Submitted URL: https://veh.dev-customers.com/
Effective URL: https://veh.de/
Submission: On July 24 via automatic, source certstream-suspicious — Scanned from GB

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 185.49.229.47, located in Germany and belongs to FLESSIO-AS, DE. The main domain is veh.de.
TLS certificate: Issued by R10 on June 9th 2024. Valid for: 3 months.
This is the only time veh.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 185.49.229.47 211690 (FLESSIO-AS)
13 1
Apex Domain
Subdomains
Transfer
13 veh.de
veh.de
2 MB
1 dev-customers.com
veh.dev-customers.com
296 B
13 2
Domain Requested by
13 veh.de veh.de
1 veh.dev-customers.com 1 redirects
13 2

This site contains no links.

Subject Issuer Validity Valid
veh.de
R10
2024-06-09 -
2024-09-07
3 months crt.sh

This page contains 1 frames:

Primary Page: https://veh.de/
Frame ID: EDD83A9B39709BDC15F8012232051ACF
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

VALORA EFFEKTEN HANDEL AG | Handel von unnotierten Wertpapieren

Page URL History Show full URLs

  1. https://veh.dev-customers.com/ HTTP 301
    https://veh.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1563 kB
Transfer

1577 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://veh.dev-customers.com/ HTTP 301
    https://veh.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
veh.de/
Redirect Chain
  • https://veh.dev-customers.com/
  • https://veh.de/
26 KB
7 KB
Document
General
Full URL
https://veh.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
722c196bb4799705adfd1d681cde2b5f11e2536a27d839e6717db5abdfa9c896
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://matomo.vehnet.de/

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=3600, public
content-encoding
gzip
content-language
de
content-security-policy
default-src 'self' data: 'unsafe-inline'
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 09:07:12 GMT
etag
W/"1721812032"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Wed, 24 Jul 2024 09:07:12 GMT
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains; preload;
vary
Cookie
x-content-type-options
nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
MISS
x-frame-options
ALLOW-FROM https://matomo.vehnet.de/
x-generator
Drupal 9 (https://www.drupal.org)
x-ua-compatible
IE=edge

Redirect headers

content-length
162
content-type
text/html
date
Wed, 24 Jul 2024 09:23:12 GMT
location
https://veh.de
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains; preload;
css_u0lY92IKMiuYp6wrMmEFjNIeaVTxAutanrA3Nzgr1z8.css
veh.de/sites/default/files/css/
7 KB
8 KB
Stylesheet
General
Full URL
https://veh.de/sites/default/files/css/css_u0lY92IKMiuYp6wrMmEFjNIeaVTxAutanrA3Nzgr1z8.css
Requested by
Host: veh.de
URL: https://veh.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
bb4958f7620a322b98a7ac2b3261058cd21e6954f102eb5a9eb03737382bd73f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:12 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Tue, 04 Jun 2024 12:38:53 GMT
server
nginx
etag
"665f0add-1d3c"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7484
expires
Thu, 31 Dec 2037 23:55:55 GMT
css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
veh.de/sites/default/files/css/
189 KB
189 KB
Stylesheet
General
Full URL
https://veh.de/sites/default/files/css/css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
Requested by
Host: veh.de
URL: https://veh.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
44b65fa3acbd7564d526dfa52afdae4145fce6fe478d1db5b87ba1ac23d3346d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:12 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Tue, 04 Jun 2024 12:38:53 GMT
server
nginx
etag
"665f0add-2f214"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
193044
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-veh-valora.svg
veh.de/themes/custom/patternlab/images/svgs/
14 KB
14 KB
Image
General
Full URL
https://veh.de/themes/custom/patternlab/images/svgs/logo-veh-valora.svg
Requested by
Host: veh.de
URL: https://veh.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
7bf72b27a3bf6c9d82645ab385a8debc78a0313bb6f7beac15ada9529c70f9b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:12 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Wed, 10 Jun 2020 10:03:08 GMT
server
nginx
etag
"5ee0afdc-3632"
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
13874
expires
Thu, 31 Dec 2037 23:55:55 GMT
js_iTt9nEexKVMaMEnX8MC6YwFWxVQ4TW2FpQRMEe-4Hzg.js
veh.de/sites/default/files/js/
243 KB
243 KB
Script
General
Full URL
https://veh.de/sites/default/files/js/js_iTt9nEexKVMaMEnX8MC6YwFWxVQ4TW2FpQRMEe-4Hzg.js
Requested by
Host: veh.de
URL: https://veh.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
893b7d9c47b129531a3049d7f0c0ba630156c554384d6d85a5044c11efb81f38
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:12 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Wed, 29 May 2024 20:49:14 GMT
server
nginx
etag
"665794ca-3ca4d"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
248397
expires
Thu, 31 Dec 2037 23:55:55 GMT
stage-index-visual.png
veh.de/themes/custom/patternlab/images/png/
137 KB
137 KB
Image
General
Full URL
https://veh.de/themes/custom/patternlab/images/png/stage-index-visual.png
Requested by
Host: veh.de
URL: https://veh.de/sites/default/files/css/css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
8be98b0821169d19ec6ea5f1676a96f4ce3b9e559f524f2e5c999f3f94d1b400
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:13 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Wed, 10 Jun 2020 10:03:08 GMT
server
nginx
etag
"5ee0afdc-2220d"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
139789
expires
Thu, 31 Dec 2037 23:55:55 GMT
stage-image.jpg
veh.de/themes/custom/patternlab/images/sample/
197 KB
198 KB
Image
General
Full URL
https://veh.de/themes/custom/patternlab/images/sample/stage-image.jpg
Requested by
Host: veh.de
URL: https://veh.de/sites/default/files/css/css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
e050371e469122385dda1b324391aa8f9fefcdcc7d1a1fddb081d4d870e0cb31
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:13 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Wed, 10 Jun 2020 10:03:08 GMT
server
nginx
etag
"5ee0afdc-31438"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
201784
expires
Thu, 31 Dec 2037 23:55:55 GMT
roboto-medium-italic.ttf
veh.de/themes/custom/patternlab/fonts/roboto/
173 KB
173 KB
Font
General
Full URL
https://veh.de/themes/custom/patternlab/fonts/roboto/roboto-medium-italic.ttf
Requested by
Host: veh.de
URL: https://veh.de/sites/default/files/css/css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
f177eed10d2470d13ec68d04907a582829d0ee8281f8a02a906f6954c7816e58
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
Origin
https://veh.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:13 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Mon, 08 Oct 2018 09:34:37 GMT
server
nginx
etag
"5bbb24ad-2b2e0"
content-type
application/octet-stream
accept-ranges
bytes
content-length
176864
roboto-medium.ttf
veh.de/themes/custom/patternlab/fonts/roboto/
168 KB
168 KB
Font
General
Full URL
https://veh.de/themes/custom/patternlab/fonts/roboto/roboto-medium.ttf
Requested by
Host: veh.de
URL: https://veh.de/sites/default/files/css/css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
Origin
https://veh.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:13 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Mon, 08 Oct 2018 09:34:37 GMT
server
nginx
etag
"5bbb24ad-2a020"
content-type
application/octet-stream
accept-ranges
bytes
content-length
172064
roboto-regular.ttf
veh.de/themes/custom/patternlab/fonts/roboto/
168 KB
168 KB
Font
General
Full URL
https://veh.de/themes/custom/patternlab/fonts/roboto/roboto-regular.ttf
Requested by
Host: veh.de
URL: https://veh.de/sites/default/files/css/css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
Origin
https://veh.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:13 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Mon, 08 Oct 2018 09:34:37 GMT
server
nginx
etag
"5bbb24ad-29e9c"
content-type
application/octet-stream
accept-ranges
bytes
content-length
171676
roboto-bold.ttf
veh.de/themes/custom/patternlab/fonts/roboto/
167 KB
167 KB
Font
General
Full URL
https://veh.de/themes/custom/patternlab/fonts/roboto/roboto-bold.ttf
Requested by
Host: veh.de
URL: https://veh.de/sites/default/files/css/css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
Origin
https://veh.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:13 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Mon, 08 Oct 2018 09:34:37 GMT
server
nginx
etag
"5bbb24ad-29b08"
content-type
application/octet-stream
accept-ranges
bytes
content-length
170760
fontawesome-webfont.woff2
veh.de/themes/custom/patternlab/fonts/
75 KB
76 KB
Font
General
Full URL
https://veh.de/themes/custom/patternlab/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: veh.de
URL: https://veh.de/sites/default/files/css/css_RLZfo6y9dWTVJt-lKv2uQUX85v5HjR21uHuhrCPTNG0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
Origin
https://veh.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:13 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Wed, 10 Jun 2020 10:03:08 GMT
server
nginx
etag
"5ee0afdc-12d68"
content-type
application/octet-stream
accept-ranges
bytes
content-length
77160
favicon.ico
veh.de/
15 KB
15 KB
Other
General
Full URL
https://veh.de/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.49.229.47 , Germany, ASN211690 (FLESSIO-AS, DE),
Reverse DNS
c35.srv.flessio.com
Software
nginx /
Resource Hash
2280e6bf4310b01ec2c0d9a1aa87bc74ea9758bc1543a00806c50a476e225718
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://veh.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:23:13 GMT
strict-transport-security
max-age=15768000; includeSubDomains; preload;
referrer-policy
strict-origin
content-security-policy
default-src 'self' data: 'unsafe-inline'
last-modified
Thu, 04 Mar 2021 08:06:46 GMT
server
nginx
etag
"60409516-3aee"
content-type
image/x-icon
accept-ranges
bytes
content-length
15086

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _typeof function| jQuery object| drupalSettings object| drupalTranslations object| Drupal

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://matomo.vehnet.de/