grp.volkswagenag.com
Open in
urlscan Pro
194.114.70.32
Public Scan
Effective URL: https://grp.volkswagenag.com/isam/sps/authsvc/policy/grpuidpw?Target=https://grp.volkswagenag.com/isam/sps/auth
Submission Tags: @phishunt_io
Submission: On October 16 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by QuoVadis Global SSL ICA G3 on April 27th 2023. Valid for: a year.
This is the only time grp.volkswagenag.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 188.40.182.133 188.40.182.133 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 2 | 3.126.79.236 3.126.79.236 | 16509 (AMAZON-02) (AMAZON-02) | |
1 14 | 194.114.70.32 194.114.70.32 | 206618 (VOLKSWAGE...) (VOLKSWAGEN Volkswagen AG) | |
13 | 1 |
ASN24940 (HETZNER-AS, DE)
PTR: static.133.182.40.188.clients.your-server.de
id7-ita.vw-events.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-79-236.eu-central-1.compute.amazonaws.com
id.hyvent.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
volkswagenag.com
1 redirects
grp.volkswagenag.com — Cisco Umbrella Rank: 160902 |
538 KB |
2 |
hyvent.io
2 redirects
id.hyvent.io |
1 KB |
2 |
vw-events.com
2 redirects
id7-ita.vw-events.com |
1022 B |
13 | 3 |
Domain | Requested by | |
---|---|---|
14 | grp.volkswagenag.com |
1 redirects
grp.volkswagenag.com
|
2 | id.hyvent.io | 2 redirects |
2 | id7-ita.vw-events.com | 2 redirects |
13 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
grp.global.volkswagenag.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
grp.volkswagenag.com QuoVadis Global SSL ICA G3 |
2023-04-27 - 2024-04-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://grp.volkswagenag.com/isam/sps/authsvc/policy/grpuidpw?Target=https://grp.volkswagenag.com/isam/sps/auth
Frame ID: A276DCC58A2067D02A3A76D26BE81FEB
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
GRP Login PagePage URL History Show full URLs
-
https://id7-ita.vw-events.com/
HTTP 302
https://id7-ita.vw-events.com/?loginaction=oauthclientlogin HTTP 302
https://id.hyvent.io/auth/realms/id7/protocol/openid-connect/auth?client_id=wordpress-learndash&s... HTTP 303
https://id.hyvent.io/auth/realms/id7/broker/vw-grp/login?session_code=RNJKIuqCtg2dWRZPyEgKG2N2Qh3... HTTP 303
https://grp.volkswagenag.com/isam/sps/oauth/oauth20/authorize?scope=openid+email+family_name+given_name+a... HTTP 302
https://grp.volkswagenag.com/isam/sps/auth Page URL
- https://grp.volkswagenag.com/isam/sps/authsvc/policy/grpuidpw?Target=https://grp.volkswagenag.com/isam/sp... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Create a new Account
Search URL Search Domain Scan URL
Title: Forgot Password?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://id7-ita.vw-events.com/
HTTP 302
https://id7-ita.vw-events.com/?loginaction=oauthclientlogin HTTP 302
https://id.hyvent.io/auth/realms/id7/protocol/openid-connect/auth?client_id=wordpress-learndash&scope=openid&redirect_uri=https://id7-ita.vw-events.com&response_type=code&state=asdfghjklkjhgfdsa HTTP 303
https://id.hyvent.io/auth/realms/id7/broker/vw-grp/login?session_code=RNJKIuqCtg2dWRZPyEgKG2N2Qh3c9XSdq2mCm8c2c-I&client_id=wordpress-learndash&tab_id=I3YTcYchOC8 HTTP 303
https://grp.volkswagenag.com/isam/sps/oauth/oauth20/authorize?scope=openid+email+family_name+given_name+accountip+contextdata&state=ngjdmu1-Q4ERxNtocvDmgixt3PPqcGeetm2IT2u_DRY.I3YTcYchOC8.fSlhglRFRKiWl95EQxbPVA&response_type=code&client_id=DigitalerHafen1_484&redirect_uri=https%3A%2F%2Fid.hyvent.io%2Fauth%2Frealms%2Fid7%2Fbroker%2Fvw-grp%2Fendpoint&nonce=-jFko3YJFGznDsHTt27xnw HTTP 302
https://grp.volkswagenag.com/isam/sps/auth Page URL
- https://grp.volkswagenag.com/isam/sps/authsvc/policy/grpuidpw?Target=https://grp.volkswagenag.com/isam/sps/auth Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://id7-ita.vw-events.com/ HTTP 302
- https://id7-ita.vw-events.com/?loginaction=oauthclientlogin HTTP 302
- https://id.hyvent.io/auth/realms/id7/protocol/openid-connect/auth?client_id=wordpress-learndash&scope=openid&redirect_uri=https://id7-ita.vw-events.com&response_type=code&state=asdfghjklkjhgfdsa HTTP 303
- https://id.hyvent.io/auth/realms/id7/broker/vw-grp/login?session_code=RNJKIuqCtg2dWRZPyEgKG2N2Qh3c9XSdq2mCm8c2c-I&client_id=wordpress-learndash&tab_id=I3YTcYchOC8 HTTP 303
- https://grp.volkswagenag.com/isam/sps/oauth/oauth20/authorize?scope=openid+email+family_name+given_name+accountip+contextdata&state=ngjdmu1-Q4ERxNtocvDmgixt3PPqcGeetm2IT2u_DRY.I3YTcYchOC8.fSlhglRFRKiWl95EQxbPVA&response_type=code&client_id=DigitalerHafen1_484&redirect_uri=https%3A%2F%2Fid.hyvent.io%2Fauth%2Frealms%2Fid7%2Fbroker%2Fvw-grp%2Fendpoint&nonce=-jFko3YJFGznDsHTt27xnw HTTP 302
- https://grp.volkswagenag.com/isam/sps/auth
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
auth
grp.volkswagenag.com/isam/sps/ Redirect Chain
|
311 B 919 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
grpuidpw
grp.volkswagenag.com/isam/sps/authsvc/policy/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vwag.min.css
grp.volkswagenag.com/public/resources/vwag/ |
270 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
customvwag.css
grp.volkswagenag.com/public/resources/totp/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinners.css
grp.volkswagenag.com/isam/sps/static/grp/resources/css/ |
2 KB 922 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lang.js
grp.volkswagenag.com/isam/sps/static/grp/resources/js/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.js
grp.volkswagenag.com/isam/sps/static/grp/resources/js/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
grp.volkswagenag.com/mga/sps/static/grp/resources/js/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VWAGTheSans-Regular.woff
grp.volkswagenag.com/public/resources/vwag/fonts/ |
143 KB 143 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VWAGTheSans-Bold.woff
grp.volkswagenag.com/public/resources/vwag/fonts/ |
135 KB 135 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
groupui-vwag-icons-complete.woff2
grp.volkswagenag.com/public/resources/vwag/fonts/iconfont/ |
22 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VWAGTheSans-Light.woff
grp.volkswagenag.com/public/resources/vwag/fonts/ |
160 KB 160 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.json
grp.volkswagenag.com/mga/sps/static/grp/resources/lang/ |
6 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| langs object| langsLong string| langCode object| langJS function| translate object| script function| includeHTML function| initLang function| getUrlParameterByName function| openInNewTab function| goToPublicPage function| goTo function| urlprefix function| setCookie function| getCookie function| setOrganizationName function| checkStyles function| checkRetail function| urlParam function| onLoadPage function| modifyUiForTotpLogin function| checkErrorParam function| setFocus string| warningString function| changeTab function| $ function| jQuery string| langCodeLong13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
id.hyvent.io/auth/realms/id7/ | Name: AUTH_SESSION_ID Value: 101869f8-351a-4cd9-95d1-dca660b565e0.e1053d90d526-12604 |
|
id.hyvent.io/auth/realms/id7/ | Name: AUTH_SESSION_ID_LEGACY Value: 101869f8-351a-4cd9-95d1-dca660b565e0.e1053d90d526-12604 |
|
id.hyvent.io/auth/realms/id7/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI4MjQ5NGViZC1jYmI2LTRlMGMtOTA3My1lZTYxNDg0NDA5MjMifQ.eyJjaWQiOiJ3b3JkcHJlc3MtbGVhcm5kYXNoIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9pZDctaXRhLnZ3LWV2ZW50cy5jb20iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCIsImlzcyI6Imh0dHBzOi8vaWQuaHl2ZW50LmlvL2F1dGgvcmVhbG1zL2lkNyIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9pZDctaXRhLnZ3LWV2ZW50cy5jb20iLCJzdGF0ZSI6ImFzZGZnaGprbGtqaGdmZHNhIn19.b8p2YX1OUcQkGtwuvHFknWSY2XYmZMLaR5CZ2O_Ndks |
|
id7-ita.vw-events.com/ | Name: PHPSESSID Value: le9ui0mi122qq3ddai8bgg06vq |
|
grp.volkswagenag.com/ | Name: AMWEBJCT!%2Fisam!JSESSIONID Value: 0000GTEYPlYqlLqKfF-YXz0j5iW:713dc9f0-c776-457d-aa17-28456c564a02 |
|
grp.volkswagenag.com/ | Name: AMWEBJCT!%2Fisam!PD-S-SESSION-ID Value: 1_2_1_jzA8qGffADN+oU0Wp9ULvbqtuC7v2-2DdpWd7RRL0cszpH7m |
|
grp.volkswagenag.com/ | Name: PD_STATEFUL_dd1234de-361f-11e7-a9a4-045056963110 Value: %2Fisam |
|
grp.volkswagenag.com/ | Name: f5_194_114_70_32_443 Value: !UTmLs8h4r6TQB6ODyLvPU/IWHHTbPuw+6KVaD5M+9oe1oMV5lPFwZEIipiqv4A4TuPx4lhUwwVqHkvg= |
|
grp.volkswagenag.com/ | Name: PD-S-SESSION-ID Value: 1_2_0_80LZpLnfWztowc7Uaq7Oqt9q2y486DjDQJPZIjXccwXU9Jqi |
|
grp.volkswagenag.com/ | Name: IV_JCT Value: %2Fisam |
|
grp.volkswagenag.com/ | Name: AMWEBJCT!%2Fmga!JSESSIONID Value: 0000DRGxMbfSaCVMoGr4zI5BOSO:713dc9f0-c776-457d-aa17-28456c564a02 |
|
grp.volkswagenag.com/ | Name: AMWEBJCT!%2Fmga!PD-S-SESSION-ID Value: 1_2_1_QGWOWukFG-dD5T2b7rQzuaP6vNSyKvH-44H4DFW85AYV9UrE |
|
grp.volkswagenag.com/ | Name: PD_STATEFUL_dd1235de-361f-11e7-a9a4-005056963110 Value: %2Fmga |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' https://*.volkswagenag.com https://*.global.volkswagenag.com https://*.cpn.vwg |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
grp.volkswagenag.com
id.hyvent.io
id7-ita.vw-events.com
188.40.182.133
194.114.70.32
3.126.79.236
0134fc08481694157584743d9ee9665719be151c9d7137c4f930aefa24780236
1b7e4fada5540db370a5054f76742e2567ab59308ab8f77aa1cc388b4cd1dd5e
55450d8f91cf8b25b6bb120ee835e8dbaba81a626a3875a5ae7cb6641290798a
63fd51272125075b918fff1c26c5709fa39223c32631cbc74146226e62609315
69a0acb9a4c16dbbc2dd8be01df64bc4d5d3d7e23a851909cf4ece8d27bd2f41
8c6dc1c828cd5ac9ce3ba5c40919a7c8b2ca0f1f64613d1906a57c7c02bd10f4
b6123bb7fcd5665fcb53bb112a62224f0ec06d65b18831dd36baf792e6224180
bb5d71910b24e9ba9a41962e32ecec5f8a476cc252d8b79ee2f43de5a816812d
e56e7b2b1b73475e5745a52529d2b0c6ee9097f2d1a4fa96def7755127424cd4
e9c2387798f5a2cf0bf77292c875c23eb5b57f26d91f390036a587ef1ece0d61
fa5c3e1a4efe5d266d7a4ac836dfc9497cf351e56509ccec4d9a805cba84e95e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e