my.arvig.com Open in urlscan Pro
209.81.119.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://my.arvig.com/login
Submission Tags: @phish_report
Submission: On July 01 via api (July 1st 2024, 3:12:37 pm UTC) from FI — Scanned from FI

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 12 HTTP transactions. The main IP is 209.81.119.201, located in Detroit Lakes, United States and belongs to ARVIG-16904, US. The main domain is my.arvig.com.
TLS certificate: Issued by R11 on July 1st 2024. Valid for: 3 months.

This is the only time my.arvig.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	209.81.119.201 209.81.119.201	16904 (ARVIG-16904) (ARVIG-16904)
2	172.67.142.245 172.67.142.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
12	5

7 209.81.119.201 (Detroit Lakes, United States)

ASN16904 (ARVIG-16904, US)
PTR: 209-81-119-201.static.arvig.net

my.arvig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	arvig.com my.arvig.com	574 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1381	69 KB
1	gstatic.com fonts.gstatic.com	12 KB
1	googleapis.com ajax.googleapis.com Failed fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
12	4

	Domain	Requested by
7	my.arvig.com	my.arvig.com
2	use.fontawesome.com	my.arvig.com use.fontawesome.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	my.arvig.com
0	ajax.googleapis.com Failed	my.arvig.com
12	5

This site contains links to these domains. Also see Links.

Domain
arvig.net

Subject Issuer	Validity	Valid
*.arvig.com R11	`2024-07-01` - `2024-09-29`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://my.arvig.com/login
Frame ID: FA9DD1CD5310F4BC88946D18529B7F92
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Arvig

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

657 kB
Transfer

2522 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://arvig.net/
Title: Return to Arvig.net

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login Show response
my.arvig.com/ 2 KB
4 KB 763ms
195ms Document
text/html 209.81.119.201
ARVIG-16904

General

Check archive.org

Show headers Download Go to

Full URL

https://my.arvig.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.81.119.201 Detroit Lakes, United States, ASN16904 (ARVIG-16904, US),

Reverse DNS

209-81-119-201.static.arvig.net

Software

Apache /

Resource Hash

cc7646016fe89ebffea9cf5b3767de3afcbe8ea6266051ee85f5a7f241592184

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; connect-src 'self' https://portal.arvig.net https://devportal.corp.arvig.com https://beta-portal.arvig.net https://arvig.amgbeta2.com; font-src https://fonts.gstatic.com https://use.fontawesome.com; form-action 'self' https://portal.arvig.com https://dev-portal.arvig.com https://uat-portal.arvig.com http://localhost https://workshop.arvig.com https://arvig.net https://www.arvig.net https://portal.arvig.net https://my.arvig.com/oauth/authorize https://devportal.corp.arvig.com https://arvig.amgbeta2.com https://beta-portal.arvig.net https://dev.arvig.net https://stage.arvig.net https://arvig.com; frame-ancestors 'none'; img-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self' https://portal.arvig.net https://devportal.corp.arvig.com https://beta-portal.arvig.net https://arvig.amgbeta2.com; font-src https://fonts.gstatic.com https://use.fontawesome.com; form-action 'self' https://portal.arvig.com https://dev-portal.arvig.com https://uat-portal.arvig.com http://localhost https://workshop.arvig.com https://arvig.net https://www.arvig.net https://portal.arvig.net https://my.arvig.com/oauth/authorize https://devportal.corp.arvig.com https://arvig.amgbeta2.com https://beta-portal.arvig.net https://dev.arvig.net https://stage.arvig.net https://arvig.com; frame-ancestors 'none'; img-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com
Content-Type: text/html; charset=UTF-8
Date: Mon, 01 Jul 2024 15:12:30 GMT
Feature-Policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; camera 'self'; display-capture 'self'; document-domain *; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; payment 'self'; picture-in-picture *; speaker 'self'; sync-xhr *; usb 'self'; vr 'self'
Keep-Alive: timeout=5, max=100
Referrer-Policy: no-referrer
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 703ms
267ms Stylesheet
text/css 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: my.arvig.com
URL: https://my.arvig.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://my.arvig.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 15:12:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:44:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXY4vibeAw0AowXQJieXclEDXKs9GxiLk0gnIKzkEC5un9KJ97ExxZwGGzUlywzR49pyKnFqewkeHLfB5yJtHNRQGnOfNjnq8KaKesVdJ0bcgh6%2FuX4kemOE4Xw7u%2FxT3F0%2FlyT%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 89c755b2cb589134-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK app.css
my.arvig.com/css/ 667 KB
88 KB 197ms
196ms Stylesheet
text/css 209.81.119.201
ARVIG-16904

General

Check archive.org

Show headers Download Go to

Full URL: https://my.arvig.com/css/app.css?id=25e1cca7e2319b444801
Requested by: Host: my.arvig.com
URL: https://my.arvig.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.81.119.201 Detroit Lakes, United States, ASN16904 (ARVIG-16904, US),
Reverse DNS: 209-81-119-201.static.arvig.net
Software: Apache /
Resource Hash: fd6a12a48150919229fab675f8338ff5a37cb8e5902de77164cdcdc09fbc2760

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 15:12:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:40:37 GMT
Server: Apache
ETag: "a6bb9-5ea4de9aee154-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK animate.css
my.arvig.com/css/ 84 KB
5 KB 526ms
186ms Stylesheet
text/css 209.81.119.201
ARVIG-16904

General

Check archive.org

Show headers Download Go to

Full URL: https://my.arvig.com/css/animate.css
Requested by: Host: my.arvig.com
URL: https://my.arvig.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.81.119.201 Detroit Lakes, United States, ASN16904 (ARVIG-16904, US),
Reverse DNS: 209-81-119-201.static.arvig.net
Software: Apache /
Resource Hash: 945e5b9734efcbd431887655621691caa42d4852846e2c81268e85656ee7f9c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 15:12:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Apr 2020 12:02:24 GMT
Server: Apache
ETag: "14e8f-5a33ef9062f1c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4885

GET
H/1.1 200
OK normalize.css
my.arvig.com/css/ 6 KB
2 KB 661ms
317ms Stylesheet
text/css 209.81.119.201
ARVIG-16904

General

Check archive.org

Show headers Download Go to

Full URL: https://my.arvig.com/css/normalize.css
Requested by: Host: my.arvig.com
URL: https://my.arvig.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.81.119.201 Detroit Lakes, United States, ASN16904 (ARVIG-16904, US),
Reverse DNS: 209-81-119-201.static.arvig.net
Software: Apache /
Resource Hash: d0515d9691eb932e177a3394c05d46e338076eea6a5319067cece8829d1fc71b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 15:12:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Apr 2020 12:02:24 GMT
Server: Apache
ETag: "186c-5a33ef9063ebc-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1743

GET
H/1.1 200
OK app.js Show response
my.arvig.com/js/ 2 MB
466 KB 547ms
196ms Script
application/javascript 209.81.119.201
ARVIG-16904

General

Check archive.org

Show headers Download Go to

Full URL: https://my.arvig.com/js/app.js?id=7d5ece6b1e797e894553
Requested by: Host: my.arvig.com
URL: https://my.arvig.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.81.119.201 Detroit Lakes, United States, ASN16904 (ARVIG-16904, US),
Reverse DNS: 209-81-119-201.static.arvig.net
Software: Apache /
Resource Hash: 5c967a3621961076e2674b889eef2fff87a2eada7543af1af1a5d0f41668a0d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 15:12:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 18:40:37 GMT
Server: Apache
ETag: "198ca7-5ea4de9af1034-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
2 KB 577ms
116ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:300

Requested by

Host: my.arvig.com
URL: https://my.arvig.com/css/app.css?id=25e1cca7e2319b444801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

1abaf4e0406c456c64409304a766f230c0f169ccaaaae8543a4219e42bd056b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 Jul 2024 15:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 Jul 2024 15:12:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Jul 2024 15:12:31 GMT

GET
H/1.1 200
OK Arvig_Website_Logo.png
my.arvig.com/img/ 9 KB
10 KB 186ms
185ms Image
image/png 209.81.119.201
ARVIG-16904

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.arvig.com/img/Arvig_Website_Logo.png
Requested by: Host: my.arvig.com
URL: https://my.arvig.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.81.119.201 Detroit Lakes, United States, ASN16904 (ARVIG-16904, US),
Reverse DNS: 209-81-119-201.static.arvig.net
Software: Apache /
Resource Hash: d44732fbe48dcf3128572cb03308a2fce0298bf2c2ac965ee8ce4e6b81ed3842

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 15:12:32 GMT
Last-Modified: Tue, 21 May 2019 11:21:18 GMT
Server: Apache
ETag: "2583-589640c406a54"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9603

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 262ms
261ms Font
font/woff2 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://my.arvig.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 15:12:32 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:44:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVjPGWB8et5PJ6GMDjs7VdUMRMB9PRtnCo80TuJ3%2BKS5%2F%2B5%2FvQzemEHtMjU%2BWtivSs0Whv5SgkWE%2B6lYbciQFPyi5fMok6DN3ahG8A%2BJxfJB5Fjeq51CBqIZUsmdxuK%2FY6Fr%2Btkt"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 89c755bb0e819134-FRA
alt-svc: h3=":443"; ma=86400
content-length: 59572

GET
H2 200 NGSpv5_NC0k9P_v6ZUCbLRAHxK1E1yysdUmm.woff2
fonts.gstatic.com/s/heebo/v26/ 12 KB
12 KB 551ms
102ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v26/NGSpv5_NC0k9P_v6ZUCbLRAHxK1E1yysdUmm.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

6189b552b5b14dcbfe52ac2d16fdbff5f35d525eebd73e4cd44703e9f962bfab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://my.arvig.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:56:33 GMT
x-content-type-options: nosniff
age: 519359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12124
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:13:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:56:33 GMT

GET
H/1.1 200
OK favicon.ico
my.arvig.com/ 0
279 B 174ms
173ms Other
image/vnd.microsoft.icon 209.81.119.201
ARVIG-16904

General

Check archive.org

Show headers Download Go to

Full URL: https://my.arvig.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.81.119.201 Detroit Lakes, United States, ASN16904 (ARVIG-16904, US),
Reverse DNS: 209-81-119-201.static.arvig.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 15:12:33 GMT
Last-Modified: Thu, 04 Jan 2018 19:36:25 GMT
Server: Apache
ETag: "0-561f87295680c"
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.arvig.com/	1970-01-20 21:45:33	Name: XSRF-TOKEN Value: eyJpdiI6IkRvRnJubHQ3MFp0ZTNaendTWTZnMFE9PSIsInZhbHVlIjoiUkhGaHdFSGc2cnc3XC92UkRQb3RPYkg5RUFvb0NaMkYwMUVWUjB2TVBMQzhzMHdPTWpRMktNbnV4bjlyeFFmc3I3Unh5dXBuVG9ITUdyXC8wU2ZCWmM5S2t4VURZQnFZcndUR1cycU9tZUVIaEIxN1wvWldJVFExaUNhR3hmRHJTV0IiLCJtYWMiOiI4M2MyZTBhODg1MjVkOTA3MWJjNGQ1M2Q0Nzk2YzE0ODRkNjAyNGM4NmI0ZDc4NmI2NjRhYWYzYWI0ODdkOGRlIn0%3D
			my.arvig.com/	1970-01-20 21:45:33	Name: my_arvig_session Value: eyJpdiI6IkdMUkxiaStTNGdnaEJmUkVqUGMwOVE9PSIsInZhbHVlIjoiejhqRFRWQ0tUUjVGSVdBNlVwdE9cL3o4Tk5kTmRUWEVPb0F2dGcrRmZNOUlpWGxXNFlQaGZRbjU3eUlFaE9oQ0t3bjFPSzNMZTY3bGxQbjgxTWVzVnZ5M1ZwcGF0SkNkcG01RWlBRVV5dldhZHF0UzJkVjhmZlJtMnFNUmxkWVRQIiwibWFjIjoiMTAwMzU4MDY3ZGQ3M2YxZDQ0ZDhhN2NmYThjNzc2MmVkNTg2NmI1ZjBhM2VlMTMxNmU3MTIzMTlhOTQyYzRhNiJ9

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.
security	error	URL: https://my.arvig.com/login Message: Refused to load the script 'https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
recommendation	verbose	URL: https://my.arvig.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; connect-src 'self' https://portal.arvig.net https://devportal.corp.arvig.com https://beta-portal.arvig.net https://arvig.amgbeta2.com; font-src https://fonts.gstatic.com https://use.fontawesome.com; form-action 'self' https://portal.arvig.com https://dev-portal.arvig.com https://uat-portal.arvig.com http://localhost https://workshop.arvig.com https://arvig.net https://www.arvig.net https://portal.arvig.net https://my.arvig.com/oauth/authorize https://devportal.corp.arvig.com https://arvig.amgbeta2.com https://beta-portal.arvig.net https://dev.arvig.net https://stage.arvig.net https://arvig.com; frame-ancestors 'none'; img-src 'self'; media-src 'none'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
my.arvig.com
use.fontawesome.com
ajax.googleapis.com
142.250.185.227
142.250.186.106
172.67.142.245
209.81.119.201
1abaf4e0406c456c64409304a766f230c0f169ccaaaae8543a4219e42bd056b9
5c967a3621961076e2674b889eef2fff87a2eada7543af1af1a5d0f41668a0d6
6189b552b5b14dcbfe52ac2d16fdbff5f35d525eebd73e4cd44703e9f962bfab
945e5b9734efcbd431887655621691caa42d4852846e2c81268e85656ee7f9c1
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
cc7646016fe89ebffea9cf5b3767de3afcbe8ea6266051ee85f5a7f241592184
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d0515d9691eb932e177a3394c05d46e338076eea6a5319067cece8829d1fc71b
d44732fbe48dcf3128572cb03308a2fce0298bf2c2ac965ee8ce4e6b81ed3842
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd6a12a48150919229fab675f8338ff5a37cb8e5902de77164cdcdc09fbc2760

my.arvig.com Open in urlscan Pro 209.81.119.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

1 Countries

657 kBTransfer

2522 kBSize

2 Cookies

1 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

6 Console Messages

Security Headers

Indicators

my.arvig.com Open in urlscan Pro
209.81.119.201 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

657 kB
Transfer

2522 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions