urlscan.io logo urlscan.io
SecurityTrails logo

wfmoneapi-test-2.arvato.com Open in urlscan Pro
146.185.107.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wfmoneapi-test-2.arvato.com/
Effective URL: https://wfmoneapi-test-2.arvato.com/Ui/Login
Submission: On April 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 146.185.107.11, located in Germany and belongs to ARVATO-SYSTEMS-AS *, DE. The main domain is wfmoneapi-test-2.arvato.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on January 16th 2024. Valid for: a year.
This is the only time wfmoneapi-test-2.arvato.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 146.185.107.11 33873 (ARVATO-SY...)
3 1
Apex Domain
Subdomains		 Transfer
5 arvato.com
wfmoneapi-test-2.arvato.com
17 KB
3 1
Domain Requested by
5 wfmoneapi-test-2.arvato.com 2 redirects wfmoneapi-test-2.arvato.com
3 1

This site contains no links.

Subject Issuer Validity Valid
*.arvato.com
RapidSSL TLS RSA CA G1		 2024-01-16 -
2025-01-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wfmoneapi-test-2.arvato.com/Ui/Login
Frame ID: F586F036C32531C9A55EA2487C9E569D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WFMOne

Page URL History Show full URLs

  1. https://wfmoneapi-test-2.arvato.com/ HTTP 302
    https://wfmoneapi-test-2.arvato.com/Ui HTTP 302
    https://wfmoneapi-test-2.arvato.com/Ui/Login Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

17 kB
Transfer

17 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wfmoneapi-test-2.arvato.com/ HTTP 302
    https://wfmoneapi-test-2.arvato.com/Ui HTTP 302
    https://wfmoneapi-test-2.arvato.com/Ui/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
wfmoneapi-test-2.arvato.com/Ui/
Redirect Chain
  • https://wfmoneapi-test-2.arvato.com/
  • https://wfmoneapi-test-2.arvato.com/Ui
  • https://wfmoneapi-test-2.arvato.com/Ui/Login
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wfmoneapi-test-2.arvato.com/Ui/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.107.11 , Germany, ASN33873 (ARVATO-SYSTEMS-AS *, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4c0aa137e6b0ca4c890d08a316c6e09b214df5e927c5c946dd71758f7b951fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache,no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 01 Apr 2024 14:51:51 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

date
Mon, 01 Apr 2024 14:51:51 GMT
location
/Ui/Login
server
Microsoft-IIS/10.0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Login.css
wfmoneapi-test-2.arvato.com/view-resources/Views/Ui/ 		929 B
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wfmoneapi-test-2.arvato.com/view-resources/Views/Ui/Login.css?v=sqSTTTnelzoNdLUHmlvpPxdqIn_3ZXurSKEUElv-48A
Requested by
Host: wfmoneapi-test-2.arvato.com
URL: https://wfmoneapi-test-2.arvato.com/Ui/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.107.11 , Germany, ASN33873 (ARVATO-SYSTEMS-AS *, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8c73cdf966965e71cc4d194025d8f111cc7dbaf9520e0c95948a94f882ff2ef3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wfmoneapi-test-2.arvato.com/Ui/Login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 14:51:53 GMT
content-encoding
gzip
last-modified
Fri, 12 Jan 2024 11:36:32 GMT
server
Microsoft-IIS/10.0
etag
"1da454b970e23a1"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
favicon.ico
wfmoneapi-test-2.arvato.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wfmoneapi-test-2.arvato.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.107.11 , Germany, ASN33873 (ARVATO-SYSTEMS-AS *, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0911c878ff7c1dfc3e3e52bf28f87f286c3a91cb27589f057135102f7f5ce7a3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wfmoneapi-test-2.arvato.com/Ui/Login
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 14:51:53 GMT
last-modified
Fri, 12 Jan 2024 11:36:32 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"1da454b970e1aee"
content-length
15086
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

2 Cookies

Domain/Path Name / Value
wfmoneapi-test-2.arvato.com/ Name: .AspNetCore.Antiforgery.J1uYYHiyR3w
Value: CfDJ8B6f7YdbkSxJjJseOoQRj98crXCou-QnUWvqgRNvOQ39RTbrZ5Knukma_9u6AvgNdNV01lUaFViO8yWLO-hR5ivyf1NAa0sZayVsNdAE9FKYMLqO0o2kxoxCCdn_J3W4FZqxH-MMzuJ1QOR0gvDen0E
wfmoneapi-test-2.arvato.com/ Name: XSRF-TOKEN
Value: CfDJ8B6f7YdbkSxJjJseOoQRj98WHJ63Q4OLNvPfHpJcpFaIAbmW8-rf45pK9ks5mjQNSiNu2pfoqtsShNldNZhyfFDaqHnaZ9AJqIDmwnWDu_sKFEjNJG1mcGze2BKyPWTu_pIZGD-e14k67TynVHLAREE

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://wfmoneapi-test-2.arvato.com/Ui/Login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

wfmoneapi-test-2.arvato.com
146.185.107.11
0911c878ff7c1dfc3e3e52bf28f87f286c3a91cb27589f057135102f7f5ce7a3
4c0aa137e6b0ca4c890d08a316c6e09b214df5e927c5c946dd71758f7b951fc2
8c73cdf966965e71cc4d194025d8f111cc7dbaf9520e0c95948a94f882ff2ef3