urlscan.io logo urlscan.io
SecurityTrails logo

posfr-p.vwfs.com Open in urlscan Pro
185.60.96.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://posfr-p.vwfs.com/POS-P/#/dashboard/MAIN
Effective URL: https://posfr-p.vwfs.com/POS-P/
Submission: On December 09 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 185.60.96.35, located in Germany and belongs to DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE. The main domain is posfr-p.vwfs.com.
TLS certificate: Issued by DigiCert QV TLS ICA G1 on October 23rd 2024. Valid for: a year.
This is the only time posfr-p.vwfs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 185.60.96.35 205505 (DE-VWFS-A...)
1 142.250.186.36 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 3
Apex Domain
Subdomains		 Transfer
25 vwfs.com
posfr-p.vwfs.com
10 MB
1 gstatic.com
www.gstatic.com
218 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
968 B
27 3
Domain Requested by
25 posfr-p.vwfs.com posfr-p.vwfs.com
1 www.gstatic.com www.google.com
1 www.google.com posfr-p.vwfs.com
27 3

This site contains no links.

Subject Issuer Validity Valid
posfr-p.vwfs.com
DigiCert QV TLS ICA G1		 2024-10-23 -
2025-10-22		 a year crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://posfr-p.vwfs.com/POS-P/
Frame ID: A1BF3B0CA111A96B9F2A4502CFA74B65
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CassioPOS

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

27
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

10525 kB
Transfer

10980 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
posfr-p.vwfs.com/POS-P/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
c741c6a178cf7be6bca19667fe40b7b3e7fb3485eaabbfe7fa5a6575343517d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache
Connection
keep-alive
Content-Length
3404
Content-Type
text/html
Date
Mon, 09 Dec 2024 11:19:52 GMT
ETag
W/"2986-1725436658000:dtagent10301241007103824pBSU"
Expires
-1
Keep-Alive
timeout=20
Last-Modified
Wed, 04 Sep 2024 07:57:37 GMT
Pragma
no-cache
Server
VWFS
Server-Timing
dtRpid;desc="329657264", dtSInfo;desc="0"
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
X-OneAgent-JS-Injection
true
ionicons.min.css
posfr-p.vwfs.com/POS-P/repo-css/ionicons/2.0.1/css/ 		50 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/repo-css/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
c7f51fc06b559bf23a2d486c3ebfb65faf24b4d750d9b92f136866767154ad68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"51295-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:52 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="416260845", dtSInfo;desc="0"
Content-Length
51295
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
text/css
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
font-awesome.min.css
posfr-p.vwfs.com/POS-P/repo-css/font-awesome/4.7.0/css/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/repo-css/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"31004-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:52 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-159395413", dtSInfo;desc="0"
Content-Length
31004
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
text/css
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
fonts-googleapis.css
posfr-p.vwfs.com/POS-P/repo-css/fonts-googleapis/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/repo-css/fonts-googleapis/fonts-googleapis.css
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
f432a791116940bbf3827f42a07f03eeda85b36421085d91260395b6d5c2d616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"8480-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:52 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-534172682", dtSInfo;desc="0"
Content-Length
8480
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
text/css
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
react-redux-toastr.min.css
posfr-p.vwfs.com/POS-P/repo-css/react-redux-toastr/4.4/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/repo-css/react-redux-toastr/4.4/react-redux-toastr.min.css
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
44de260f5aaeeb6a26304a16170dd5711997503863f250e02ac62ada52f96548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"9998-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:52 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="864450330", dtSInfo;desc="0"
Content-Length
9998
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
text/css
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
ruxitagentjs_ICA7NVfqrux_10301241007103824.js
posfr-p.vwfs.com/POS-P/ 		220 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/ruxitagentjs_ICA7NVfqrux_10301241007103824.js
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
9aab2b282240fd09360fb4ebd36847ce7857fba5d3349fa514b0bb58420ce509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
public, max-age=31536000, immutable
Content-Encoding
gzip
Connection
keep-alive
Expires
Tue, 09 Dec 2025 11:19:52 GMT
Content-Length
85019
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Vary
Accept-Encoding
Server
VWFS
Content-Type
text/javascript;charset=utf-8
config.js
posfr-p.vwfs.com/POS-P/ 		366 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/config.js
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
201dc2745fa69b9ada1dfa6c834a14871b6de122930d7cd7707d30ec601cba9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"366-1725435766000"
Connection
keep-alive
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="511772571", dtSInfo;desc="0"
Content-Length
366
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 04 Sep 2024 07:42:46 GMT
Content-Type
text/javascript
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
localeCorrespondances.js
posfr-p.vwfs.com/POS-P/i18n/ 		529 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/i18n/localeCorrespondances.js
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
d8eb1bd918add9c407dc274c03d8d7083a6bd366173577a456bbf012757ab583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"529-1725436658000"
Connection
keep-alive
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="1215737570", dtSInfo;desc="0"
Content-Length
529
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
text/javascript
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
vendor.1a1820ae818c9f608057.js
posfr-p.vwfs.com/POS-P/ 		6 MB
6 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/vendor.1a1820ae818c9f608057.js
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
a5a5e0ecae69856b1c4959b1035bf50891ea921f2f501f7960e7e0d30973c9a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"5817458-1725436658000"
Connection
keep-alive
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-1206439089", dtSInfo;desc="0"
Content-Length
5817458
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
text/javascript
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
main.7c1056ac122e04f9dbc2.js
posfr-p.vwfs.com/POS-P/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/main.7c1056ac122e04f9dbc2.js
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
b171d9d9ab4d9bf57427121d9ee2ea8e86a59e22b0a0223f07674e03bec0be84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"4105557-1725436658000"
Connection
keep-alive
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="1105715968", dtSInfo;desc="0"
Content-Length
4105557
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:52 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
text/javascript
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
api.js
www.google.com/recaptcha/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/main.7c1056ac122e04f9dbc2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
ESF /
Resource Hash
15e724db640f46b9fd1a290bda6bfe372f454a5c1687a4d2f1b2fd259036ddcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 11:19:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 09 Dec 2024 11:19:57 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
af7ae505a9eed503f8b8e6982036873e.woff2
posfr-p.vwfs.com/POS-P/assets/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/assets/af7ae505a9eed503f8b8e6982036873e.woff2
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://posfr-p.vwfs.com
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
ETag
W/"77160-1725436658000:dtagent10301241007103824pBSU"
Connection
keep-alive
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-1365961532", dtTao;desc="1", dtSInfo;desc="0"
Accept-Ranges
bytes
Content-Length
77160
Date
Mon, 09 Dec 2024 11:19:57 GMT
Keep-Alive
timeout=20
Last-Modified
Wed, 04 Sep 2024 07:57:37 GMT
Content-Type
font/woff2
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
login
posfr-p.vwfs.com/POS-P/RestServices/ 		282 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/RestServices/login
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/ruxitagentjs_ICA7NVfqrux_10301241007103824.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
a6be022ff4ededfc7b5769e50b56f1fe10b75becc5b0c7493fee296e2824a42a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; form-action 'self'; font-src 'self'; frame-src https://POSfr-P.vwfs.com/; child-src https://POSfr-P.vwfs.com/; object-src 'self'; media-src 'self'; img-src 'self'; manifest-src 'self'; frame-ancestors https://POSfr-P.vwfs.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; form-action 'self'; font-src 'self'; frame-src https://POSfr-P.vwfs.com/; child-src https://POSfr-P.vwfs.com/; object-src 'self'; media-src 'self'; img-src 'self'; manifest-src 'self'; frame-ancestors https://POSfr-P.vwfs.com/;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://posfr-p.vwfs.com/POS-P/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-dtpc
8$343193033_236h2vGPRFMMFOMFEVUGIHKUNAWILOTKCROFNE-0e0
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Max-Age
1
Access-Control-Expose-Headers
ksiop-session-token
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, PATCH
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="59263163", dtTao;desc="1", dtSInfo;desc="0"
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept,Cache-Control ,Pragma, If-Modified-Since, ksiop-session-token
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; form-action 'self'; font-src 'self'; frame-src https://POSfr-P.vwfs.com/; child-src https://POSfr-P.vwfs.com/; object-src 'self'; media-src 'self'; img-src 'self'; manifest-src 'self'; frame-ancestors https://POSfr-P.vwfs.com/;
Cache-Control
no-store, no-cache-no-store; expires:0, Pragma:no-cache
Timing-Allow-Origin
*
Pragma
no-cache
X-Content-Security-Policy
default-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; form-action 'self'; font-src 'self'; frame-src https://POSfr-P.vwfs.com/; child-src https://POSfr-P.vwfs.com/; object-src 'self'; media-src 'self'; img-src 'self'; manifest-src 'self'; frame-ancestors https://POSfr-P.vwfs.com/;
Connection
keep-alive, keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
same-origin
Content-Length
282
X-XSS-Protection
1; mode=block
Server
VWFS
bg_login.jpg
posfr-p.vwfs.com/POS-P/img/login/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/bg_login.jpg
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
104d25a7b2fcd8f19f5856eb3a01d142787cf0821832eeceefeadeba078e7b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"1162-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="1460690490", dtSInfo;desc="0"
Content-Length
1162
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/jpeg
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
logo_login1.png
posfr-p.vwfs.com/POS-P/img/login/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/logo_login1.png
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
034ff054556103bf17669b930dfd85fa38ef7b190fec1c23ce4995dd9b7df21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"76821-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="351767368", dtSInfo;desc="0"
Content-Length
76821
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
logo_login2.png
posfr-p.vwfs.com/POS-P/img/login/ 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/logo_login2.png
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
b0962a932e057ca1fbcd01fff27d668f54b571f84a3da5bc07652717dd25de24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"229201-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-1902171852", dtSInfo;desc="0"
Content-Length
229201
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
VW_logo.png
posfr-p.vwfs.com/POS-P/img/login/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/VW_logo.png
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
4e849b82c47183560d2abc3786d8589935164a71c017302ddd9700ca15e78f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"8803-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="154654929", dtSInfo;desc="0"
Content-Length
8803
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
AUDI_logo.png
posfr-p.vwfs.com/POS-P/img/login/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/AUDI_logo.png
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
77261538cec70f9cd878a4e7e6917ac32886155a648c2b8ac7a73d321fed68a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"3449-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-534083438", dtSInfo;desc="0"
Content-Length
3449
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
SEAT_logo.png
posfr-p.vwfs.com/POS-P/img/login/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/SEAT_logo.png
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
ad5adce775c6b652bfd0204ff143c6a80fd273763be1d9c95d92fa66875ea9b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"2854-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-2114725583", dtSInfo;desc="0"
Content-Length
2854
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
SKODA_logo.png
posfr-p.vwfs.com/POS-P/img/login/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/SKODA_logo.png
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
4715ccd25e4651bad622e0f14ccf331ef607c7f5859c8d3e2d104867efa9a69a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"5331-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="196397675", dtSInfo;desc="0"
Content-Length
5331
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
VU_logo.png
posfr-p.vwfs.com/POS-P/img/login/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/VU_logo.png
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
dc8ffde3fe1edbc188508dad9c4662476f230c9bd911f509ef4350cd30d6044d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"11046-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-1904691166", dtSInfo;desc="0"
Content-Length
11046
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
ducati_logo.png
posfr-p.vwfs.com/POS-P/img/login/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posfr-p.vwfs.com/POS-P/img/login/ducati_logo.png
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
0bacb8901430782ef7c6e11c22baa71777dd4056f199eb56469c16c3b028720e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"6506-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-1633522680", dtSInfo;desc="0"
Content-Length
6506
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
ksioplogout
posfr-p.vwfs.com/POS-P/RestServices/ 		42 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/RestServices/ksioplogout
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/ruxitagentjs_ICA7NVfqrux_10301241007103824.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
00d9dea1ac278a841b0c4c9a6c7e5f11ff3a89481e1d2b78ea6758d47f657911
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; form-action 'self'; font-src 'self'; frame-src https://POSfr-P.vwfs.com/; child-src https://POSfr-P.vwfs.com/; object-src 'self'; media-src 'self'; img-src 'self'; manifest-src 'self'; frame-ancestors https://POSfr-P.vwfs.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; form-action 'self'; font-src 'self'; frame-src https://POSfr-P.vwfs.com/; child-src https://POSfr-P.vwfs.com/; object-src 'self'; media-src 'self'; img-src 'self'; manifest-src 'self'; frame-ancestors https://POSfr-P.vwfs.com/;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

x-dtreferer
https://posfr-p.vwfs.com/POS-P/
Referer
https://posfr-p.vwfs.com/POS-P/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Pragma
no-cache
If-Modified-Since
0
x-dtpc
8$343193033_236h3vGPRFMMFOMFEVUGIHKUNAWILOTKCROFNE-0e0

Response headers

Access-Control-Max-Age
1
Access-Control-Expose-Headers
ksiop-session-token
X-Permitted-Cross-Domain-Policies
none
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, PATCH
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="569574405", dtSInfo;desc="0"
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept,Cache-Control ,Pragma, If-Modified-Since, ksiop-session-token
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; form-action 'self'; font-src 'self'; frame-src https://POSfr-P.vwfs.com/; child-src https://POSfr-P.vwfs.com/; object-src 'self'; media-src 'self'; img-src 'self'; manifest-src 'self'; frame-ancestors https://POSfr-P.vwfs.com/;
Cache-Control
no-store, no-cache-no-store; expires:0, Pragma:no-cache
Pragma
no-cache
X-Content-Security-Policy
default-src 'self'; connect-src 'self'; style-src 'self' 'unsafe-inline' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; form-action 'self'; font-src 'self'; frame-src https://POSfr-P.vwfs.com/; child-src https://POSfr-P.vwfs.com/; object-src 'self'; media-src 'self'; img-src 'self'; manifest-src 'self'; frame-ancestors https://POSfr-P.vwfs.com/;
Connection
keep-alive, keep-alive
Access-Control-Allow-Credentials
true
Referrer-Policy
same-origin
Content-Length
42
X-XSS-Protection
1; mode=block
Server
VWFS
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		550 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9c0f881f7b9bccc57db78a297c489ad0f16274c5a517764861139bb32440738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://posfr-p.vwfs.com
Referer
https://posfr-p.vwfs.com/

Response headers

content-encoding
gzip
age
460626
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 03:22:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:22:51 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222679
x-xss-protection
0
server
sffe
favicon-32x32.png
posfr-p.vwfs.com/POS-P/img/favicon/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/img/favicon/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
7a62be6405aa59dadde31b4a04ee7d23cec80090bc8d3c51c78a122604634b2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=86400
ETag
W/"2146-1725436658000"
Connection
keep-alive
Expires
Tue, 10 Dec 2024 11:19:57 GMT
Accept-Ranges
bytes
X-OneAgent-JS-Injection
true
Server-Timing
dtRpid;desc="-1964291490", dtSInfo;desc="0"
Content-Length
2146
Keep-Alive
timeout=20
Date
Mon, 09 Dec 2024 11:19:57 GMT
Last-Modified
Wed, 04 Sep 2024 07:57:38 GMT
Content-Type
image/png
Server
VWFS
X-FRAME-OPTIONS
SAMEORIGIN
rb_f8e43171-db2a-4151-94b1-a616adac2d40
posfr-p.vwfs.com/POS-P/ 		109 B
350 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/rb_f8e43171-db2a-4151-94b1-a616adac2d40?type=js3&sn=v_4_srv_8_sn_3DDCB7B477657ED002AAB1FE7C0EF78D_perc_100000_ol_0_mul_1_app-3Aa8a4f4e3236b3e39_1&svrid=8&flavor=post&vi=GPRFMMFOMFEVUGIHKUNAWILOTKCROFNE-0&modifiedSince=1733336236306&rf=https%3A%2F%2Fposfr-p.vwfs.com%2FPOS-P%2F%23%2Fdashboard%2FMAIN&bp=3&app=a8a4f4e3236b3e39&crc=2803978947&en=hw4d32sa&end=1
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/ruxitagentjs_ICA7NVfqrux_10301241007103824.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
df63c62b7e2c5b3c89e43c9a2a265f3891b1c88c89d9778430289a97ce85ea88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

x-dtreferer
https://posfr-p.vwfs.com/POS-P/#/dashboard/MAIN
Referer
https://posfr-p.vwfs.com/POS-P/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Keep-Alive
timeout=20
Content-Length
109
Date
Mon, 09 Dec 2024 11:19:58 GMT
Content-Type
text/plain;charset=utf-8
Connection
keep-alive
Server
VWFS
rb_f8e43171-db2a-4151-94b1-a616adac2d40
posfr-p.vwfs.com/POS-P/ 		109 B
350 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://posfr-p.vwfs.com/POS-P/rb_f8e43171-db2a-4151-94b1-a616adac2d40?type=js3&sn=v_4_srv_8_sn_3DDCB7B477657ED002AAB1FE7C0EF78D_perc_100000_ol_0_mul_1_app-3Aa8a4f4e3236b3e39_1&svrid=8&flavor=post&vi=GPRFMMFOMFEVUGIHKUNAWILOTKCROFNE-0&modifiedSince=1733336236306&rf=https%3A%2F%2Fposfr-p.vwfs.com%2FPOS-P%2F%23%2Flogin&bp=3&app=a8a4f4e3236b3e39&crc=1195760843&en=hw4d32sa&end=1
Requested by
Host: posfr-p.vwfs.com
URL: https://posfr-p.vwfs.com/POS-P/ruxitagentjs_ICA7NVfqrux_10301241007103824.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.60.96.35 , Germany, ASN205505 (DE-VWFS-AS01 Volkswagen Financial Services Overseas AG, DE),
Reverse DNS
Software
VWFS /
Resource Hash
df63c62b7e2c5b3c89e43c9a2a265f3891b1c88c89d9778430289a97ce85ea88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://posfr-p.vwfs.com/POS-P/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Keep-Alive
timeout=20
Content-Length
109
Date
Mon, 09 Dec 2024 11:20:00 GMT
Content-Type
text/plain;charset=utf-8
Connection
keep-alive
Server
VWFS

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dT_ object| dtrum object| dynatrace object| cassioPosConfig function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Color function| Chart object| IntlPolyfill function| _ function| $ function| jQuery function| showFields object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

7 Cookies

Domain/Path Name / Value
posfr-p.vwfs.com/POS-P/RestServices Name: unitoken
Value:
posfr-p.vwfs.com/POS-P/RestServices Name: ksiopRSState
Value:
.vwfs.com/ Name: dtCookie
Value: v_4_srv_8_sn_3DDCB7B477657ED002AAB1FE7C0EF78D_perc_100000_ol_0_mul_1_app-3Aa8a4f4e3236b3e39_1
.vwfs.com/ Name: rxVisitor
Value: 1733743193033P5LU5NP8P5TSEH0EFK7J8LGO5IFVO8BJ
.vwfs.com/ Name: dtSa
Value: -
.vwfs.com/ Name: rxvt
Value: 1733744997308|1733743193034
.vwfs.com/ Name: dtPC
Value: 8$343193033_236h-vGPRFMMFOMFEVUGIHKUNAWILOTKCROFNE-0e0

2 Console Messages

Source Level URL
Text
network error URL: https://posfr-p.vwfs.com/POS-P/RestServices/login
Message:
Failed to load resource: the server responded with a status of 401 ()
recommendation verbose URL: https://posfr-p.vwfs.com/POS-P/#/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

posfr-p.vwfs.com
www.google.com
www.gstatic.com
142.250.186.36
185.60.96.35
2a00:1450:4001:806::2003
00d9dea1ac278a841b0c4c9a6c7e5f11ff3a89481e1d2b78ea6758d47f657911
034ff054556103bf17669b930dfd85fa38ef7b190fec1c23ce4995dd9b7df21c
0bacb8901430782ef7c6e11c22baa71777dd4056f199eb56469c16c3b028720e
104d25a7b2fcd8f19f5856eb3a01d142787cf0821832eeceefeadeba078e7b16
15e724db640f46b9fd1a290bda6bfe372f454a5c1687a4d2f1b2fd259036ddcb
201dc2745fa69b9ada1dfa6c834a14871b6de122930d7cd7707d30ec601cba9b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
44de260f5aaeeb6a26304a16170dd5711997503863f250e02ac62ada52f96548
4715ccd25e4651bad622e0f14ccf331ef607c7f5859c8d3e2d104867efa9a69a
4e849b82c47183560d2abc3786d8589935164a71c017302ddd9700ca15e78f2f
77261538cec70f9cd878a4e7e6917ac32886155a648c2b8ac7a73d321fed68a4
7a62be6405aa59dadde31b4a04ee7d23cec80090bc8d3c51c78a122604634b2b
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
9aab2b282240fd09360fb4ebd36847ce7857fba5d3349fa514b0bb58420ce509
a5a5e0ecae69856b1c4959b1035bf50891ea921f2f501f7960e7e0d30973c9a3
a6be022ff4ededfc7b5769e50b56f1fe10b75becc5b0c7493fee296e2824a42a
ad5adce775c6b652bfd0204ff143c6a80fd273763be1d9c95d92fa66875ea9b6
b0962a932e057ca1fbcd01fff27d668f54b571f84a3da5bc07652717dd25de24
b171d9d9ab4d9bf57427121d9ee2ea8e86a59e22b0a0223f07674e03bec0be84
c741c6a178cf7be6bca19667fe40b7b3e7fb3485eaabbfe7fa5a6575343517d5
c7f51fc06b559bf23a2d486c3ebfb65faf24b4d750d9b92f136866767154ad68
d8eb1bd918add9c407dc274c03d8d7083a6bd366173577a456bbf012757ab583
d9c0f881f7b9bccc57db78a297c489ad0f16274c5a517764861139bb32440738
dc8ffde3fe1edbc188508dad9c4662476f230c9bd911f509ef4350cd30d6044d
df63c62b7e2c5b3c89e43c9a2a265f3891b1c88c89d9778430289a97ce85ea88
f432a791116940bbf3827f42a07f03eeda85b36421085d91260395b6d5c2d616