

1
Cookies

18 HTTP transactions
1 data transactions