urlscan.io logo urlscan.io
SecurityTrails logo

dev.apply-for-financing.vwfinance.ca Open in urlscan Pro
13.225.223.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://dev.apply-for-financing.vwfinance.ca/
Submission Tags: @phishunt_io
Submission: On May 29 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 28 HTTP transactions. The main IP is 13.225.223.2, located in United States and belongs to AMAZON-02, US. The main domain is dev.apply-for-financing.vwfinance.ca.
TLS certificate: Issued by Amazon on May 29th 2022. Valid for: a year.
This is the only time dev.apply-for-financing.vwfinance.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 13.225.223.2 16509 (AMAZON-02)
4 13.225.223.113 16509 (AMAZON-02)
6 2600:1f18:41d... 14618 (AMAZON-AES)
1 152.195.12.243 15133 (EDGECAST)
6 199.5.59.28 3458 (VWNA-AS)
28 6
10    13.225.223.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-2.jfk51.r.cloudfront.net
dev.apply-for-financing.vwfinance.ca
4    13.225.223.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-113.jfk51.r.cloudfront.net
cdn.bronson.vwfs.io
6    2600:1f18:41d6:7402:7243:d285:2c17:7842 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cognito-identity.us-east-1.amazonaws.com
1    152.195.12.243 (United States)

ASN15133 (EDGECAST, US)
www.vwimg.com
6    199.5.59.28 (United States)

ASN3458 (VWNA-AS, US)
hec.vwcredit.com
Apex Domain
Subdomains		 Transfer
10 vwfinance.ca
dev.apply-for-financing.vwfinance.ca
1 MB
6 vwcredit.com
hec.vwcredit.com — Cisco Umbrella Rank: 409489
1 KB
6 amazonaws.com
cognito-identity.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1761
4 KB
4 vwfs.io
cdn.bronson.vwfs.io — Cisco Umbrella Rank: 574069
285 KB
1 vwimg.com
www.vwimg.com — Cisco Umbrella Rank: 209462
33 KB
0 appdynamics.com Failed
cdn.appdynamics.com Failed
28 6
Domain Requested by
10 dev.apply-for-financing.vwfinance.ca dev.apply-for-financing.vwfinance.ca
6 hec.vwcredit.com dev.apply-for-financing.vwfinance.ca
6 cognito-identity.us-east-1.amazonaws.com dev.apply-for-financing.vwfinance.ca
4 cdn.bronson.vwfs.io dev.apply-for-financing.vwfinance.ca
cdn.bronson.vwfs.io
1 www.vwimg.com dev.apply-for-financing.vwfinance.ca
0 cdn.appdynamics.com Failed dev.apply-for-financing.vwfinance.ca
28 6

This site contains no links.

Subject Issuer Validity Valid
dev.apply-for-financing.vwfinance.ca
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.bronson.vwfs.tools
Amazon		 2022-01-18 -
2023-02-16		 a year crt.sh
cognito-identity.us-east-1.amazonaws.com
Amazon		 2021-07-07 -
2022-08-05		 a year crt.sh
www.vw.com
Entrust Certification Authority - L1K		 2022-02-09 -
2023-02-09		 a year crt.sh
*.vwcredit.com
Entrust Certification Authority - L1K		 2021-10-06 -
2022-11-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dev.apply-for-financing.vwfinance.ca/
Frame ID: 1133A95589699472DD67945C797B23D4
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Finance Applicationthis

Page Statistics

28
Requests

96 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

1780 kB
Transfer

4464 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dev.apply-for-financing.vwfinance.ca/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b529c6244a4b073f53c9bca22586e8af65beebef581b2293b8b9c42afc83413e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
content-type
text/html
date
Sun, 29 May 2022 11:04:02 GMT
etag
W/"b4e9588ca2712848de45ef1c9cc047eb"
last-modified
Fri, 27 May 2022 18:51:13 GMT
referrer-policy
origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
x-amz-cf-id
AoVashD1ORP2h1QW5yrk4Ob2S3XEUWcYFYZ8eYjnVzUGOiKMppb69g==
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
style.min.css
cdn.bronson.vwfs.io/vw6/v/1.17.0/css/ 		432 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bronson.vwfs.io/vw6/v/1.17.0/css/style.min.css
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-113.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45da24b6b1f864672c8d65c30558cfb64a27b8065792f4450a46768e7a8bfbbf
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dev.apply-for-financing.vwfinance.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
FFQTB38CG0R0BQF5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-amz-id-2
q5xFmXgH5nSSyA0vi4APHgeUciEgtIjsyMOEidvBoeFWlKNDK/ypSntmgmmve6YSlRiwEHCUE1k=
referrer-policy
same-origin
last-modified
Thu, 27 Aug 2020 12:25:39 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
W/"f072438fdc72c808c33cc947aba5c160"
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-version-id
YJRa6HBJlnSJ1yehYVbJBqOE42h57w3K
via
1.1 2e87071abfb43f80383677f0ef761e82.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
max-age=31536000,must-revalidate
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; frame-ancestors 'self'
x-amz-cf-pop
JFK51-C1
content-type
text/css
x-amz-cf-id
DUcEIRMkfzzME4XAq2hDHsxnxKfku4wt_jgHmTxr67B2FfyfdBXpmA==
fonts.css
dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6575c7875fc799f45ed467a3eb125428be49a23be8aee6948199ce9bc66ea237
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dev.apply-for-financing.vwfinance.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:14 GMT
server
AmazonS3
etag
W/"0964282a817644ddf1c1df4dc596141d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
x-amz-cf-id
0m6TZzepb_Bz4RiZz4_MpY4yjJYdn0fL41tH7NcKlN26q2VgvSlNEQ==
vw6-theme.css
dev.apply-for-financing.vwfinance.ca/static/theme/vw6/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/vw6-theme.css
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03bf401f80b92e6b93c859a4a9664211d6f5f15a5723c52fc50413f93bd367ad
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dev.apply-for-financing.vwfinance.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:15 GMT
server
AmazonS3
etag
W/"51fbea2e775b333932aad8762cb23b69"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
x-amz-cf-id
PghHhZ6X9axdr0XXQM3Mw6jY4jJP2GsDzknsvND_Xo04YKOD6GdEjA==
main.1382205c42bd2c53bedb.css
dev.apply-for-financing.vwfinance.ca/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/main.1382205c42bd2c53bedb.css
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b5da04738459f171fc1c6c0ec2b52fc2f1639e05aafc6f64edf3df3369efda1
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.apply-for-financing.vwfinance.ca/
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:13 GMT
server
AmazonS3
etag
W/"afb28e08a44f1cf3844627c6d3abb763"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
x-amz-cf-id
CQz72Z3jugtv5r33MBS7wYRhGfH8BL4noxYiq50fT--GFUy15uyR5g==
main.c04a4499.js
dev.apply-for-financing.vwfinance.ca/ 		3 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a44855e9a9498a88576a14947474d0199324a63cb1af292d957701091552572b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.apply-for-financing.vwfinance.ca/
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:13 GMT
server
AmazonS3
etag
W/"81d67088a0d821c0387a89407814e9e3"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
x-amz-cf-id
zTJZhGUItWHkxgoGmxYHYRNhCMyGhXfSWTDUIq9ISSjlH9vbGk4L_w==
en-ca.json
dev.apply-for-financing.vwfinance.ca/static/translation/vw/ 		24 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/static/translation/vw/en-ca.json
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8514c61a3c832137fc3151d37ccc5035189d1edd18e60272ab71c7e5d74546
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dev.apply-for-financing.vwfinance.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:15 GMT
server
AmazonS3
etag
W/"80c8b7b798f4e9dd777badf24b7cd689"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
x-amz-cf-id
8nSOdEW6XZRoYa5Crr_r9Z18PyYhcD1Z-Xq4HYPyNRRGOldL9m4-8g==
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:7243:d285:2c17:7842 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://dev.apply-for-financing.vwfinance.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sun, 29 May 2022 11:04:02 GMT
x-amzn-requestid
4e17b0cc-e3e0-4fb7-bb51-bd5898e62b6e
/
cognito-identity.us-east-1.amazonaws.com/ 		63 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:7243:d285:2c17:7842 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
16b4ac777634d3e57f37c8e8f4faa2fe34434c622c2d8425232b0a77319e61c7

Request headers

X-Amz-Content-Sha256
4dede91b6eba0a457dd696e2c08a3a296c6b7467535fd8693fb627f8d77bf165
Referer
https://dev.apply-for-financing.vwfinance.ca/
X-Amz-Target
AWSCognitoIdentityService.GetId
accept-language
en-CA,en;q=0.9
X-Amz-User-Agent
aws-sdk-js/2.1130.0 callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Sun, 29 May 2022 11:04:02 GMT
content-type
application/x-amz-json-1.1
x-amzn-requestid
3efc3fd3-4ae4-4076-8414-3d31db6c07c5
content-length
63
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
/
cognito-identity.us-east-1.amazonaws.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:7243:d285:2c17:7842 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c5a0a09e8a27c228fd3a33b6697a3a6c84852b240c1e0fd5859a532501051276

Request headers

X-Amz-Content-Sha256
16b4ac777634d3e57f37c8e8f4faa2fe34434c622c2d8425232b0a77319e61c7
Referer
https://dev.apply-for-financing.vwfinance.ca/
X-Amz-Target
AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language
en-CA,en;q=0.9
X-Amz-User-Agent
aws-sdk-js/2.1130.0 callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Sun, 29 May 2022 11:04:02 GMT
content-type
application/x-amz-json-1.1
x-amzn-requestid
c81e5c8f-dda0-48ca-96fa-f21e9de94501
content-length
1772
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:7243:d285:2c17:7842 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://dev.apply-for-financing.vwfinance.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sun, 29 May 2022 11:04:02 GMT
x-amzn-requestid
65355a6c-1e50-45d5-a7f7-ffb202865e84
adrum-latest.js
cdn.appdynamics.com/adrum/ 		0
0
iris
www.vwimg.com/iris/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vwimg.com/iris/iris?vehicle=2021_E213MN_E23_2020_10_11&pov=E06,CGD&paint=0E0E&fabric=AX&bkgnd=transparent&resp=png&width=1000&height=500&cut=1&quality=10
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.12.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D149) /
Resource Hash
4ef18cc3cf9ca6aeed5cbc6d16134c91d628f0de9f9eed19d073fbf8ce50a826
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dev.apply-for-financing.vwfinance.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:02 GMT
via
DynalightCRIO-VW-USA-AutoServer-HTTPS2
last-modified
Mon, 16 May 2022 11:51:49 GMT
server
ECAcc (nyd/D149)
age
1120333
strict-transport-security
max-age=31536000
x-cache
HIT
content-type
image/webp
access-control-allow-origin
*
x-path
5
cache-control
max-age=1814400
accept-ranges
bytes
x-surrogate-key
2021_E21/2021_E213MN/2021_E213MN_E23_2020_10_11/
content-length
33874
expires
Sun, 13 Nov 2022 11:04:02 GMT
VWTextWeb-Regular.woff2
cdn.bronson.vwfs.io/vw6/v/1.17.0/fonts/fonts/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bronson.vwfs.io/vw6/v/1.17.0/fonts/fonts/VWTextWeb-Regular.woff2?
Requested by
Host: cdn.bronson.vwfs.io
URL: https://cdn.bronson.vwfs.io/vw6/v/1.17.0/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-113.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec41bfe1dcd5754c304f8fe7e6e348a18049138132547ab73186d33dff48a83
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.bronson.vwfs.io/vw6/v/1.17.0/css/style.min.css
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:03 GMT
via
1.1 bbbec21cefbb98d3e62a68704f219fda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
ASSQ9HZ1BHZ2TTP4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
access-control-max-age
3000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length
99760
x-amz-id-2
oLLQ2mItSEjZtgNm1q64vunX9FqxrZQX5fs0tbAmGRVXR8yF9418XArb0z5FjBTHI/TbVt6aabA=
referrer-policy
same-origin
last-modified
Thu, 27 Aug 2020 12:25:45 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"e1cda1fc0a47eb35c5abe384726b819b"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, HEAD
x-amz-version-id
2RNjuCzMstvXqCneJJlLi32hmwdnbq80
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,must-revalidate
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; frame-ancestors 'self'
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
8MSNxv7ng8YxIYzi6Gwy_bLAFQfwSLJHtYoPJA6nv4z8-HBmxb0bVQ==
vw-head-bold.woff2
dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/ 		96 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/vw-head-bold.woff2
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a31b003f053867c23ce3dd9854468bb44233a03546bbd2e06358ea67d69ae067
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:03 GMT
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
98488
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:14 GMT
server
AmazonS3
etag
"ea2d0146a48e40bd270c07b70354c9d7"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
accept-ranges
bytes
x-amz-cf-id
jfPASjzf93ZDGzJY4bwJ2_5kGTpRLbh8rp9qpnQHUqHLHQ-pLRCAlA==
vw-head-regular.woff2
dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/ 		99 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/vw-head-regular.woff2
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c6456a9e4f2ca50cd806e575a19228d68ef0eae5f29c54a1f4743b5cf280d27
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:03 GMT
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
101820
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:15 GMT
server
AmazonS3
etag
"bbf4407adb4bcd545c11c46fb6eaba7d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
accept-ranges
bytes
x-amz-cf-id
6xiPU72FgO7IEYXSYouqpCoxOAUtVj6NYgs7fppj4miWo45wbTTYlA==
vw-head-light.woff2
dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/ 		57 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/vw-head-light.woff2
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0ee09977c1d5032d783a636745d135968bcd596150ce90795d0a43c7799531e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:03 GMT
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
58692
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:15 GMT
server
AmazonS3
etag
"542d827ade837a72ed53876f811cc037"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
accept-ranges
bytes
x-amz-cf-id
FYpMM4idxz9yvVNwm2XJuSjVkA66cWItjIjHx93_efn9E94cghVlxA==
bronson-vw6.woff2
cdn.bronson.vwfs.io/vw6/v/1.17.0/fonts/icon-fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bronson.vwfs.io/vw6/v/1.17.0/fonts/icon-fonts/bronson-vw6.woff2?v=200716
Requested by
Host: cdn.bronson.vwfs.io
URL: https://cdn.bronson.vwfs.io/vw6/v/1.17.0/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-113.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3c12a703a0bd3e1a7cda2f704790f91a129b7e4a2bd35102ddaad688787f89d
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.bronson.vwfs.io/vw6/v/1.17.0/css/style.min.css
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:03 GMT
via
1.1 bbbec21cefbb98d3e62a68704f219fda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
ASSW92EF2V85GMP2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
access-control-max-age
3000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length
35868
x-amz-id-2
b5k4eoGP7fyekMIwXpcZrpnCWUwR67cMLjm+bL5Kc4CwQ5B6qggltPfliCou+wi5TAS0eJwa3gE=
referrer-policy
same-origin
last-modified
Thu, 27 Aug 2020 12:25:45 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"1666c78f054ff8656f201c60be650008"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, HEAD
x-amz-version-id
KvsX.GcLY6K5rHkRqa2Or9I79uiR5u4C
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,must-revalidate
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; frame-ancestors 'self'
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
7av4GGtPVFpsAOPds7B1W2OB-MSemkb5cyYlVp28oEAK6Gmwzi5SfA==
vw-text-regular.woff2
dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/vw-text-regular.woff2
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-2.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec41bfe1dcd5754c304f8fe7e6e348a18049138132547ab73186d33dff48a83
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev.apply-for-financing.vwfinance.ca/static/theme/vw6/fonts/fonts.css
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:03 GMT
via
1.1 027e28c3e3bc8e973485de11ace0dd5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
99760
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 May 2022 18:51:15 GMT
server
AmazonS3
etag
"e1cda1fc0a47eb35c5abe384726b819b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
content-security-policy
default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
accept-ranges
bytes
x-amz-cf-id
ER5ucsbSgb-erLphUBraK1QrdEwA2q6BB4117C2gFFG-PSHtV9Nnzg==
VWHeadWeb-Bold.woff2
cdn.bronson.vwfs.io/vw6/v/1.17.0/fonts/fonts/ 		96 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bronson.vwfs.io/vw6/v/1.17.0/fonts/fonts/VWHeadWeb-Bold.woff2?
Requested by
Host: cdn.bronson.vwfs.io
URL: https://cdn.bronson.vwfs.io/vw6/v/1.17.0/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-113.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e6f82f36b07f57bf2b3d200704d15bd6b8c6824f2149f2a4abd43903aebe392
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.bronson.vwfs.io/vw6/v/1.17.0/css/style.min.css
Origin
https://dev.apply-for-financing.vwfinance.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 11:04:03 GMT
via
1.1 bbbec21cefbb98d3e62a68704f219fda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
ASSMFJ42KZ220BDC
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
access-control-max-age
3000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-length
98568
x-amz-id-2
QnMNawvSy+6Nk/SpZ4wky2ITuelIJ3DOpYRRr+FyzO5OoXfPF+D5sWVwVtthEmDnbrfyLTc2diI=
referrer-policy
same-origin
last-modified
Thu, 27 Aug 2020 12:25:45 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"461b8a50d9bee2b28dccb26e35faa79b"
strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-methods
GET, HEAD
x-amz-version-id
ppR5evzdmK32VZleLzr45brNu3fkZ4wV
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,must-revalidate
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; frame-ancestors 'self'
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
aIiLyQd_R6nLfXIGqWnSJsTi4KhV6cLFzFTBi8gXyYdlJCdrK6isaA==
1.0
hec.vwcredit.com/services/collector/event/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hec.vwcredit.com/services/collector/event/1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.5.59.28 , United States, ASN3458 (VWNA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://dev.apply-for-financing.vwfinance.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
*
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Sun, 29 May 2022 11:00:40 GMT
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
1.0
hec.vwcredit.com/services/collector/event/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hec.vwcredit.com/services/collector/event/1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.5.59.28 , United States, ASN3458 (VWNA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://dev.apply-for-financing.vwfinance.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
*
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Sun, 29 May 2022 11:00:40 GMT
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
1.0
hec.vwcredit.com/services/collector/event/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hec.vwcredit.com/services/collector/event/1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.5.59.28 , United States, ASN3458 (VWNA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://dev.apply-for-financing.vwfinance.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
*
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Sun, 29 May 2022 11:00:40 GMT
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
1.0
hec.vwcredit.com/services/collector/event/ 		27 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hec.vwcredit.com/services/collector/event/1.0
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.5.59.28 , United States, ASN3458 (VWNA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
*/*
Referer
https://dev.apply-for-financing.vwfinance.ca/
authorization
Splunk 8fc8a9e8-66f3-46c1-b9fd-a3bb4d393834
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 29 May 2022 11:00:40 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Authorization
Content-Length
27
1.0
hec.vwcredit.com/services/collector/event/ 		27 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hec.vwcredit.com/services/collector/event/1.0
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.5.59.28 , United States, ASN3458 (VWNA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
*/*
Referer
https://dev.apply-for-financing.vwfinance.ca/
authorization
Splunk 8fc8a9e8-66f3-46c1-b9fd-a3bb4d393834
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 29 May 2022 11:00:40 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Authorization
Content-Length
27
1.0
hec.vwcredit.com/services/collector/event/ 		27 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hec.vwcredit.com/services/collector/event/1.0
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.5.59.28 , United States, ASN3458 (VWNA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
*/*
Referer
https://dev.apply-for-financing.vwfinance.ca/
authorization
Splunk 8fc8a9e8-66f3-46c1-b9fd-a3bb4d393834
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 29 May 2022 11:00:40 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Authorization
Content-Length
27
/
cognito-identity.us-east-1.amazonaws.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: dev.apply-for-financing.vwfinance.ca
URL: https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:7243:d285:2c17:7842 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c808d3ac840a2b70b2c1dd484022592c67ccc5590b1b313f1206a15a4e402143

Request headers

X-Amz-Content-Sha256
16b4ac777634d3e57f37c8e8f4faa2fe34434c622c2d8425232b0a77319e61c7
Referer
https://dev.apply-for-financing.vwfinance.ca/
X-Amz-Target
AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language
en-CA,en;q=0.9
X-Amz-User-Agent
aws-sdk-js/2.1130.0 callback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Sun, 29 May 2022 11:04:02 GMT
content-type
application/x-amz-json-1.1
x-amzn-requestid
307d86b8-4460-4ded-a4be-256d6599cbfb
content-length
1772
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:7243:d285:2c17:7842 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://dev.apply-for-financing.vwfinance.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sun, 29 May 2022 11:04:02 GMT
x-amzn-requestid
547e4a3b-b5e4-4585-a0c9-286c0499151b

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.appdynamics.com
URL
https://cdn.appdynamics.com/adrum/adrum-latest.js

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| regeneratorRuntime function| flatpickr function| _ object| AWS object| __post_robot_10_0_44__ object| __zoid_9_0_79__ object| adrum-config

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: https://dev.apply-for-financing.vwfinance.ca/main.c04a4499.js(Line 1)
Message:
Refused to load the script 'https://cdn.appdynamics.com/adrum/adrum-latest.js' because it violates the following Content Security Policy directive: "script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.audifs.com *.vwfinance.ca *.vwcredit.com *.audifinance.ca *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net *.bronson.vwfs.io *.appdynamics.com *.eum-appdynamics.com *.amazonaws.com; style-src 'unsafe-inline' https:; img-src * 'self' data: https: http:; script-src 'self' *.assets.adobedtm.com *.adobedtm.com *.demdex.net *.everesttech.net 'sha256-KytPFReTq7wiL7N8g0CnHFlaAnqUqQa6zpQhApCvq7E='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
cdn.bronson.vwfs.io
cognito-identity.us-east-1.amazonaws.com
dev.apply-for-financing.vwfinance.ca
hec.vwcredit.com
www.vwimg.com
cdn.appdynamics.com
13.225.223.113
13.225.223.2
152.195.12.243
199.5.59.28
2600:1f18:41d6:7402:7243:d285:2c17:7842
03bf401f80b92e6b93c859a4a9664211d6f5f15a5723c52fc50413f93bd367ad
0b5da04738459f171fc1c6c0ec2b52fc2f1639e05aafc6f64edf3df3369efda1
16b4ac777634d3e57f37c8e8f4faa2fe34434c622c2d8425232b0a77319e61c7
3c6456a9e4f2ca50cd806e575a19228d68ef0eae5f29c54a1f4743b5cf280d27
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
45da24b6b1f864672c8d65c30558cfb64a27b8065792f4450a46768e7a8bfbbf
4c8514c61a3c832137fc3151d37ccc5035189d1edd18e60272ab71c7e5d74546
4ef18cc3cf9ca6aeed5cbc6d16134c91d628f0de9f9eed19d073fbf8ce50a826
6575c7875fc799f45ed467a3eb125428be49a23be8aee6948199ce9bc66ea237
8e6f82f36b07f57bf2b3d200704d15bd6b8c6824f2149f2a4abd43903aebe392
a0ee09977c1d5032d783a636745d135968bcd596150ce90795d0a43c7799531e
a31b003f053867c23ce3dd9854468bb44233a03546bbd2e06358ea67d69ae067
a44855e9a9498a88576a14947474d0199324a63cb1af292d957701091552572b
b529c6244a4b073f53c9bca22586e8af65beebef581b2293b8b9c42afc83413e
c5a0a09e8a27c228fd3a33b6697a3a6c84852b240c1e0fd5859a532501051276
c808d3ac840a2b70b2c1dd484022592c67ccc5590b1b313f1206a15a4e402143
e3c12a703a0bd3e1a7cda2f704790f91a129b7e4a2bd35102ddaad688787f89d
eec41bfe1dcd5754c304f8fe7e6e348a18049138132547ab73186d33dff48a83