urlscan.io logo urlscan.io
SecurityTrails logo

pentest.inconto.com Open in urlscan Pro
84.247.13.125  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pentest.inconto.com/
Effective URL: https://pentest.inconto.com/logon/logon.asp
Submission: On February 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 84.247.13.125, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is pentest.inconto.com.
TLS certificate: Issued by R3 on February 23rd 2021. Valid for: 3 months.
This is the only time pentest.inconto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 84.247.13.125 20857 (TRANSIP-A...)
19 1
Apex Domain
Subdomains		 Transfer
20 inconto.com
pentest.inconto.com
1 MB
19 1
Domain Requested by
20 pentest.inconto.com 1 redirects pentest.inconto.com
19 1

This site contains links to these domains. Also see Links.

Domain
www.inconto.com
Subject Issuer Validity Valid
pentest.inconto.com
R3		 2021-02-23 -
2021-05-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pentest.inconto.com/logon/logon.asp
Frame ID: 25EF8273DB6167ECDF595DE8BD80BD2E
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://pentest.inconto.com/ HTTP 302
    https://pentest.inconto.com/logon/logon.asp Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • script /\/Chart(?:\.bundle)?(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1034 kB
Transfer

1033 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pentest.inconto.com/ HTTP 302
    https://pentest.inconto.com/logon/logon.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request logon.asp
pentest.inconto.com/logon/
Redirect Chain
  • https://pentest.inconto.com/
  • https://pentest.inconto.com/logon/logon.asp?
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
ffc875e1c2761a3996c12dafbc0214c043c9dfc49125db269365506b1045fc14
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
pentest.inconto.com
:scheme
https
:path
/logon/logon.asp?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ASPSESSIONIDQWQCSCST=FEPFKCFCOBCEECLEMDBOMDGB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
private
content-type
text/html; Charset=UTF-8
server
INCONTO
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
strict-transport-security
max-age=15552001;includeSubDomains;preload
date
Tue, 23 Feb 2021 07:03:42 GMT
content-length
8414

Redirect headers

cache-control
private
content-type
text/html; Charset=UTF-8
location
/logon/logon.asp?
server
INCONTO
set-cookie
ASPSESSIONIDQWQCSCST=FEPFKCFCOBCEECLEMDBOMDGB; secure; path=/; HttpOnly; SameSite=None
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
strict-transport-security
max-age=15552001;includeSubDomains;preload
date
Tue, 23 Feb 2021 07:03:42 GMT
content-length
138
bootstrap-datepicker.min.css
pentest.inconto.com/Styles/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/Styles/bootstrap-datepicker.min.css?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
24305c9d8795d7d275e22b0677712d9ec0902b4e5df0f733279f9fbc4bc126f2
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Sat, 28 Apr 2018 13:11:52 GMT
server
INCONTO
etag
"01c2879f2ded31:0"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
15731
x-content-type-options
nosniff
login.min.css
pentest.inconto.com/styles/new/ 		143 KB
144 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/styles/new/login.min.css?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
defed4b739c84235b929a1454ef501e84453c9041743154f38ce84d5d3d2da28
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Thu, 17 Sep 2020 12:01:38 GMT
server
INCONTO
etag
"07da4cea8cd61:0"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
146807
x-content-type-options
nosniff
jquery.min.js
pentest.inconto.com/JavaScripts/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/jquery.min.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Fri, 23 Aug 2019 09:14:02 GMT
server
INCONTO
etag
"069ae1a9359d51:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
88145
x-content-type-options
nosniff
bootstrap.min.js
pentest.inconto.com/JavaScripts/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/bootstrap.min.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Sat, 28 Apr 2018 13:11:52 GMT
server
INCONTO
etag
"01c2879f2ded31:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
37051
x-content-type-options
nosniff
jquery-ui.min.js
pentest.inconto.com/JavaScripts/ 		55 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/jquery-ui.min.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
5d756c72e0c8bef48cf3dbc30d9b0c632a1c2f029d4f771599380ee1368d9c06
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Thu, 24 Jan 2019 12:34:24 GMT
server
INCONTO
etag
"0c83023e1b3d41:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
55897
x-content-type-options
nosniff
jquery.validate.js
pentest.inconto.com/JavaScripts/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/jquery.validate.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
c9acdf688876497bbcacf7a7c83d9fdfaa4a82b92fe574fe0d0083a59fde0daa
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Tue, 09 Oct 2018 14:49:56 GMT
server
INCONTO
etag
"042a58df5fd41:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
48676
x-content-type-options
nosniff
bootstrap-datepicker.min.js
pentest.inconto.com/JavaScripts/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/bootstrap-datepicker.min.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
b56e4bcc40bb423846d02880bf196c78c4ecdaa252eeedc344f6ae0e3149df3a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Sat, 28 Apr 2018 13:11:52 GMT
server
INCONTO
etag
"01c2879f2ded31:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
33599
x-content-type-options
nosniff
INO.js
pentest.inconto.com/JavaScripts/ 		221 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/INO.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
f48c61c90c6126753debb858ae21077f3f994183eb0b6b3deaba0106e4240268
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Thu, 17 Sep 2020 12:01:38 GMT
server
INCONTO
etag
"07da4cea8cd61:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
226409
x-content-type-options
nosniff
legacy.js
pentest.inconto.com/JavaScripts/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/legacy.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
26bcd51e437f8352ea052e5ebb92d6d350f1252d02d24bd32c2bed547ac19216
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Thu, 17 Sep 2020 12:01:38 GMT
server
INCONTO
etag
"07da4cea8cd61:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
50564
x-content-type-options
nosniff
SearchScripts.js
pentest.inconto.com/JavaScripts/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/SearchScripts.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
7b986df0b0e2c9a2cf63af3762549e64d089c47762f7035c425fe5e2ea2dd180
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Thu, 17 Sep 2020 12:01:38 GMT
server
INCONTO
etag
"07da4cea8cd61:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
26184
x-content-type-options
nosniff
event_hooks.js
pentest.inconto.com/JavaScripts/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/event_hooks.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
2cd77ce9dbac33d0633aa219a7d1820cbff5a78c48163b0708ae7f0107c705f6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Thu, 17 Sep 2020 12:01:38 GMT
server
INCONTO
etag
"07da4cea8cd61:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
23700
x-content-type-options
nosniff
KeyListener-1.0.min.js
pentest.inconto.com/JavaScripts/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/KeyListener-1.0.min.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
7467e35959473669260df37fb2b4dbb4164fff0b47773c4ab811532880beb517
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Sat, 28 Apr 2018 13:11:50 GMT
server
INCONTO
etag
"0eff677f2ded31:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
2548
x-content-type-options
nosniff
hilitor.js
pentest.inconto.com/JavaScripts/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/hilitor.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
06515881710d41d8a3a3bbc24c247ba44d96eecf099b0d2d5b2986de17dec5ba
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Sat, 28 Apr 2018 13:11:52 GMT
server
INCONTO
etag
"01c2879f2ded31:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
3029
x-content-type-options
nosniff
Chart.min.js
pentest.inconto.com/JavaScripts/Chart.js/ 		154 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/Chart.js/Chart.min.js?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
506c2fc94147e90aa7d0f4b2415c38ab7bc85f4c15d6688a4eb69c349cc058f7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Sat, 28 Apr 2018 13:11:50 GMT
server
INCONTO
etag
"0eff677f2ded31:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
157415
x-content-type-options
nosniff
UserSettings.asp
pentest.inconto.com/JavaScripts/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/JavaScripts/UserSettings.asp?ver=2020_2_201
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
7ca69e9106a8ad5e4c12a93fa67c1a104e2f2a55c7819400786ae28d92054444
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
server
INCONTO
date
Tue, 23 Feb 2021 07:03:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/javascript; Charset=UTF-8
cache-control
private
strict-transport-security
max-age=15552001;includeSubDomains;preload
content-length
8191
x-content-type-options
nosniff
loginlogo.png
pentest.inconto.com/Client/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pentest.inconto.com/Client/loginlogo.png
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/logon/logon.asp?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
728a42945d236828277fe3275155c12d8962a69412f2ee72af6c615fb7a6c920
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/logon/logon.asp?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Tue, 16 Jul 2019 13:35:38 GMT
server
INCONTO
etag
"071875adb3bd51:0"
x-frame-options
SAMEORIGIN
content-type
image/png
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
46205
x-content-type-options
nosniff
icon32x32grey.png
pentest.inconto.com/Icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pentest.inconto.com/Icons/icon32x32grey.png
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/styles/new/login.min.css?ver=2020_2_201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
316fd5a2983f09d1157a736f8cd49f82573821f90ce1e99d7d7de8dd8fe6afab
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://pentest.inconto.com/styles/new/login.min.css?ver=2020_2_201
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Tue, 04 Dec 2018 12:05:52 GMT
server
INCONTO
etag
"010b1b3c98bd41:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
1624
x-content-type-options
nosniff
fontawesome-webfont.woff2
pentest.inconto.com/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pentest.inconto.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: pentest.inconto.com
URL: https://pentest.inconto.com/styles/new/login.min.css?ver=2020_2_201
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.247.13.125 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
84-247-13-125.colo.transip.net
Software
INCONTO /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://pentest.inconto.com
Referer
https://pentest.inconto.com/styles/new/login.min.css?ver=2020_2_201
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
referrer-policy
same-origin
last-modified
Sat, 28 Apr 2018 13:11:52 GMT
server
INCONTO
etag
"01c2879f2ded31:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
date
Tue, 23 Feb 2021 07:03:42 GMT
strict-transport-security
max-age=15552001;includeSubDomains;preload
accept-ranges
bytes
content-length
77160
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| INO function| addLineText function| fnRecalculateColumnWidths function| fnHideColumn function| fnNumber_SystemValueToDisplayValue function| fnNumber_DisplayValueToSystemValue function| insertRow function| fnControleerGetal function| fnCheckNumber function| subZetInput function| subMaakDecimaalOp function| fnOpmaakDecimaal function| maxLengthFunction function| iEscape function| fnUploadFile function| fnDeleteFile function| fnDeleteFileExtra function| doDeleteFile function| fnCreateEditableFieldWithPopup function| fnQuerystringToObject function| fnPopupEditDiv function| showPropertyPreferences function| closePropertyPreferences function| fnClosePopupEditDiv function| fnCreateTableBody function| fnCreateTree function| fnCreateTreeItems function| fnCreateMultiLevelArray object| aKnoppen function| fnHiliteAlertButton function| fnDeHiliteAlertButton function| fnAlert function| fnBericht function| fnClickButton function| subOnclickAlertBox function| fnDisableFrame function| subOnclick function| fnZoekParentNode function| fnOpmaakDatum function| setCancelBubble function| DoSimpleAjaxCall function| fnGenericAsyncCall function| fnGetTranslations function| fnGetJSONFromSql object| ENTITIES_REGEXP object| ENTITIES_MAP function| ENT_entityToChar function| ENT_htmlDecode function| maakHelpInfoDiv function| verwijderHelpInfoDiv function| rgb2hex function| fnDisableButton function| addParameterToSearchCatalogString function| fnExecFunction object| Base64 function| getEntityNameById function| FastSearch function| fnMakeFastSearch function| initKeyListener function| setButtonBar function| imgError function| KeyListener object| oKeyListener function| Hilitor function| Color function| Chart

1 Cookies

Domain/Path Name / Value
pentest.inconto.com/ Name: ASPSESSIONIDQWQCSCST
Value: FEPFKCFCOBCEECLEMDBOMDGB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; form-action 'self'
Strict-Transport-Security max-age=15552001;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN