urlscan.io logo urlscan.io
SecurityTrails logo

fincademy.herofincorp.com Open in urlscan Pro
18.142.235.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fincademy.herofincorp.com/
Effective URL: https://fincademy.herofincorp.com/login/index.php
Submission: On August 19 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 18.142.235.177, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is fincademy.herofincorp.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 27th 2020. Valid for: 2 years.
This is the only time fincademy.herofincorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 21 18.142.235.177 16509 (AMAZON-02)
19 1
Apex Domain
Subdomains		 Transfer
21 herofincorp.com
fincademy.herofincorp.com
1 MB
19 1
Domain Requested by
21 fincademy.herofincorp.com 2 redirects fincademy.herofincorp.com
19 1

This site contains links to these domains. Also see Links.

Domain
download.moodle.org
Subject Issuer Validity Valid
*.herofincorp.com
Entrust Certification Authority - L1K		 2020-08-27 -
2022-11-25		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://fincademy.herofincorp.com/login/index.php
Frame ID: 5D578D222FACB2ECC91851BEF55D53F9
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hero FinCorp: Log in to the site

Page URL History Show full URLs

  1. http://fincademy.herofincorp.com/ HTTP 303
    https://fincademy.herofincorp.com/ HTTP 303
    https://fincademy.herofincorp.com/login/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1384 kB
Transfer

3855 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fincademy.herofincorp.com/ HTTP 303
    https://fincademy.herofincorp.com/ HTTP 303
    https://fincademy.herofincorp.com/login/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
fincademy.herofincorp.com/login/
Redirect Chain
  • http://fincademy.herofincorp.com/
  • https://fincademy.herofincorp.com/
  • https://fincademy.herofincorp.com/login/index.php
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
66bbfb21bf97b99d739256632f7aae195630aa98ec8de79fe2fad3eee2a3a2bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
none
Cache-Control
private, pre-check=0, post-check=0, max-age=0, no-transform
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en
Content-Length
6176
Content-Script-Type
text/javascript
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Content-Style-Type
text/css
Content-Type
text/html; charset=utf-8
Date
Fri, 19 Aug 2022 09:27:20 GMT
Expires
Keep-Alive
timeout=5, max=99
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Pragma
no-cache
Referrer-Policy
same-origin
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN sameorigin
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Language
en
Content-Length
1513
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Fri, 19 Aug 2022 09:27:20 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://fincademy.herofincorp.com/login/index.php
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Pragma
no-cache
Referrer-Policy
same-origin
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Redirect-By
Moodle
X-XSS-Protection
1; mode=block
yui_combo.php
fincademy.herofincorp.com/theme/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.css
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
fbd5b8255a99afe96e89a88423275ed4e93083fad3311dd349906122e63206a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="combo"
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
1031
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 08 Apr 2022 10:39:53 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"b9bc567c469e2872cf3bbb14603342a72de2509b"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=31104000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=98
Expires
Mon, 14 Aug 2023 09:27:20 GMT
all
fincademy.herofincorp.com/theme/styles.php/boost/1660899601_1/ 		631 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/theme/styles.php/boost/1660899601_1/all
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f2979f4c0500b0de2ee998c04c6b391b9e705f8ec683ae7a2ed65f0cb310c830
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="styles.php"
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:01:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"f4423c89d56756b6d3ce3bcc71e0290f249abe8f"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=97
Expires
Thu, 17 Nov 2022 09:27:20 GMT
polyfill.min.js
fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/babel-polyfill/ 		97 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/babel-polyfill/polyfill.min.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d9e07890edf5f6f350ef465b37479fc6192923e60e64d9f20af37eb3b011cc66
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="javascript.php"
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:00:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"2912ebc0a8caf8651d772a04ccd5bd3f960c6649"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=100
Expires
Thu, 17 Nov 2022 09:27:20 GMT
polyfill.js
fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/polyfills/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/polyfills/polyfill.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e9b11833a390cf8a12e5b6c02602d27f79591160cfdde6c9029be7efa3eef847
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="javascript.php"
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
5244
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:00:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"a2757410877b2465c678fc528f8799d6f7372c2e"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=100
Expires
Thu, 17 Nov 2022 09:27:20 GMT
yui_combo.php
fincademy.herofincorp.com/theme/ 		276 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
13eaaadfa414f262b7964320054bb2b322b9ef9f3522bc25c9d60dc83b5141cf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="combo"
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 08 Apr 2022 10:39:53 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"78581a0bac8a932effb32db3e91e0f2f2b47c08e"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=31104000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=100
Expires
Mon, 14 Aug 2023 09:27:20 GMT
javascript-static.js
fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/javascript-static.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ec9d65cb26cade9adcf9c012734551cf8c86c49a1ff45fef12662ae42f312e3f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="javascript.php"
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
6777
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:00:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"af4bfb5b8ecc2f947e0d3dacaf231f75fddda15a"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=100
Expires
Thu, 17 Nov 2022 09:27:20 GMT
FinCademy.png
fincademy.herofincorp.com/pluginfile.php/1/core_admin/logo/0x200/1660899601/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fincademy.herofincorp.com/pluginfile.php/1/core_admin/logo/0x200/1660899601/FinCademy.png
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7eaf1a93b6276882644dfc8d63c2fe3871a6145fcf589d44f999c19aaed590ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:21 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="FinCademy.png"
Connection
Keep-Alive
Content-Length
65645
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:11:53 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Cache-Control
public, max-age=5184000, no-transform
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Tue, 18 Oct 2022 09:27:21 GMT
require.min.js
fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/requirejs/ 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/requirejs/require.min.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/login/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9ce0dbd6a1df9332653e27d1ddc505c5b78fd82b4112de0ec63840c3fbe0b8c2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="javascript.php"
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
6662
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:00:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"5cda486e93cf7840c22fe55d38da706ca859777b"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=96
Expires
Thu, 17 Nov 2022 09:27:21 GMT
bg.png
fincademy.herofincorp.com/pluginfile.php/1/theme_boost/backgroundimage/1660899601/ 		480 KB
481 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fincademy.herofincorp.com/pluginfile.php/1/theme_boost/backgroundimage/1660899601/bg.png
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/theme/styles.php/boost/1660899601_1/all
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5b4c5ae2bcb8da7762bd9ab3def1467c77908a440bf0ed206062b45a301c2c98
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/theme/styles.php/boost/1660899601_1/all
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:21 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="bg.png"
Connection
Keep-Alive
Content-Length
491429
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Mon, 11 Apr 2022 15:54:04 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"1516260435c8d0f37b3dd67c5d49a0bd83a2bf86"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
Cache-Control
public, max-age=5184000, no-transform
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Tue, 18 Oct 2022 09:27:21 GMT
fontawesome-webfont.woff2
fincademy.herofincorp.com/theme/font.php/boost/core/1660899601/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/theme/font.php/boost/core/1660899601/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/theme/styles.php/boost/1660899601_1/all
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fincademy.herofincorp.com/theme/styles.php/boost/1660899601_1/all
Origin
https://fincademy.herofincorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:21 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="fontawesome-webfont.woff2"
Connection
Keep-Alive
Content-Length
77160
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:01:15 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"c4cb35d0a68a69283af6f438869109cd2b4c7f07"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
font/woff2
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=99
Expires
Thu, 17 Nov 2022 09:27:21 GMT
yui_combo.php
fincademy.herofincorp.com/theme/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/theme/yui_combo.php?m/1660899601/core/event/event-min.js&m/1660899601/filter_mathjaxloader/loader/loader-min.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
8cb8c3c5c26fa6f8e9d44134d4cc5cf4cb8e55ed566799161276e7e6ca24ad54
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="combo"
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
854
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 08 Apr 2022 10:39:53 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"2102090ae93028cf2be172c529e0dac6b867ef10"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=31104000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=95
Expires
Mon, 14 Aug 2023 09:27:21 GMT
first.js
fincademy.herofincorp.com/lib/requirejs.php/1660899601/core/ 		2 MB
420 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/requirejs.php/1660899601/core/first.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/requirejs/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
66ac5043f437e34cba92a33a3abd6d9a08d80d73ba54fd8dacaabc0fa0aee28b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="requirejs.php"
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:01:01 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"1cd7060b16e028557b67ec470501797006827c63"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=99
Expires
Thu, 17 Nov 2022 09:27:21 GMT
jquery-3.5.1.min.js
fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/jquery/jquery-3.5.1.min.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/requirejs/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
621c0f52571ccff5dab81de13db26fda4b4a7dad83a01827c9139571023abea4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="javascript.php"
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 19 Aug 2022 09:01:01 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"25c354224ab40ca6b867dd5722fa93b191f3b27f"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=98
Expires
Thu, 17 Nov 2022 09:27:22 GMT
service.php
fincademy.herofincorp.com/lib/ajax/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/ajax/service.php?sesskey=rhFHJ52ook&info=media_videojs_get_language
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/jquery/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
2088fbe413aa7bc5fc811ec5778bd623becf7c1c149d2f12fc8c21ad7cd343d5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fincademy.herofincorp.com/login/index.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 19 Aug 2022 09:27:23 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
4530
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
same-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Keep-Alive
timeout=5, max=97
Expires
Thu, 19 Nov 1981 08:52:00 GMT
yui_combo.php
fincademy.herofincorp.com/theme/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/theme/yui_combo.php?3.17.2/event-mousewheel/event-mousewheel-min.js&3.17.2/event-resize/event-resize-min.js&3.17.2/event-hover/event-hover-min.js&3.17.2/event-touch/event-touch-min.js&3.17.2/event-move/event-move-min.js&3.17.2/event-flick/event-flick-min.js&3.17.2/event-valuechange/event-valuechange-min.js&3.17.2/event-tap/event-tap-min.js
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
26d1a45d173703f01ca9bb8be4335bae6005c3bc0a5f78b380ad18fb152b8835
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fincademy.herofincorp.com/login/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Fri, 19 Aug 2022 09:27:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="combo"
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
4808
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Last-Modified
Fri, 08 Apr 2022 10:39:53 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Etag
"b24ca831785ba367093f089618e840be511be85d"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=31104000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=98
Expires
Mon, 14 Aug 2023 09:27:23 GMT
service-nologin.php
fincademy.herofincorp.com/lib/ajax/ 		30 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/ajax/service-nologin.php?info=core_output_load_fontawesome_icon_system_map&cachekey=1660899601&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_fontawesome_icon_system_map%22%2C%22args%22%3A%7B%22themename%22%3A%22boost%22%7D%7D%5D
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/jquery/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b2dd429eba7c19f2c32eafc082f12bf879603bcfb9c11bf1be7298fcfb5a5f79
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fincademy.herofincorp.com/login/index.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 19 Aug 2022 09:27:23 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=96
Expires
Thu, 17 Nov 2022 09:27:23 GMT
service-nologin.php
fincademy.herofincorp.com/lib/ajax/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/ajax/service-nologin.php?info=core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies,core_output_load_template_with_dependencies&cachekey=1660899601&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22loading%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22modal_backdrop%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_output_load_template_with_dependencies%22%2C%22args%22%3A%7B%22component%22%3A%22core%22%2C%22template%22%3A%22pix_icon_fontawesome%22%2C%22themename%22%3A%22boost%22%2C%22lang%22%3A%22en%22%7D%7D%5D
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/jquery/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
09604128b770c0e743538b387c387056ab0eb8108d7b700e98affe9d18d55a52
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fincademy.herofincorp.com/login/index.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 19 Aug 2022 09:27:23 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
2366
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=97
Expires
Thu, 17 Nov 2022 09:27:23 GMT
service-nologin.php
fincademy.herofincorp.com/lib/ajax/ 		211 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fincademy.herofincorp.com/lib/ajax/service-nologin.php?info=6-method-calls&cachekey=1660899601&args=%5B%7B%22index%22%3A0%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22cancel%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A1%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22closebuttontitle%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A2%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22loading%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A3%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22savechanges%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A4%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showless%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%2C%7B%22index%22%3A5%2C%22methodname%22%3A%22core_get_string%22%2C%22args%22%3A%7B%22stringid%22%3A%22showmore%22%2C%22stringparams%22%3A%5B%5D%2C%22component%22%3A%22core_form%22%2C%22lang%22%3A%22en%22%7D%7D%5D
Requested by
Host: fincademy.herofincorp.com
URL: https://fincademy.herofincorp.com/lib/javascript.php/1660899601/lib/jquery/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.142.235.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-235-177.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
afefe583c5a695189962783424716b19758b2a08e71480cb91a73c88c98a20be
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fincademy.herofincorp.com/login/index.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 19 Aug 2022 09:27:23 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
211
X-XSS-Protection
1; mode=block
Pragma
Referrer-Policy
same-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=7776000, immutable
Permissions-Policy
geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self)
Content-Security-Policy
default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Accept-Ranges
none
Keep-Alive
timeout=5, max=98
Expires
Thu, 17 Nov 2022 09:27:23 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| M function| yui1ConfigFn function| yui2ConfigFn object| YUI_config object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| YUI object| Y function| checkall function| checknone function| select_all_in_element_with_id function| select_all_in function| deselect_all_in function| confirm_if function| findParentNode function| unmaskPassword function| filterByParent function| fix_column_widths function| fix_column_width function| insertAtCursor function| increment_filename function| right_to_left function| openpopup function| close_window function| focuscontrol function| old_onload_focus function| build_querystring function| build_windowoptionsstring function| convert_object_to_string function| stripHTML function| updateProgressBar function| require function| requirejs function| define function| _slicedToArray function| _arrayLikeToArray function| _typeof object| global function| factory function| _typeof2 object| root function| definition function| asyncGeneratorStep function| _createForOfIteratorHelper function| _get function| _superPropBase function| _inherits2 function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn2 function| _assertThisInitialized function| _getPrototypeOf function| _classCallCheck2 function| _defineProperties function| _createClass object| e function| t function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
fincademy.herofincorp.com/ Name: MoodleSession
Value: 6mhbhrd142fu06svpnupk329gk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; font-src 'self' data:;img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN sameorigin
X-Xss-Protection 1; mode=block