urlscan.io logo urlscan.io
SecurityTrails logo

aurora-apps.vwfs.co.uk Open in urlscan Pro
185.60.97.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bis.aurora-apps.vwfs.co.uk/
Effective URL: https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Submission: On June 16 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 185.60.97.110, located in Germany and belongs to DE-VWFS-AS01, DE. The main domain is aurora-apps.vwfs.co.uk. The Cisco Umbrella rank of the primary domain is 464316.
TLS certificate: Issued by DigiCert QV TLS ICA G1 on June 15th 2023. Valid for: a year.
This is the only time aurora-apps.vwfs.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 185.60.97.110 205505 (DE-VWFS-AS01)
1 2606:2800:133... 15133 (EDGECAST)
2 13.69.106.217 8075 (MICROSOFT...)
9 3
Apex Domain
Subdomains		 Transfer
8 vwfs.co.uk
bis.aurora-apps.vwfs.co.uk
aurora-apps.vwfs.co.uk — Cisco Umbrella Rank: 464316
122 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 687
304 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2417
47 KB
9 3
Domain Requested by
6 aurora-apps.vwfs.co.uk aurora-apps.vwfs.co.uk
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 bis.aurora-apps.vwfs.co.uk 2 redirects
1 az416426.vo.msecnd.net aurora-apps.vwfs.co.uk
9 4

This site contains no links.

Subject Issuer Validity Valid
aurora-apps.vwfs.co.uk
DigiCert QV TLS ICA G1		 2023-06-15 -
2024-06-14		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2023-04-20 -
2024-04-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Frame ID: 3D6B622C49848DBFF78A72DC2522FD36
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Finance Online - Login

Page URL History Show full URLs

  1. http://bis.aurora-apps.vwfs.co.uk/ HTTP 302
    https://bis.aurora-apps.vwfs.co.uk/ HTTP 302
    https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

168 kB
Transfer

546 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bis.aurora-apps.vwfs.co.uk/ HTTP 302
    https://bis.aurora-apps.vwfs.co.uk/ HTTP 302
    https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request RPLogin.aspx
aurora-apps.vwfs.co.uk/FinanceOnline/Login/
Redirect Chain
  • http://bis.aurora-apps.vwfs.co.uk/
  • https://bis.aurora-apps.vwfs.co.uk/
  • https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.97.110 , Germany, ASN205505 (DE-VWFS-AS01, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51de6e6250893a90d4e4b1b043ee6c4a2772614d9bc08cdb83300d28d1dc166f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Length
5894
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jun 2023 14:05:59 GMT
Expires
-1,0
Pragma
no-cache,no-cache
Request-Context
appId=cid-v1:78177014-c5a4-4b16-b4c5-a731d9d28f9d
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
by-content-type
X-Powered-By
ASP.NET

Redirect headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private,no-cache, no-store, must-revalidate
Content-Length
194
Content-Security-Policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src data: *; style-src * 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jun 2023 14:05:59 GMT
Location
https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Pragma
no-cache
Request-Context
appId=cid-v1:78177014-c5a4-4b16-b4c5-a731d9d28f9d
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-AspNet-Version
4.0.30319
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
X-UA-Compatible
IE=Edge
jquery.min.js
aurora-apps.vwfs.co.uk/FinanceOnline/Scripts/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aurora-apps.vwfs.co.uk/FinanceOnline/Scripts/jquery.min.js
Requested by
Host: aurora-apps.vwfs.co.uk
URL: https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.97.110 , Germany, ASN205505 (DE-VWFS-AS01, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3227c1f0bd7127f9b7fd63630f1868bd5c865be599bf536355d63222b353c197
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 16 Jun 2023 14:05:59 GMT
X-Permitted-Cross-Domain-Policies
by-content-type
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Powered-By
ASP.NET
Content-Length
32933
Pragma
no-cache
Last-Modified
Wed, 18 Jan 2023 14:23:12 GMT
Server
Microsoft-IIS/10.0
ETag
"0c83865482bd91:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
0
jquery-ui.min.js
aurora-apps.vwfs.co.uk/FinanceOnline/Scripts/ 		233 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aurora-apps.vwfs.co.uk/FinanceOnline/Scripts/jquery-ui.min.js
Requested by
Host: aurora-apps.vwfs.co.uk
URL: https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.97.110 , Germany, ASN205505 (DE-VWFS-AS01, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
68724b348534e9b308f3aff8025f73f7dffb3ad76306133153a9fd110b59d3fc
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 16 Jun 2023 14:05:59 GMT
X-Permitted-Cross-Domain-Policies
by-content-type
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Powered-By
ASP.NET
Content-Length
63254
Pragma
no-cache
Last-Modified
Wed, 18 Jan 2023 14:23:12 GMT
Server
Microsoft-IIS/10.0
ETag
"0c83865482bd91:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
0
default.css
aurora-apps.vwfs.co.uk/FinanceOnline/Styles/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aurora-apps.vwfs.co.uk/FinanceOnline/Styles/default.css
Requested by
Host: aurora-apps.vwfs.co.uk
URL: https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.97.110 , Germany, ASN205505 (DE-VWFS-AS01, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
057d0d9cc4fbe39d7ac086fbc8d8c90d8d60a30eb00a4171cee8a99a5b227342
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 16 Jun 2023 14:05:58 GMT
X-Permitted-Cross-Domain-Policies
by-content-type
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Powered-By
ASP.NET
Content-Length
5843
Pragma
no-cache
Last-Modified
Wed, 18 Jan 2023 14:23:12 GMT
Server
Microsoft-IIS/10.0
ETag
"0c83865482bd91:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
0
framework.min.css
aurora-apps.vwfs.co.uk/FinanceOnline/Styles/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aurora-apps.vwfs.co.uk/FinanceOnline/Styles/framework.min.css
Requested by
Host: aurora-apps.vwfs.co.uk
URL: https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.97.110 , Germany, ASN205505 (DE-VWFS-AS01, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f5ba2308d62930c349767135988522c165d42ed1eb489490beaeffa5390c145b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 16 Jun 2023 14:05:58 GMT
X-Permitted-Cross-Domain-Policies
by-content-type
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Powered-By
ASP.NET
Content-Length
2985
Pragma
no-cache
Last-Modified
Wed, 18 Jan 2023 14:23:12 GMT
Server
Microsoft-IIS/10.0
ETag
"0c83865482bd91:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
0
jquery-ui.css
aurora-apps.vwfs.co.uk/FinanceOnline/Styles/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aurora-apps.vwfs.co.uk/FinanceOnline/Styles/jquery-ui.css
Requested by
Host: aurora-apps.vwfs.co.uk
URL: https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.97.110 , Germany, ASN205505 (DE-VWFS-AS01, DE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
06bfa82e3068d60101beed2f238535add2abc9e351abebbc0c518d6ad0bb014b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 16 Jun 2023 14:05:59 GMT
X-Permitted-Cross-Domain-Policies
by-content-type
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Powered-By
ASP.NET
Content-Length
8165
Pragma
no-cache
Last-Modified
Wed, 18 Jan 2023 14:23:12 GMT
Server
Microsoft-IIS/10.0
ETag
"0c83865482bd91:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
0
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		119 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: aurora-apps.vwfs.co.uk
URL: https://aurora-apps.vwfs.co.uk/FinanceOnline/Login/RPLogin.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFD) /
Resource Hash
a602657a3336b260818e5fbba8659e8a971327a571562652c1d46f7c4863d403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aurora-apps.vwfs.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Jun 2023 14:05:59 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
AaaPIcFvUz/xMluxz3SEEw==
age
999
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.14.min.js
content-length
47508
x-ms-lease-status
unlocked
last-modified
Wed, 31 May 2023 16:55:54 GMT
server
ECAcc (frc/4CFD)
x-ms-meta-aijssdkver
2.8.14
etag
0x8DB61F7E60C0E87
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e6fb7282-901e-00f3-4659-a040d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Fri, 16 Jun 2023 14:35:59 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://aurora-apps.vwfs.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 16 Jun 2023 14:05:59 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b00b8fec448c5663e0723a33318c5e11962e7b47be0699e5ce6863e8b55ad820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://aurora-apps.vwfs.co.uk/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
8A81414B-269E-436E-A016-AC943F284CB6
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 14:06:00 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| init function| AddFavorite function| OnPasswordChange string| method object| appInsights object| e function| n object| Microsoft object| __dynProto$Gbl

4 Cookies

Domain/Path Name / Value
.aurora-apps.vwfs.co.uk/ Name: ASP.NET_SessionId
Value: df0cxamtdtnygbpleyrwkji2
.aurora-apps.vwfs.co.uk/ Name: __RTPAntiXsrfToken
Value:
aurora-apps.vwfs.co.uk/ Name: ai_user
Value: YbjjjbuIBvBKGa4nBX+wj1|2023-06-16T14:06:00.044Z
aurora-apps.vwfs.co.uk/ Name: ai_session
Value: A+L8vPZHjz0/gDy7lJLdzS|1686924360150|1686924360150

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff