umfrage-bahn.de Open in urlscan Pro
178.208.99.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://umfrage-bahn.de/irqirq/Start?si=45&cs=11562012&p0=1%3E
Effective URL:
https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108...
Submission: On June 21 via manual (June 21st 2023, 12:20:37 pm UTC) from ZA — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 178.208.99.32, located in Gütersloh, Germany and belongs to BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -, DE. The main domain is umfrage-bahn.de.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on December 20th 2022. Valid for: a year.

This is the only time umfrage-bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 8	178.208.99.32 178.208.99.32	198967 (BITEL-GES...) (BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -)
2	13.224.189.99 13.224.189.99	16509 (AMAZON-02) (AMAZON-02)
8	2

8 178.208.99.32 (Gütersloh, Germany) 2 redirects

ASN198967 (BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -, DE)

umfrage-bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-99.fra2.r.cloudfront.net

interrogare-layout.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	umfrage-bahn.de 2 redirects umfrage-bahn.de	10 KB
2	interrogare-layout.de interrogare-layout.de	153 KB
8	2

	Domain	Requested by
8	umfrage-bahn.de	2 redirects umfrage-bahn.de
2	interrogare-layout.de	umfrage-bahn.de
8	2

This site contains no links.

Subject Issuer	Validity	Valid
umfrage-bahn.de GeoTrust TLS RSA CA G1	`2022-12-20` - `2024-01-02`	a year	crt.sh
*.interrogare-layout.de Amazon RSA 2048 M02	`2023-03-01` - `2024-03-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E
Frame ID: 8FCCA3D61535777F2A6939D877854C59
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aktuelle Online-Umfrage

Page URL History Show full URLs

https://umfrage-bahn.de/irqirq/Start?si=45&cs=11562012&p0=1%3E Page URL
https://umfrage-bahn.de/irqirq/Start?wurfl=1&ddresult=1,0,0,1600,1200&si=45&cs=11562012&p0=1%3E& HTTP 302
https://umfrage-bahn.de/irqweb/db_dialog_20221.jsp?ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1... HTTP 302
https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=37406434... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

162 kB
Transfer

181 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://umfrage-bahn.de/irqirq/Start?si=45&cs=11562012&p0=1%3E Page URL
https://umfrage-bahn.de/irqirq/Start?wurfl=1&ddresult=1,0,0,1600,1200&si=45&cs=11562012&p0=1%3E& HTTP 302
https://umfrage-bahn.de/irqweb/db_dialog_20221.jsp?ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E HTTP 302
https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Start umfrage-bahn.de/irqirq/	3 KB 1 KB	190ms 28ms	Document text/html	178.208.99.32 IP Transit Custom...
General Check archive.org Show headers Download Go to Full URL https://umfrage-bahn.de/irqirq/Start?si=45&cs=11562012&p0=1%3E Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.208.99.32 Gütersloh, Germany, ASN198967 (BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -, DE), Reverse DNS Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Encoding gzip Content-Type text/html Date Wed, 21 Jun 2023 12:20:32 GMT Server Apache Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	Primary Request jqs3 Show response umfrage-bahn.de/irqirq/ Redirect Chain https://umfrage-bahn.de/irqirq/Start?wurfl=1&ddresult=1,0,0,1600,1200&si=45&cs=11562012&p0=1%3E& https://umfrage-bahn.de/irqweb/db_dialog_20221.jsp?ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E	4 KB 1 KB	95ms 42ms	Document text/html	178.208.99.32 IP Transit Custom...
General Check archive.org Show headers Download Go to Full URL https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Requested by Host: umfrage-bahn.de URL: https://umfrage-bahn.de/irqirq/Start?si=45&cs=11562012&p0=1%3E Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.208.99.32 Gütersloh, Germany, ASN198967 (BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -, DE), Reverse DNS Software Apache / Resource Hash `102528f4f57ef1112046d17f369ee6932439671d246538a91910ec93d040ec6f` Request headers Referer https://umfrage-bahn.de/irqirq/Start?si=45&cs=11562012&p0=1%3E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 1092 Content-Type text/html;charset=ISO-8859-1 Date Wed, 21 Jun 2023 12:20:32 GMT Server Apache Vary Accept-Encoding Redirect headers Connection close Content-Length 0 Content-Type text/html;charset=ISO-8859-1 Date Wed, 21 Jun 2023 12:20:32 GMT Location https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Server Apache
GET H/1.1	200 OK	irquest.css umfrage-bahn.de/irqweb/db_dialog_2022/web/	4 KB 2 KB	79ms 27ms	Stylesheet text/css	178.208.99.32 IP Transit Custom...
General Check archive.org Show headers Download Go to Full URL https://umfrage-bahn.de/irqweb/db_dialog_2022/web/irquest.css Requested by Host: umfrage-bahn.de URL: https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.208.99.32 Gütersloh, Germany, ASN198967 (BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -, DE), Reverse DNS Software Apache / Resource Hash `65aceb874492bff3abc81d9e639079aead61bbad72d99b0600c8a32b633142e1` Request headers accept-language de-DE,de;q=0.9 Referer https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 12:20:33 GMT Content-Encoding gzip Last-Modified Thu, 05 May 2022 14:26:22 GMT Server Apache ETag W/"4105-1651760782000-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 1382
GET H/1.1	200 OK	custom.css umfrage-bahn.de/irqweb/db_dialog_2022/web/css/	2 KB 1 KB	78ms 26ms	Stylesheet text/css	178.208.99.32 IP Transit Custom...
General Check archive.org Show headers Download Go to Full URL https://umfrage-bahn.de/irqweb/db_dialog_2022/web/css/custom.css Requested by Host: umfrage-bahn.de URL: https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.208.99.32 Gütersloh, Germany, ASN198967 (BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -, DE), Reverse DNS Software Apache / Resource Hash `7a5fddc9e4524b6bd5aac7a213e2e5daed3806d294261bbbb0c3ef936381dc3f` Request headers accept-language de-DE,de;q=0.9 Referer https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 12:20:33 GMT Content-Encoding gzip Last-Modified Thu, 05 May 2022 14:26:22 GMT Server Apache ETag W/"2133-1651760782000-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 859
GET H/1.1	200 OK	irquest.js Show response umfrage-bahn.de/irqweb/db_dialog_2022/web/	6 KB 1 KB	81ms 27ms	Script application/javascript	178.208.99.32 IP Transit Custom...
General Check archive.org Show headers Download Go to Full URL https://umfrage-bahn.de/irqweb/db_dialog_2022/web/irquest.js Requested by Host: umfrage-bahn.de URL: https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.208.99.32 Gütersloh, Germany, ASN198967 (BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -, DE), Reverse DNS Software Apache / Resource Hash `12ad4367c9e9236de5716834f495950680d717e7a03285252d66863a9536d0ad` Request headers accept-language de-DE,de;q=0.9 Referer https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 12:20:33 GMT Content-Encoding gzip Last-Modified Thu, 05 May 2022 14:26:22 GMT Server Apache ETag W/"5848-1651760782000-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 1188
GET H2	200	jquery.min.js Show response interrogare-layout.de/bahn/6.9.0.0-dd4721e/js/vendor/	94 KB 94 KB	94ms 23ms	Script application/javascript	13.224.189.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://interrogare-layout.de/bahn/6.9.0.0-dd4721e/js/vendor/jquery.min.js Requested by Host: umfrage-bahn.de URL: https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-99.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376` Request headers accept-language de-DE,de;q=0.9 Referer https://umfrage-bahn.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id null date Wed, 21 Jun 2023 06:55:19 GMT via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) last-modified Fri, 20 Apr 2018 12:45:23 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 21546 etag "d4a20d75db01a33e2d65e303ce5c34f3" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 95821 x-amz-cf-id 9P1PsJmRJgR06Xi-23H0WmG8SgBWtODPqOp-AixdlxU740hkssonWA==
GET H2	200	irquest-layout.min.js Show response interrogare-layout.de/bahn/6.9.0.0-dd4721e/js/	59 KB 59 KB	130ms 59ms	Script application/javascript	13.224.189.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://interrogare-layout.de/bahn/6.9.0.0-dd4721e/js/irquest-layout.min.js Requested by Host: umfrage-bahn.de URL: https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-99.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `e88487fcf15a2d3ecea75019fdd4a0ed5afa063d40fe759396f995909e4afabf` Request headers accept-language de-DE,de;q=0.9 Referer https://umfrage-bahn.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id null date Wed, 21 Jun 2023 06:55:19 GMT via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) last-modified Fri, 20 Apr 2018 12:45:23 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 21546 etag "5db0ed0b25d347b76bf44bbd4739b31e" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 60158 x-amz-cf-id rPOQ5GVIGDRk3AHVKJ9ILem3yu0phfhBPXo7b4EUgHIYeTEyelze-Q==
GET H/1.1	200 OK	custom.js Show response umfrage-bahn.de/irqweb/db_dialog_2022/web/js/	10 KB 2 KB	81ms 28ms	Script application/javascript	178.208.99.32 IP Transit Custom...
General Check archive.org Show headers Download Go to Full URL https://umfrage-bahn.de/irqweb/db_dialog_2022/web/js/custom.js Requested by Host: umfrage-bahn.de URL: https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.208.99.32 Gütersloh, Germany, ASN198967 (BITEL-GESELLSCHAFT-FUER-TELEKOMMUNIKATION-AS - IP Transit Customer AS33873 -, DE), Reverse DNS Software Apache / Resource Hash `c4181c4c0f105a50c63f7592b10e8139933282e907075c783318955c799a5c11` Request headers accept-language de-DE,de;q=0.9 Referer https://umfrage-bahn.de/irqirq/jqs3?start=db_dialog_2022/db_dialog_2022.irq&service=IRQ&rnd=3740643442513254787&ddid=108640&wurfl=1&ddresult=1%2C0%2C0%2C1600%2C1200&si=45&p0=1%3E User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 12:20:33 GMT Content-Encoding gzip Last-Modified Thu, 05 May 2022 14:26:22 GMT Server Apache ETag W/"10588-1651760782000-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 2021

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

interrogare-layout.de
umfrage-bahn.de
13.224.189.99
178.208.99.32
102528f4f57ef1112046d17f369ee6932439671d246538a91910ec93d040ec6f
12ad4367c9e9236de5716834f495950680d717e7a03285252d66863a9536d0ad
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
65aceb874492bff3abc81d9e639079aead61bbad72d99b0600c8a32b633142e1
7a5fddc9e4524b6bd5aac7a213e2e5daed3806d294261bbbb0c3ef936381dc3f
c4181c4c0f105a50c63f7592b10e8139933282e907075c783318955c799a5c11
e88487fcf15a2d3ecea75019fdd4a0ed5afa063d40fe759396f995909e4afabf

umfrage-bahn.de Open in urlscan Pro 178.208.99.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

162 kBTransfer

181 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

0 Cookies

Indicators

umfrage-bahn.de Open in urlscan Pro
178.208.99.32 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

162 kB
Transfer

181 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions