pentest.hfcu.org Open in urlscan Pro
20.236.83.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pentest.hfcu.org/
Submission: On March 14 via automatic, source certstream-suspicious (March 14th 2024, 3:46:31 pm UTC) — Scanned from DE

Summary HTTP 139 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 30 domains to perform 139 HTTP transactions. The main IP is 20.236.83.124, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pentest.hfcu.org.
TLS certificate: Issued by GeoTrust EV RSA CA G2 on January 16th 2024. Valid for: a year.

This is the only time pentest.hfcu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	20.236.83.124 20.236.83.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	65.9.66.65 65.9.66.65	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:2000:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:272... 2600:9000:2724:ba00:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	34.83.202.81 34.83.202.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:2... 2600:1901:0:22e6::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:be59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2600:9000:272... 2600:9000:2724:9c00:0:99b9:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.58 18.66.147.58	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2a08	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2600:9000:272... 2600:9000:2724:9800:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:4... 2600:1901:0:476d::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:1901:0:2... 2600:1901:0:21ea::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:8... 2600:1901:0:891c::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.3.14.134 52.3.14.134	14618 (AMAZON-AES) (AMAZON-AES)
139	39

40 20.236.83.124 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pentest.hfcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-65.fra56.r.cloudfront.net

integration.silvercloudinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:2000:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:ba00:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.glia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.83.202.81 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.202.83.34.bc.googleusercontent.com

7ea3a8c0-5d1f-4c25-bed9-8d9b5d2c37e7.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:22e6:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

app-script.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:be59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2724:9c00:0:99b9:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

libs.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-58.fra60.r.cloudfront.net

capture-api.reachlocalservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2a08 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:9800:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:476d:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

heatmaps.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:21ea:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

pagecorrect.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:891c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

tracking.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.14.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-14-134.compute-1.amazonaws.com

client-logger.salemove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	hfcu.org pentest.hfcu.org	1 MB
12	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1711 ka-p.fontawesome.com — Cisco Umbrella Rank: 3288	173 KB
8	salemove.com libs.salemove.com — Cisco Umbrella Rank: 17379 api.salemove.com — Cisco Umbrella Rank: 17738 client-logger.salemove.com — Cisco Umbrella Rank: 13629	423 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 343 www.linkedin.com — Cisco Umbrella Rank: 579 px4.ads.linkedin.com — Cisco Umbrella Rank: 6619	3 KB
6	monsido.com app-script.monsido.com — Cisco Umbrella Rank: 11318 heatmaps.monsido.com — Cisco Umbrella Rank: 16862 pagecorrect.monsido.com — Cisco Umbrella Rank: 23370 tracking.monsido.com — Cisco Umbrella Rank: 7113	12 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6932	844 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	152 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	20 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4454 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4397 track.hubspot.com — Cisco Umbrella Rank: 2375	27 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 90	475 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2609 www.google.com — Cisco Umbrella Rank: 2	760 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 363	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	272 KB
2	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 144	530 B
2	reachlocalservices.com capture-api.reachlocalservices.com — Cisco Umbrella Rank: 18910	588 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1445 insight.adsrvr.org — Cisco Umbrella Rank: 609	4 KB
2	glia.com api.glia.com — Cisco Umbrella Rank: 14859	20 KB
2	rlets.com cdn.rlets.com — Cisco Umbrella Rank: 15543 7ea3a8c0-5d1f-4c25-bed9-8d9b5d2c37e7.rlets.com	46 KB
2	silvercloudinc.com integration.silvercloudinc.com — Cisco Umbrella Rank: 56128	31 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 4752	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2193	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2195	17 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 782	396 B
1	t.co t.co — Cisco Umbrella Rank: 651	379 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 765	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 764	15 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2481	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	3 KB
0	Failed function sub() { [native code] }. Failed
139	30

	Domain	Requested by
40	pentest.hfcu.org	pentest.hfcu.org
10	ka-p.fontawesome.com	kit.fontawesome.com pentest.hfcu.org
6	libs.salemove.com	api.glia.com libs.salemove.com
5	www.google.de	pentest.hfcu.org
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	cdn.jsdelivr.net	pentest.hfcu.org cdn.jsdelivr.net
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com pentest.hfcu.org
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	pentest.hfcu.org www.googletagmanager.com
2	pagecorrect.monsido.com	app-script.monsido.com pagecorrect.monsido.com
2	heatmaps.monsido.com	app-script.monsido.com heatmaps.monsido.com
2	www.google.com	pentest.hfcu.org
2	www.googleadservices.com	2 redirects
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	capture-api.reachlocalservices.com	cdn.rlets.com
2	kit.fontawesome.com	pentest.hfcu.org kit.fontawesome.com
2	api.glia.com	pentest.hfcu.org api.glia.com
2	integration.silvercloudinc.com	pentest.hfcu.org
1	client-logger.salemove.com	libs.salemove.com
1	track.hubspot.com
1	tracking.monsido.com
1	insight.adsrvr.org	js.adsrvr.org
1	perf-na1.hsforms.com	pentest.hfcu.org
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	px4.ads.linkedin.com	pentest.hfcu.org
1	www.linkedin.com	1 redirects
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	region1.analytics.google.com	www.googletagmanager.com
1	api.salemove.com	libs.salemove.com
1	analytics.twitter.com	pentest.hfcu.org
1	t.co	pentest.hfcu.org
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	js.hs-scripts.com	pentest.hfcu.org
1	app-script.monsido.com	pentest.hfcu.org
1	js.adsrvr.org	pentest.hfcu.org
1	7ea3a8c0-5d1f-4c25-bed9-8d9b5d2c37e7.rlets.com	cdn.rlets.com
1	fonts.googleapis.com	pentest.hfcu.org
1	cdn.rlets.com	pentest.hfcu.org
0	gbojkjpincgojijodbnliimgeggnomai Failed	pentest.hfcu.org
139	44

This site contains links to these domains. Also see Links.

Domain
hanscomfcu-web.oflows.net
online.hfcu.org
www.hfcu.org
www.salliemae.com
go.hfcu.org
hfcu.balancepro.org
hanscom.insuranceaisle.com
www.hanscominvestmentservices.org
hfcucharity.org
app.loanspq.com
www.facebook.com
x.com
www.instagram.com
www.linkedin.com
www.youtube.com
ncua.gov
www.hud.gov

Subject Issuer	Validity	Valid
www.hfcu.org GeoTrust EV RSA CA G2	`2024-01-16` - `2025-02-15`	a year	crt.sh
*.silvercloudinc.com Go Daddy Secure Certificate Authority - G2	`2023-06-26` - `2024-06-26`	a year	crt.sh
*.rlets.com Amazon RSA 2048 M03	`2023-10-31` - `2024-11-27`	a year	crt.sh
*.glia.com Amazon RSA 2048 M01	`2023-06-18` - `2024-07-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
captureapi.localiq.com R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
app-script.monsido.com GTS CA 1D4	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.reachlocalservices.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
heatmaps.monsido.com GTS CA 1D4	`2024-03-06` - `2024-06-04`	3 months	crt.sh
pagecorrect.monsido.com GTS CA 1D4	`2024-02-24` - `2024-05-24`	3 months	crt.sh
tracking.monsido.com GTS CA 1D4	`2024-01-19` - `2024-04-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://pentest.hfcu.org/
Frame ID: 597C115835E4E7207A028D7E850D7D64
Requests: 136 HTTP requests in this frame

Frame: https://7ea3a8c0-5d1f-4c25-bed9-8d9b5d2c37e7.rlets.com/static/storage.html
Frame ID: 8EEEBC239F39AA9E84D010D23F35DDA5
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=1y3rh3t&ref=https%3A%2F%2Fpentest.hfcu.org%2F&upid=x64t15i&upv=1.1.0
Frame ID: 9909CFD0670BD241F8E9A87ACE0BA3BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personal & Business Banking, Home Equity, Car Loans & More - Hanscom Federal Credit Union

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

139
Requests

57 %
HTTPS

69 %
IPv6

30
Domains

44
Subdomains

39
IPs

3
Countries

2504 kB
Transfer

5890 kB
Size

30
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://hanscomfcu-web.oflows.net/oao/prodstart
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://online.hfcu.org/HanscomFCUOnline/uux.aspx#/login/resetPasswordUsername
Title: Forgot Your Password?

Search URL Search Domain Scan URL

URL: https://www.hfcu.org/13-month-share-certificate-special.html
Title: Learn More

Search URL Search Domain Scan URL

URL: http://www.salliemae.com/studentloans/hfcu
Title: Private Student Loans

Search URL Search Domain Scan URL

URL: https://go.hfcu.org/blog
Title: MoneyWisdom Blog

Search URL Search Domain Scan URL

URL: https://hfcu.balancepro.org/
Title: Financial Counseling

Search URL Search Domain Scan URL

URL: https://hanscom.insuranceaisle.com/
Title: Vehicle, Property, Life & Business Insurance

Search URL Search Domain Scan URL

URL: https://www.hanscominvestmentservices.org/
Title: Investment & Retirement Planning Services

Search URL Search Domain Scan URL

URL: https://hfcucharity.org/
Title: About Hanscom FCU Charitable Foundation

Search URL Search Domain Scan URL

URL: https://hanscomfcu-web.oflows.net/oao/?product=cert_six_special
Title: Open Today

Search URL Search Domain Scan URL

URL: https://hanscomfcu-web.oflows.net/oao/?product=certificate
Title: OPEN YOUR CERTIFICATE ONLINE

Search URL Search Domain Scan URL

URL: https://www.hfcu.org/share-certificate-specials.html
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://www.hfcu.org/why-us/about-hanscom-fcu/about-hanscom-fcu/scholarships.html
Title: Learn more and apply today!

Search URL Search Domain Scan URL

URL: https://go.hfcu.org/blog/earn-more-with-a-certificate-laddering-strategy
Title: Read more

Search URL Search Domain Scan URL

URL: https://go.hfcu.org/blog/avoid-lifestyle-creep
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.hfcu.org/reduce-debt.html
Title: Learn how

Search URL Search Domain Scan URL

URL: https://www.hfcu.org/borrow/home-loans/mortgages.html#contact
Title: Contact us for more help

Search URL Search Domain Scan URL

URL: https://app.loanspq.com/apply.aspx?lenderref=hanscom121323&list=CCPLVLST
Title: Apply

Search URL Search Domain Scan URL

URL: https://www.hfcu.org/privacy-policies.html
Title: Website Privacy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HanscomFederalCreditUnion
Title: Facebook

Search URL Search Domain Scan URL

URL: https://x.com/HanscomFCU
Title: X

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hanscomfcu/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hanscomfcu/
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://www.youtube.com/c/HanscomFederalCreditUnion
Title: YouTube

Search URL Search Domain Scan URL

URL: https://ncua.gov/

Search URL Search Domain Scan URL

URL: https://www.hud.gov/fairhousing

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111

https://www.googleadservices.com/pagead/conversion/986783444/wcm?cc=ZZ&dn=8006564328&cl=d84iCJbn78sBENS9xNYD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8006564328&cl=d84iCJbn78sBENS9xNYD

Request Chain 116

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2444577&time=1710431185245&li_adsId=c55ab332-533f-4604-99f5-4b06342dd31e&url=https%3A%2F%2Fpentest.hfcu.org%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2444577&time=1710431185245&li_adsId=c55ab332-533f-4604-99f5-4b06342dd31e&url=https%3A%2F%2Fpentest.hfcu.org%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2444577%26time%3D1710431185245%26li_adsId%3Dc55ab332-533f-4604-99f5-4b06342dd31e%26url%3Dhttps%253A%252F%252Fpentest.hfcu.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2444577&time=1710431185245&li_adsId=c55ab332-533f-4604-99f5-4b06342dd31e&url=https%3A%2F%2Fpentest.hfcu.org%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2444577&time=1710431185245&li_adsId=c55ab332-533f-4604-99f5-4b06342dd31e&url=https%3A%2F%2Fpentest.hfcu.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQKbmQ6uGna0IAAAAY49pKupkGPjPFsg85-B7oIaw25Hrf15YQnNo8Ej5hD6EGc9gpPFnQdv

Request Chain 124

https://www.googleadservices.com/pagead/conversion/986783444/wcm?cc=ZZ&dn=7816982000&cl=8gxHCKr478sBENS9xNYD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=7816982000&cl=8gxHCKr478sBENS9xNYD

139 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pentest.hfcu.org/ 69 KB
14 KB 549ms
305ms Document
text/html 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

8581b66943543cc9403ebeb0015b076b541982f7e79af0ccf3d9278c0696ec12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 14130
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Mar 2024 15:46:23 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.52 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding

GET
H2 200 silvercloud.min.css
integration.silvercloudinc.com/css/ 51 KB
11 KB 60ms
8ms Stylesheet
text/css 65.9.66.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integration.silvercloudinc.com/css/silvercloud.min.css
Requested by: Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1147b9a2c705cafa2582035c73f88d33100c1c7aac0774ef135a4226cdb0b57a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 08:39:57 GMT
content-encoding: br
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 01:27:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 25588
x-amz-server-side-encryption: AES256
etag: W/"1526cbc4849b7d7e0975a0ddad6d9755"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: FQVXoSQXUNj_YrWTVUkWMq8yb5h8EkIOus-KW_G7xIPoZEUz4uA39g==

GET
H2 200 d1f4c25bed98d9b5d2c37e7.js Show response
cdn.rlets.com/capture_configs/7ea/3a8/c05/ 185 KB
44 KB 53ms
8ms Script
text/javascript 2600:9000:2724:2000:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rlets.com/capture_configs/7ea/3a8/c05/d1f4c25bed98d9b5d2c37e7.js

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:2000:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1e3ca02f9181beffa7ac15ac55e1b6a903044d51247a2c29730b4fe59ba0a356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Mar 2024 14:27:19 GMT
via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P12
age: 4745
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 65f86b5763008a01f19cabf7767b7173
x-runtime: 0.080643
referrer-policy: strict-origin-when-cross-origin
etag: W/"1e3ca02f9181beffa7ac15ac55e1b6a9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control
x-amz-cf-id: 5NxV3iTiRTbNju2Wj4qDqVjMcUXtOEpuxjYc40VkjTi5V4is0K0c_w==

GET
H2 200 salemove_integration.js Show response
api.glia.com/ 9 KB
9 KB 61ms
7ms Script
application/javascript 2600:9000:2724:ba00:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/salemove_integration.js

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:ba00:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

97bcfd985ee6af445c93b9b2c83cc8306b5c3949aa5ff2cf0e4e699cfe56e1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Thu, 14 Mar 2024 15:23:42 GMT
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
last-modified: Wed, 13 Mar 2024 19:31:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 1368
x-amz-server-side-encryption: AES256
etag: "f4fcb7c6ae8bba6ab7c5bac110d477c3"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9094
x-amz-cf-id: 9VjaWTxQGTBISGHwuRZJRspH2XZWOzGOVMxN2wKbsGV7bOUZVg2uXw==

GET
H/1.1 200
OK jquery-ui.min.css
pentest.hfcu.org/jquery/jquery_custom/ui-theme/ 30 KB
8 KB 221ms
114ms Stylesheet
text/css 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/jquery/jquery_custom/ui-theme/jquery-ui.min.css

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

ec4e08d70c9382a1f1f3666a21a7ece208874985ee4ccc9ac71c8894397877b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 23:27:57 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7971-6137f021e0b8f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7733

GET
H2 200 slick.min.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 35ms
17ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.css

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce54d767f01eb9114389e6ef95a27fe04211a98a4a7a0a4a6a56cb9274656e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 78377
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-lga21921-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"684-GF2HLIFihozHz5lQusuuoPZJs88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9qnqiTdW0lTlTmtlCJpwQSqQuIkzrx1c7BNXMV8NzkVttCGHYZ8yNxam9dfNVBDX0GmO8PL9J4V9n7wSjjTdHKA7QwqkYoy%2Bz04D9%2BM8HYMP1UYj3fOfGW1r4XqWwpUZyzlscgccIbTgJ9hLAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 86456574585336dd-FRA

GET
H2 200 slick-theme.min.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
1 KB 39ms
21ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.min.css

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3166ddd944effa0090cab36a67512a7bccb8ae0c62488c07862568d9f5697c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 78355
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220041-FRA, cache-lga21965-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"a8d-r8Y5IYv5SkLyJ6agYlQ7jaREjpU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nb9Aku83jS50RwXNbvYZv%2FwDFs4UCp0li2wDwUxQXqd1vrkmefn7wOjYuqIwqYZ43Ocnh9DPXE1VBL2n2BPYghyQupXZf4FBNU7t8L%2F0HDN14My%2BAHcRNBRpiW62n3MHt8vQGR6JabGrwjoFBVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 86456574585736dd-FRA

GET
H/1.1 200
OK bootstrap.min.css
pentest.hfcu.org/css/ 157 KB
24 KB 352ms
130ms Stylesheet
text/css 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/css/bootstrap.min.css

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

003580a5107dbbd10affbfc34a546331b15b3dedfea2548d9e1d61410cfc5ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 23:27:33 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "27215-6137f00a96cb2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 23865

GET
H/1.1 200
OK site.css
pentest.hfcu.org/css/min/ 187 KB
34 KB 361ms
137ms Stylesheet
text/css 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/css/min/site.css?ver=202402161107

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

352e627f80e52d5bfc2e47fcdd565c3926bc90bbb634cb5a369e84e14957c7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 23:27:33 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2ed05-6137f00ac6a53-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 34600

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
pentest.hfcu.org/jquery/jquery_custom/js/ 87 KB
31 KB 357ms
132ms Script
text/javascript 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/jquery/jquery_custom/js/jquery-3.5.1.min.js

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 23:27:57 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "15d84-6137f021c560f-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30910

GET
H/1.1 200
OK jquery-ui.min.js Show response
pentest.hfcu.org/jquery/jquery_custom/ui-theme/ 314 KB
76 KB 364ms
137ms Script
text/javascript 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/jquery/jquery_custom/ui-theme/jquery-ui.min.js

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

cada70d07e8e32ed5ca32fd9ae87f4d8be60eb13c60c6e3e9fcbb7c8b7b6854d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 23:27:57 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4e817-6137f021e0b8f-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.validate.min.js Show response
pentest.hfcu.org/jquery/jquery_plugins/ 23 KB
8 KB 362ms
131ms Script
text/javascript 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/jquery/jquery_plugins/jquery.validate.min.js

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 23:27:57 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5add-6137f02204daf-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7502

GET
H/1.1 200
OK bootstrap.min.js Show response
pentest.hfcu.org/scripts/ 48 KB
13 KB 349ms
118ms Script
text/javascript 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/scripts/bootstrap.min.js

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

d711092840be7b4dcb03497457166764177c1ee6edd4379aac31fef677f1b2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 23:27:58 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "bf07-6137f0224f130-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13076

GET
H/1.1 200
OK site.js Show response
pentest.hfcu.org/scripts/min/ 35 KB
9 KB 467ms
114ms Script
text/javascript 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest.hfcu.org/scripts/min/site.js?ver=202402161107

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

6cc3dace494a699e0c7fde8c8331b0448950387ac79c0e4c3a217f60e6ec2550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 23:27:58 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "8b7d-6137f02285c31-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8651

GET
H2 200 3e634e2a28.js Show response
kit.fontawesome.com/ 12 KB
5 KB 164ms
134ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/3e634e2a28.js
Requested by: Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e632a1d1e210b407ef0506fbd98d3e11ca5294d866ef94bee5aa61cc08445bc3

Request headers

Referer: https://pentest.hfcu.org/
Origin: https://pentest.hfcu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:24 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8645657478579968-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F7ysGYb4k6dcn54YmUVD

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
3 KB 129ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

603071041b2253b2e2c84ea2158a56332a83a99c983319829895f6811e334c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 15:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:46:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 15:46:24 GMT

GET
H/1.1 200
OK Hanscom-logo-reversed.svg
pentest.hfcu.org/img/ 20 KB
21 KB 114ms
112ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/Hanscom-logo-reversed.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

eca6adb456b2529763526228ad3c828414429e21bee5b77a54f22805c139f81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5191-6137f01fc3b4a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20881

GET
H/1.1 200
OK Hanscom-logo-black.svg
pentest.hfcu.org/img/ 12 KB
13 KB 115ms
114ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/Hanscom-logo-black.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

50ab802c3caafebd603fa5987565c045ce6083b6f639b5701fa7fe008f81c601

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3115-6137f01fc3b4a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12565

GET
H/1.1 200
OK Hanscom-logo-color.svg
pentest.hfcu.org/img/ 25 KB
25 KB 112ms
112ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/Hanscom-logo-color.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

4e9ccebf8b89bd3f5cd4015108e858d92799de038a1ee47d6a71b686fd370ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "62f0-6137f01fc3b4a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 25328

GET
H/1.1 200
OK Hanscom-logo-only-reversed.svg
pentest.hfcu.org/img/ 3 KB
3 KB 114ms
114ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/Hanscom-logo-only-reversed.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

af4caa26389bc595241df23743509623056843a05cc4bab03563e0da415bb2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "bda-6137f01fc3b4a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3034

GET
H/1.1 200
OK Hanscom-logo-only-red.svg
pentest.hfcu.org/img/ 10 KB
10 KB 112ms
112ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/Hanscom-logo-only-red.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

321f0d24e5fab3fb645eabe0b5aed7e2803eda06eb4f2567c53c7bf329625e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "279b-6137f01fdb24a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 10139

GET
H/1.1 200
OK 2024-phone-flip-thin-dark.png
pentest.hfcu.org/img/ 959 B
1 KB 115ms
113ms Image
image/png 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/2024-phone-flip-thin-dark.png

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

dd8223dfbd2837983fa1035557bb1b8926f06fdda55655a01f502039788601f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3bf-6137f01fdd18a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 959

GET
H/1.1 200
OK 2024-phone-flip-light-white.png
pentest.hfcu.org/img/ 12 KB
12 KB 115ms
114ms Image
image/png 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/2024-phone-flip-light-white.png

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f6f16b06d1c76a240efcbcd0a8078f68f871b2df9f48be2c3110af1dc4116c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2ed2-6137f01fdd18a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11986

GET
H/1.1 200
OK iStock-629112756_web.jpg
pentest.hfcu.org/content/images/original/ 55 KB
56 KB 114ms
113ms Image
image/jpeg 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/content/images/original/iStock-629112756_web.jpg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

d597bb9e1b0f64c58a67b8d402c3162651203ab4a6323228ee76c81a79f53c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:09 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "dd3f-6137eff4519aa"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 56639

GET
H/1.1 200
OK 6-Mo-CD-Cool-Temps-Graphics-2-x-2-in_1.jpg
pentest.hfcu.org/content/images/original/ 39 KB
39 KB 113ms
112ms Image
image/jpeg 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/content/images/original/6-Mo-CD-Cool-Temps-Graphics-2-x-2-in_1.jpg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

4301bbe909d552992f365f3335069495ce8ecd320663c81d518918d2603fc63f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:10 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "9b47-6137eff4a78ab"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 39751

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 340 KB
103 KB 148ms
69ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5N7GGP

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ab0b36aa800823fb18b803c6c8094b8feae9bbf8a184c760b819a8839569cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104590
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Mar 2024 15:46:24 GMT

GET
H2 200 storage.html Show response
7ea3a8c0-5d1f-4c25-bed9-8d9b5d2c37e7.rlets.com/static/ Frame 8EEE 2 KB
2 KB 653ms
146ms Document
text/html 34.83.202.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://7ea3a8c0-5d1f-4c25-bed9-8d9b5d2c37e7.rlets.com/static/storage.html

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/7ea/3a8/c05/d1f4c25bed98d9b5d2c37e7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.83.202.81 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.202.83.34.bc.googleusercontent.com

Software

Resource Hash

398ee5a42dce97f3140d48141a057f7f4d58efd212805ee18851e4d8a9cc588c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pentest.hfcu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 2056
content-type: text/html
date: Thu, 14 Mar 2024 15:46:24 GMT
last-modified: Thu, 25 Jan 2024 17:43:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET upload_fileaccessapi.js
gbojkjpincgojijodbnliimgeggnomai/ 0
0

GET upload_element_creation.js
gbojkjpincgojijodbnliimgeggnomai/ 0
0

GET
H/1.1 200
OK lora-300-x-300.jpg
pentest.hfcu.org/content/images/original/ 10 KB
10 KB 114ms
114ms Image
image/jpeg 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/content/images/original/lora-300-x-300.jpg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

50c9087f1bd62f4fd150a0d8125d45ff849bc03206fad1e35d17ea76c1c016c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:09 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2688-6137eff41aeaa"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 9864

GET
H/1.1 200
OK Untitled-800--800-px.jpg
pentest.hfcu.org/content/images/original/ 74 KB
74 KB 113ms
113ms Image
image/jpeg 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/content/images/original/Untitled-800--800-px.jpg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

e34049d5edd036f0ae07a0290b0b96666b0ac9f54a167d3f0c438ca459cda863

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:08 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "12713-6137eff33d3c7"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 75539

GET
H/1.1 200
OK Meet-the-team--Kris.jpg
pentest.hfcu.org/content/images/original/ 34 KB
34 KB 112ms
111ms Image
image/jpeg 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/content/images/original/Meet-the-team--Kris.jpg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

9c2383226d0b763976b8c74d6efd0aeb05d89ecaf2b69154dae91ede2487e38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:07 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "86ed-6137eff263765"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 34541

GET
H/1.1 200
OK icon-location.svg
pentest.hfcu.org/img/ 672 B
1005 B 116ms
116ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/icon-location.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f7560563adf628c0065601baa9d59a738c532ba5941e57d9dfdf58d3da8ff274

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2a0-6137f01fce72a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 672

GET
H/1.1 200
OK icon-phone.svg
pentest.hfcu.org/img/ 857 B
1 KB 113ms
112ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/icon-phone.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

8d080170463297d6f6a1e6363bbf24b6271f1839f5c47eadbb245da243bfee93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "359-6137f01fce72a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 857

GET
H/1.1 200
OK icon-routing-white.svg
pentest.hfcu.org/img/ 968 B
1 KB 115ms
111ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/icon-routing-white.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

8394271dfb59386f21179efcb8021fb21970f1617fea099133bd9080d421d93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3c8-6137f01fce72a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 968

GET
H/1.1 200
OK icon-facebook.svg
pentest.hfcu.org/img/ 503 B
836 B 113ms
113ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/icon-facebook.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

ab0c42ec68ec56ccea7c319925d23cc9c5b51f6fe399654c06c7c04d727d76bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1f7-6137f01fcd78a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 503

GET
H/1.1 200
OK icon-twitter.svg
pentest.hfcu.org/img/ 496 B
829 B 112ms
112ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/icon-twitter.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

269d8b1344dc40fc7e7b67dbef8695813882546e543a18f8316cbadebb164a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:24 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1f0-6137f01fdc1ea"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 496

GET
H/1.1 200
OK icon-instagram.svg
pentest.hfcu.org/img/ 2 KB
2 KB 117ms
117ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/icon-instagram.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

5e3d1bed202da7129d071e1ccfbcc078527a7241a4adb3a2d1df8e6e7273e4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:25 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "812-6137f01fcd78a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2066

GET
H/1.1 200
OK icon-linkedin.svg
pentest.hfcu.org/img/ 791 B
1 KB 112ms
112ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/icon-linkedin.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f2b923c150a57b9316c9626f0a4b6fc533f0c09663e3a604ec6644d6ec8e247f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:25 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "317-6137f01fcd78a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 791

GET
H/1.1 200
OK icon-youtube.svg
pentest.hfcu.org/img/ 767 B
1 KB 112ms
112ms Image
image/svg+xml 20.236.83.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest.hfcu.org/img/icon-youtube.svg

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

20.236.83.124 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

e51a37063b0d1de09e48361f8cc87248128c91eaaaff7733b3ab03744aa93ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 15:46:25 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Tue, 12 Mar 2024 23:27:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2ff-6137f01fcf6ca"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 767

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 9 KB
4 KB 32ms
7ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 06:22:31 GMT
Content-Encoding: gzip
Via: 1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Mar 2024 19:43:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 33834
x-amz-server-side-encryption: AES256
ETag: W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: TB1fsWxG4PItUXSY4F7NY8CjpHSM7rKghtJnEpLw3HNcNzzzeDtN_g==

GET
H2 200 monsido-script.js Show response
app-script.monsido.com/v2/ 8 KB
3 KB 54ms
15ms Script
text/javascript 2600:1901:0:22e6::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app-script.monsido.com/v2/monsido-script.js
Requested by: Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:22e6:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:43:53 GMT
content-encoding: gzip
age: 151
x-guploader-uploadid: ABPtcPqWzYNpSf6OgjdBqxbjrHTmxtftyCUYpMrF6oDiZzbRNOaiRT8oeXHu8imM9Ohiz6GaP4U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2757
last-modified: Thu, 01 Jun 2023 11:12:59 GMT
server: UploadServer
etag: "fce0a6a1f924b9c6816bdc5bc679506e"
vary: Accept-Encoding
x-goog-generation: 1685617979609837
x-goog-hash: crc32c=dMVJbw==, md5=/OCmofkkucaBa9xbxnlQbg==
content-type: text/javascript
cache-control: public, max-age=300
x-goog-stored-content-length: 2757
accept-ranges: bytes
expires: Thu, 14 Mar 2024 15:48:53 GMT

GET
H2 200 118438.js Show response
js.hs-scripts.com/ 1 KB
1 KB 366ms
328ms Script
application/javascript 2606:4700::6810:be59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/118438.js

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d42ed74e5cc66c0b73f240fbc2bbe52a8696012a8b046c317fc49fd407fe56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f9d882ad-47cb-467d-a845-082a60e0b312
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f9d882ad-47cb-467d-a845-082a60e0b312
last-modified: Thu, 14 Mar 2024 15:17:15 GMT
server: cloudflare
x-trace: 2B2CDACF5CB5962866394D6800157F8044F5011810000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://pentest.hfcu.org
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-9flcd
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 86456578584d9b8c-FRA
expires: Thu, 14 Mar 2024 15:47:55 GMT

GET
H2 200 silvercloud.js Show response
integration.silvercloudinc.com/js/silvercloudjs/ 61 KB
20 KB 10ms
8ms Script
application/javascript 65.9.66.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://integration.silvercloudinc.com/js/silvercloudjs/silvercloud.js
Requested by: Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40b2da647bcc787d43218caecb24901ea7b01025bcf5f9db98359756dbf4aae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 02:04:10 GMT
content-encoding: gzip
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 01:27:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 49335
x-amz-server-side-encryption: AES256
etag: W/"80f213d3a2f208a7129b19b16ceaefaa"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Bi8KR90IXmrLYDmT6IXs5mUAWK_00sqA8S24QXZTIGxVEZ_H-p_2Mg==

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 22ms
20ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: pentest.hfcu.org
URL: https://pentest.hfcu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 78384
x-jsd-version: 1.8.1
content-encoding: br
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-lga21934-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=16MBiwsMJxY9kJTQVKUhWcxdw3vBelI%2BDUFIu5FFSv4xlJIy1K3a6UlqAd7LEwJ24Ao4fo2R1V6%2FBJg07O9V8TeCSfawSa1ICO%2BX1thnTa3NeB1rpcfCYVtlMMoKEI%2FFO5ziBhkr9Gd93Map9pc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 864565780dd336dd-FRA

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 654ms
653ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=3e634e2a28
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3e634e2a28.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: "610ae215-d3b2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 864565780d0d9968-FRA
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 458ms
457ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=3e634e2a28
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3e634e2a28.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: "610ae215-1062"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 864565780d0b9968-FRA
content-length: 4194

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 27 KB
3 KB 447ms
447ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=3e634e2a28
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3e634e2a28.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: "610ae215-a2b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 864565780d0f9968-FRA
content-length: 2603

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/3e634e2a28/88410327/ 0
118 B 453ms
453ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/3e634e2a28/88410327/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3e634e2a28.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pentest.hfcu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:46:25 GMT
cf-cache-status: MISS
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 864565780d0a9968-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 0
x-request-id: F7ysGbwy9buDm0BGwPSC