login.financialwellness.de Open in urlscan Pro
178.63.20.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.financialwellness.de/
Effective URL:
https://login.financialwellness.de/anmelden/
Submission: On August 30 via api (August 30th 2023, 11:39:15 pm UTC) from US — Scanned from US

Summary HTTP 9 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 178.63.20.124, located in Germany and belongs to HETZNER-AS, DE. The main domain is login.financialwellness.de.
TLS certificate: Issued by R3 on July 31st 2023. Valid for: 3 months.

This is the only time login.financialwellness.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	178.63.20.124 178.63.20.124	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:24f... 2600:9000:24fd:fe00:19:c7f4:b000:21	16509 (AMAZON-02) (AMAZON-02)
9	3

7 178.63.20.124 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.124.20.63.178.clients.your-server.de

login.financialwellness.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24fd:fe00:19:c7f4:b000:21 (United States)

ASN16509 (AMAZON-02, US)

d15klipno7bqo0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	financialwellness.de 1 redirects login.financialwellness.de	521 KB
2	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 13041	18 KB
1	cloudfront.net d15klipno7bqo0.cloudfront.net	38 KB
9	3

	Domain	Requested by
7	login.financialwellness.de	1 redirects login.financialwellness.de
2	fonts.bunny.net	client fonts.bunny.net
1	d15klipno7bqo0.cloudfront.net	login.financialwellness.de
9	3

This site contains links to these domains. Also see Links.

Domain
www.finanzfreundin.de
open.spotify.com
www.instagram.com
www.linkedin.com
www.xing.com

Subject Issuer	Validity	Valid
login.financialwellness.de R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
fonts.bunny.net R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.financialwellness.de/anmelden/
Frame ID: 18E0AB50B13DF96FAD99E59D2B8F9731
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deutsche Gesellschaft für Finanzkompetenz DeGeFin eG | Deutsche Gesellschaft für Finanzkompetenz DeGeFin eG

Page URL History Show full URLs

https://login.financialwellness.de/ HTTP 301
https://login.financialwellness.de/anmelden/ Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

577 kB
Transfer

1468 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.finanzfreundin.de/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/21DUB6utOwatpifdrEhCwN

Search URL Search Domain Scan URL

URL: https://www.instagram.com/finanzfreundin

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/prof-dr-katrin-loehr/

Search URL Search Domain Scan URL

URL: https://www.xing.com/profile/Katrin_Loehr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.financialwellness.de/ HTTP 301
https://login.financialwellness.de/anmelden/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response login.financialwellness.de/anmelden/ Redirect Chain https://login.financialwellness.de/ https://login.financialwellness.de/anmelden/	22 KB 6 KB	721ms 721ms	Document text/html	178.63.20.124 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.financialwellness.de/anmelden/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.20.124 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.124.20.63.178.clients.your-server.de Software Apache / ProcessWire CMS Resource Hash `7a17a639f0ab5ba5ef05220ea2ff3594d0127bedb5a948912e0e145580a380f3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 5521 Content-Type text/html; charset=utf-8 Date Wed, 30 Aug 2023 23:39:09 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Vary Accept-Encoding X-Powered-By ProcessWire CMS Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 58 Content-Type text/html; charset=utf-8 Date Wed, 30 Aug 2023 23:39:08 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Location https://login.financialwellness.de/anmelden/ Pragma no-cache Server Apache X-Powered-By ProcessWire CMS
GET H/1.1	200 OK	pwpc-5459a299a90722d0750f1d09ea3d7c9ac93d3d54.css login.financialwellness.de/site/assets/pwpc/	243 KB 43 KB	126ms 125ms	Stylesheet text/css	178.63.20.124 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.financialwellness.de/site/assets/pwpc/pwpc-5459a299a90722d0750f1d09ea3d7c9ac93d3d54.css Requested by Host: login.financialwellness.de URL: https://login.financialwellness.de/anmelden/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.20.124 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.124.20.63.178.clients.your-server.de Software Apache / Resource Hash `c89c7460de0403a44d81065e5f30ee020b88ac8c46031618eaeed6064d9f02de` Request headers accept-language en-US,en;q=0.9 Referer https://login.financialwellness.de/anmelden/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Wed, 30 Aug 2023 23:39:09 GMT Content-Encoding gzip Last-Modified Wed, 30 Aug 2023 18:48:32 GMT Server Apache Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 43407
GET H/1.1	200 OK	pwpc-f0f86c2740a397d7aadd91005dc8d95451ad8029.js Show response login.financialwellness.de/site/assets/pwpc/	694 KB 195 KB	360ms 128ms	Script application/javascript	178.63.20.124 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.financialwellness.de/site/assets/pwpc/pwpc-f0f86c2740a397d7aadd91005dc8d95451ad8029.js Requested by Host: login.financialwellness.de URL: https://login.financialwellness.de/anmelden/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.20.124 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.124.20.63.178.clients.your-server.de Software Apache / Resource Hash `7f59e7478982d362b99aee42b96266c929d67fa6864d9ccc07005dd6df464045` Request headers accept-language en-US,en;q=0.9 Referer https://login.financialwellness.de/anmelden/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Wed, 30 Aug 2023 23:39:09 GMT Content-Encoding gzip Last-Modified Wed, 30 Aug 2023 23:07:19 GMT Server Apache Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	logo_financial_wellness_rgb.1691706692.400x84.png login.financialwellness.de/site/assets/files/0/52/07/637/	14 KB 14 KB	353ms 117ms	Image image/png	178.63.20.124 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://login.financialwellness.de/site/assets/files/0/52/07/637/logo_financial_wellness_rgb.1691706692.400x84.png Requested by Host: login.financialwellness.de URL: https://login.financialwellness.de/anmelden/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.20.124 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.124.20.63.178.clients.your-server.de Software Apache / Resource Hash `763f975c9923bd90ea6d70b02b18a58a8d50dae63d49549283e2efd121bab9b2` Request headers accept-language en-US,en;q=0.9 Referer https://login.financialwellness.de/anmelden/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Wed, 30 Aug 2023 23:39:10 GMT Last-Modified Thu, 10 Aug 2023 22:31:33 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 14548
GET H/1.1	200 OK	pwpc-361482599c8c5af053e1fcb1b91f67d8390a29ca.js Show response login.financialwellness.de/site/assets/pwpc/	236 KB 64 KB	358ms 124ms	Script application/javascript	178.63.20.124 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.financialwellness.de/site/assets/pwpc/pwpc-361482599c8c5af053e1fcb1b91f67d8390a29ca.js Requested by Host: login.financialwellness.de URL: https://login.financialwellness.de/anmelden/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.20.124 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.124.20.63.178.clients.your-server.de Software Apache / Resource Hash `106b4a347db3fcbf3453c564f73ecbcd3476affdf9290e8026ac88a9466127c4` Request headers accept-language en-US,en;q=0.9 Referer https://login.financialwellness.de/anmelden/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Wed, 30 Aug 2023 23:39:10 GMT Content-Encoding gzip Last-Modified Wed, 30 Aug 2023 18:48:32 GMT Server Apache Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H2	200	css fonts.bunny.net/	7 KB 1 KB	117ms 33ms	Stylesheet text/css	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/css?family=Open%20Sans:400,700 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash `2183ab9db1cc9b6822b5322f98d4a79f5f2368f2dbe12646778a6f919a241557` Request headers accept-language en-US,en;q=0.9 Referer https://login.financialwellness.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Wed, 30 Aug 2023 23:39:10 GMT content-encoding br cdn-edgestorageid 885 x-do-app-origin 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 cdn-cachedat 08/02/2023 10:01:13 cdn-pullzone 781720 last-modified Wed, 02 Aug 2023 10:01:13 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 8ef1d5220544a664458ac0b6d9441543 cdn-requestcountrycode US access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	open-sans-latin-400-normal.woff2 fonts.bunny.net/open-sans/files/	16 KB 17 KB	137ms 65ms	Font font/woff2	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2 Requested by Host: fonts.bunny.net URL: https://fonts.bunny.net/css?family=Open%20Sans:400,700 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash `b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681` Request headers Referer https://fonts.bunny.net/css?family=Open%20Sans:400,700 Origin https://login.financialwellness.de accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Wed, 30 Aug 2023 23:39:10 GMT cdn-edgestorageid 885 cdn-storageserver NY-430 cdn-cachedat 08/02/2023 09:18:35 cdn-pullzone 781720 content-length 16740 last-modified Thu, 06 Jul 2023 04:08:18 GMT server BunnyCDN-NY1-885 cdn-fileserver 427 cdn-requestpullcode 200 cdn-proxyver 1.04 etag "64a63e32-4164" content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid b9aa0e227aa65a7801598d573ef46f78 accept-ranges bytes cdn-requestcountrycode US access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	coachy.ttf login.financialwellness.de/site/templates/assets/fonts/coachy/fonts/	198 KB 199 KB	121ms 121ms	Font application/font-sfnt	178.63.20.124 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://login.financialwellness.de/site/templates/assets/fonts/coachy/fonts/coachy.ttf?qipuok Requested by Host: login.financialwellness.de URL: https://login.financialwellness.de/site/assets/pwpc/pwpc-5459a299a90722d0750f1d09ea3d7c9ac93d3d54.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.20.124 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.124.20.63.178.clients.your-server.de Software Apache / Resource Hash `25a5ac487828102e299c656bda1e8d2f2a114e056d78b99f37ea2ce29c19a91e` Request headers Referer https://login.financialwellness.de/site/assets/pwpc/pwpc-5459a299a90722d0750f1d09ea3d7c9ac93d3d54.css Origin https://login.financialwellness.de accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Wed, 30 Aug 2023 23:39:10 GMT Last-Modified Mon, 15 May 2023 13:55:08 GMT Server Apache Content-Type application/font-sfnt Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 203160
GET H2	200	titelbild_coachy_unten_klein_logo_neu_2.1690671838.270x270.png d15klipno7bqo0.cloudfront.net/assets/files/0/52/07/681/	37 KB 38 KB	203ms 64ms	Image image/png	2600:9000:24fd:fe00:19:c7f4:b000:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d15klipno7bqo0.cloudfront.net/assets/files/0/52/07/681/titelbild_coachy_unten_klein_logo_neu_2.1690671838.270x270.png Requested by Host: login.financialwellness.de URL: https://login.financialwellness.de/anmelden/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24fd:fe00:19:c7f4:b000:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `3d6ca66a1d02afe39b5f1006ea04a4dc9985439d6421b232a744a13497cd3ae8` Request headers accept-language en-US,en;q=0.9 Referer https://login.financialwellness.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Wed, 30 Aug 2023 15:44:44 GMT via 1.1 d20643381b69d20c57164843f598201e.cloudfront.net (CloudFront) last-modified Sat, 29 Jul 2023 23:04:02 GMT server Apache x-amz-cf-pop CMH68-P2 age 28466 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 38250 x-amz-cf-id 5SbPZwNnCHW4YgcOQq43oi03rqVvtoJWQOfZOJAB-b2ZIZL9t8Bp3w==

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.financialwellness.de/	1969-12-31 23:59:59	Name: wires Value: 9apjlfb4ldqrc3kt1t1pk6dils

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d15klipno7bqo0.cloudfront.net
fonts.bunny.net
login.financialwellness.de
178.63.20.124
2600:9000:24fd:fe00:19:c7f4:b000:21
2a02:6ea0:c454::1
106b4a347db3fcbf3453c564f73ecbcd3476affdf9290e8026ac88a9466127c4
2183ab9db1cc9b6822b5322f98d4a79f5f2368f2dbe12646778a6f919a241557
25a5ac487828102e299c656bda1e8d2f2a114e056d78b99f37ea2ce29c19a91e
3d6ca66a1d02afe39b5f1006ea04a4dc9985439d6421b232a744a13497cd3ae8
763f975c9923bd90ea6d70b02b18a58a8d50dae63d49549283e2efd121bab9b2
7a17a639f0ab5ba5ef05220ea2ff3594d0127bedb5a948912e0e145580a380f3
7f59e7478982d362b99aee42b96266c929d67fa6864d9ccc07005dd6df464045
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
c89c7460de0403a44d81065e5f30ee020b88ac8c46031618eaeed6064d9f02de

login.financialwellness.de Open in urlscan Pro 178.63.20.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

577 kBTransfer

1468 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

1 Cookies

Indicators

login.financialwellness.de Open in urlscan Pro
178.63.20.124 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

577 kB
Transfer

1468 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions