9ff0af21da.cdn-vas.net Open in urlscan Pro
77.70.254.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://9ff0af21da.cdn-vas.net/
Effective URL:
https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F
Submission: On May 13 via api (May 13th 2024, 8:57:21 pm UTC) from US — Scanned from NO

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 77.70.254.99, located in Norway and belongs to MARLINK-EMEA, NO. The main domain is 9ff0af21da.cdn-vas.net.
TLS certificate: Issued by R3 on May 13th 2024. Valid for: 3 months.

This is the only time 9ff0af21da.cdn-vas.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	77.70.254.99 77.70.254.99	5377 (MARLINK-EMEA) (MARLINK-EMEA)
2	49.12.47.156 49.12.47.156	24940 (HETZNER-AS) (HETZNER-AS)
13	2

12 77.70.254.99 (Norway) 1 redirects

ASN5377 (MARLINK-EMEA, NO)

9ff0af21da.cdn-vas.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.12.47.156 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.156.47.12.49.clients.your-server.de

matomo.mooniacs.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cdn-vas.net 1 redirects 9ff0af21da.cdn-vas.net	367 KB
2	mooniacs.de matomo.mooniacs.de	107 KB
13	2

	Domain	Requested by
12	9ff0af21da.cdn-vas.net	1 redirects 9ff0af21da.cdn-vas.net
2	matomo.mooniacs.de	9ff0af21da.cdn-vas.net matomo.mooniacs.de
13	2

This site contains no links.

Subject Issuer	Validity	Valid
9ff0af21da.cdn-vas.net R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
matomo.mooniacs.de R3	`2024-03-17` - `2024-06-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F
Frame ID: D0A351AF7BA378C1290AE2CE5962E413
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Brand Portal

Page URL History Show full URLs

https://9ff0af21da.cdn-vas.net/ HTTP 302
https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

473 kB
Transfer

598 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://9ff0af21da.cdn-vas.net/ HTTP 302
https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
9ff0af21da.cdn-vas.net/
Redirect Chain

https://9ff0af21da.cdn-vas.net/
https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F

11 KB
3 KB

338ms
338ms

Document
text/html

77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

452f2b38e7f53b56d76818810691744fa6f0060c6ec189751e1553be9c671ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 13 May 2024 20:57:16 GMT
referrer-policy: no-referrer
server: Apache
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-flow-powered: Flow/8.1 Neos/8.1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 13 May 2024 20:57:16 GMT
location: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F
referrer-policy: no-referrer
server: Apache
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bundle.css
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/ 58 KB
9 KB 163ms
162ms Stylesheet
text/css 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/bundle.css?bv=dd7c7075

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

e25ad653f003784962280954ab8447ad4ad9c0cf07df3425f7467cd064d49403

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Mon, 13 May 2024 12:27:29 GMT
server: Apache
referrer-policy: no-referrer
etag: "e79a-61855023b6e40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 9397
x-xss-protection: 1; mode=block

GET
H2 200 logo-omniaccess.svg
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Images/ 11 KB
11 KB 85ms
85ms Image
image/svg+xml 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Images/logo-omniaccess.svg

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

8ef381dda6ac4c918a70872151b2382e31bddb8a415f38b1aea0c9bfdd80ffaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 13 May 2024 12:27:29 GMT
server: Apache
etag: "2cbd-61855023b6e40"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 11453
x-xss-protection: 1; mode=block

GET
H2 200 microsoft.svg
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.UsersOnly.MicrosoftLogin/Images/ 343 B
648 B 85ms
84ms Image
image/svg+xml 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.UsersOnly.MicrosoftLogin/Images/microsoft.svg

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

929f48f88c8ca7f3f5d294be47ec4caf51acc28ac25340c19a903125d7ecd84a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 13 Dec 2023 14:31:57 GMT
server: Apache
etag: "157-60c65077b1140"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 343
x-xss-protection: 1; mode=block

GET
H2 200 main.js Show response
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/ 110 KB
38 KB 163ms
163ms Script
text/javascript 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/main.js?bv=dd7c7075

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

12de76c875ce7fd33512798d0c475c13cc1bcf98a8c93a4308e9fd53baf20c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://9ff0af21da.cdn-vas.net
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Mon, 13 May 2024 12:27:29 GMT
server: Apache
referrer-policy: no-referrer
etag: "1b728-61855023b6e40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
accept-ranges: bytes
content-length: 38884
x-xss-protection: 1; mode=block

GET
H2 200 LastVisitedNode.js Show response
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Neos.Neos/JavaScript/ 183 B
490 B 80ms
80ms Script
text/javascript 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Neos.Neos/JavaScript/LastVisitedNode.js

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

cb8010bf1845f14dddfaa3410a46ccdac45c474fad3988e51072acf21649e2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Fri, 19 Apr 2024 16:06:16 GMT
server: Apache
referrer-policy: no-referrer
etag: "b7-6167544788e00-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
accept-ranges: bytes
content-length: 156
x-xss-protection: 1; mode=block

GET
H2 200 style.css
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Fonts/icomoon/ 1 KB
773 B 80ms
80ms Stylesheet
text/css 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Fonts/icomoon/style.css

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/bundle.css?bv=dd7c7075

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

acc03eef4c537c615e6d91227cacb6ce1a58991a74c68f6bf567ffdd9354f6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Mon, 13 May 2024 12:27:29 GMT
server: Apache
referrer-policy: no-referrer
etag: "40d-61855023b6e40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 445
x-xss-protection: 1; mode=block

GET
H2 200 container_msDd3vLP.js Show response
matomo.mooniacs.de/js/ 106 KB
107 KB 240ms
73ms Script
application/javascript 49.12.47.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matomo.mooniacs.de/js/container_msDd3vLP.js

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.12.47.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.47.12.49.clients.your-server.de

Software

openresty /

Resource Hash

d80dae88a3ebfd5b8afd8bc5da358803364ba593a06620d4bd08753e6576abf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 13 May 2024 21:57:17 GMT
pragma: public
date: Mon, 13 May 2024 20:57:17 GMT
strict-transport-security: max-age=63072000; preload
last-modified: Tue, 09 Jan 2024 10:07:17 GMT
server: openresty
etag: "659d1ad5-1a9dd"
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 109021
x-served-by: matomo.mooniacs.de

GET
H2 200 IBMPlex-Sans-Var-Roman.ttf
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Fonts/IBMPlex/ 295 KB
296 KB 83ms
81ms Font
font/ttf 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Fonts/IBMPlex/IBMPlex-Sans-Var-Roman.ttf

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/bundle.css?bv=dd7c7075

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

9c226c2221a5eec7767556b4a5873ac09fdc8254de7c260da3e92d6c083d9f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://9ff0af21da.cdn-vas.net
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 13 May 2024 12:27:29 GMT
server: Apache
etag: "49df4-61855023b6e40"
x-frame-options: SAMEORIGIN
content-type: font/ttf
accept-ranges: bytes
content-length: 302580
x-xss-protection: 1; mode=block

GET
H2 200 icomoon.ttf
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Fonts/icomoon/fonts/ 2 KB
2 KB 239ms
238ms Font
font/ttf 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Fonts/icomoon/fonts/icomoon.ttf?k0ab8q

Requested by

Host: 9ff0af21da.cdn-vas.net
URL: https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Fonts/icomoon/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

d55471f236c209a665491f53b535d7e4f76f884296a6f0979dcecf4b1cbcc1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://9ff0af21da.cdn-vas.net
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 13 May 2024 12:27:29 GMT
server: Apache
etag: "604-61855023b6e40"
x-frame-options: SAMEORIGIN
content-type: font/ttf
accept-ranges: bytes
content-length: 1540
x-xss-protection: 1; mode=block

POST
H2 204 matomo.php
matomo.mooniacs.de/ 0
217 B 149ms
148ms Ping
text/plain 49.12.47.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matomo.mooniacs.de/matomo.php?action_name=Login%20-%20Brand%20Portal&idsite=38&rec=1&r=141220&h=22&m=57&s=17&url=https%3A%2F%2F9ff0af21da.cdn-vas.net%2Flogin%3Fredirect_to%3Dhttp%3A%2F%2F9ff0af21da.cdn-vas.net%2F&_id=&_idn=1&send_image=0&_refts=0&pv_id=o9815G&pf_net=0&pf_srv=338&pf_tfr=1&pf_dm1=260&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: matomo.mooniacs.de
URL: https://matomo.mooniacs.de/js/container_msDd3vLP.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.12.47.156 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.156.47.12.49.clients.your-server.de

Software

openresty / PHP/8.2.13

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
strict-transport-security: max-age=63072000; preload
referrer-policy: origin
server: openresty
x-powered-by: PHP/8.2.13
access-control-allow-origin: https://9ff0af21da.cdn-vas.net
access-control-allow-credentials: true
x-served-by: matomo.mooniacs.de

GET
H2 200 favicon.ico
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Favicons/ 1 KB
1 KB 79ms
79ms Other
image/vnd.microsoft.icon 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Favicons/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

4fdbb12e7971f74a2451c26554b34ff1f927f3ec39c2acd7cb5cd9af1cb18786

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 13 May 2024 12:27:29 GMT
server: Apache
etag: "47e-61855023b6e40"
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 1150
x-xss-protection: 1; mode=block

GET
H2 200 favicon-32x32.png
9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Favicons/ 2 KB
3 KB 106ms
106ms Other
image/png 77.70.254.99
MARLINK-EMEA

General

Check archive.org

Show headers Download Go to

Full URL

https://9ff0af21da.cdn-vas.net/_Resources/Static/Packages/Moon.Styleguide/Assets/Favicons/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.70.254.99 , Norway, ASN5377 (MARLINK-EMEA, NO),

Reverse DNS

Software

Apache /

Resource Hash

0ee3a9686435279743efbdc1a91b4a2ba99d8cde3a25b878bc4b51e2762c8e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 20:57:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 13 May 2024 12:27:29 GMT
server: Apache
etag: "977-61855023b6e40"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 2423
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://9ff0af21da.cdn-vas.net/login?redirect_to=http%3A%2F%2F9ff0af21da.cdn-vas.net%2F Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9ff0af21da.cdn-vas.net
matomo.mooniacs.de
49.12.47.156
77.70.254.99
0ee3a9686435279743efbdc1a91b4a2ba99d8cde3a25b878bc4b51e2762c8e52
12de76c875ce7fd33512798d0c475c13cc1bcf98a8c93a4308e9fd53baf20c4a
452f2b38e7f53b56d76818810691744fa6f0060c6ec189751e1553be9c671ac5
4fdbb12e7971f74a2451c26554b34ff1f927f3ec39c2acd7cb5cd9af1cb18786
8ef381dda6ac4c918a70872151b2382e31bddb8a415f38b1aea0c9bfdd80ffaf
929f48f88c8ca7f3f5d294be47ec4caf51acc28ac25340c19a903125d7ecd84a
9c226c2221a5eec7767556b4a5873ac09fdc8254de7c260da3e92d6c083d9f1f
acc03eef4c537c615e6d91227cacb6ce1a58991a74c68f6bf567ffdd9354f6ef
cb8010bf1845f14dddfaa3410a46ccdac45c474fad3988e51072acf21649e2d6
d55471f236c209a665491f53b535d7e4f76f884296a6f0979dcecf4b1cbcc1b2
d80dae88a3ebfd5b8afd8bc5da358803364ba593a06620d4bd08753e6576abf7
e25ad653f003784962280954ab8447ad4ad9c0cf07df3425f7467cd064d49403
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

9ff0af21da.cdn-vas.net Open in urlscan Pro 77.70.254.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

473 kBTransfer

598 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

9ff0af21da.cdn-vas.net Open in urlscan Pro
77.70.254.99 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

473 kB
Transfer

598 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions