crsmemberdirect.org Open in urlscan Pro
199.96.6.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
Submission: On September 17 via api (September 17th 2023, 2:06:40 am UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 199.96.6.40, located in Farmersville, United States and belongs to LRS, US. The main domain is crsmemberdirect.org.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on July 5th 2023. Valid for: a year.

This is the only time crsmemberdirect.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	199.96.6.40 199.96.6.40	19065 (LRS) (LRS)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
25	3

22 199.96.6.40 (Farmersville, United States)

ASN19065 (LRS, US)

crsmemberdirect.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	crsmemberdirect.org crsmemberdirect.org	458 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56	2 KB
1	gstatic.com fonts.gstatic.com	19 KB
25	3

	Domain	Requested by
22	crsmemberdirect.org	crsmemberdirect.org
2	fonts.googleapis.com	crsmemberdirect.org
1	fonts.gstatic.com	fonts.googleapis.com
25	3

This site contains links to these domains. Also see Links.

Domain
www.cincinnati-oh.gov
www.lrs.com

Subject Issuer	Validity	Valid
crsmemberdirect.org RapidSSL TLS RSA CA G1	`2023-07-05` - `2024-07-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
Frame ID: 712097FE55F2FDFFC9BE1977DE7194F9
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

478 kB
Transfer

814 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cincinnati-oh.gov/retirement/
Title: http://www.cincinnati-oh.gov/retirement/

Search URL Search Domain Scan URL

URL: http://www.lrs.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Login.aspx Show response
crsmemberdirect.org/WmsWebSite/ 20 KB
8 KB 619ms
169ms Document
text/html 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

423b5b1ddd44d280c87bee8de02acbc629f0915ebad01cc81e8e51ba31def736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Content-Encoding: gzip
Content-Length: 7285
Content-Type: text/html; charset=utf-8
Date: Sun, 17 Sep 2023 02:06:31 GMT
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: web server
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload max-age=31536000;includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY SAMEORIGIN
X-Powered-By: ARR/3.0
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK bootstrap.min.css
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/ 112 KB
19 KB 1043ms
1042ms Stylesheet
text/css 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/bootstrap.min.css

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

a693da5c77936d9284136963451c4ce092a8a6e46499a8119d4345bad611a676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
Content-Length: 18529
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:46 GMT
Server: web server
ETag: "05d49d34dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK BusinessControls.css
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/ 1 KB
1 KB 425ms
143ms Stylesheet
text/css 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/BusinessControls.css

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

02e1fa0a7a382b8bd4bd31aa0846c3b5aa675d201650b4696a66525c9aa2c8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:31 GMT
X-Powered-By: ARR/3.0
Content-Length: 660
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:46 GMT
Server: web server
ETag: "05d49d34dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK Card.css
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/ 5 KB
2 KB 426ms
142ms Stylesheet
text/css 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Card.css

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

c4e19408d72c12adea74d08446c4872c5487bba5007e68e4ca94bab99b776a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:31 GMT
X-Powered-By: ARR/3.0
Content-Length: 1492
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:46 GMT
Server: web server
ETag: "05d49d34dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK Common.css
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/ 10 KB
3 KB 438ms
144ms Stylesheet
text/css 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Common.css

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

3011dee085f8a8b1de55218f7a3d79cf1fb463aad2a6dc8d70f1c72762afaecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:31 GMT
X-Powered-By: ARR/3.0
Content-Length: 2433
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:46 GMT
Server: web server
ETag: "05d49d34dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK CustomControls.css
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/ 8 KB
2 KB 442ms
149ms Stylesheet
text/css 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/CustomControls.css

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

e3a4a3b49a181a5414dacb87f94faa1040fdca80c1cfca4070e130a7189937a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:31 GMT
X-Powered-By: ARR/3.0
Content-Length: 1833
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:46 GMT
Server: web server
ETag: "05d49d34dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK joyride-2.1.css
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/ 8 KB
2 KB 469ms
151ms Stylesheet
text/css 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/joyride-2.1.css

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

e05c7bbbe31d1a4c0d6ee65941939abb8f3f95d105e0690d5de82071c8a12e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:31 GMT
X-Powered-By: ARR/3.0
Content-Length: 1818
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK Site.css
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/ 10 KB
3 KB 567ms
141ms Stylesheet
text/css 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Site.css

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

e0549215de3768cc1a94f817a3dec40c3c9a3d3cd1859bf77bf4b74817241199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
Content-Length: 2478
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK Withholding.css
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/ 8 KB
2 KB 571ms
144ms Stylesheet
text/css 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Withholding.css

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

94e4d683da6b21b51a6ebbee2d6d8a4f5885bb7922d3883117c9ee580275e74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
Content-Length: 1577
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 1 KB
867 B 85ms
34ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alex+Brush

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e94c86ce1708b9dfe17721c60f035a612cbec7eec1b6d8badaa5b674f88a420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Sep 2023 02:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Sep 2023 02:06:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Sep 2023 02:06:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
738 B 88ms
37ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f549fbdb513ea89d318f82f49882050300fd313ac0de5c4f4df8f073dc230a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Sep 2023 02:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Sep 2023 00:32:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Sep 2023 02:06:32 GMT

GET
H/1.1 200
OK jquery.js Show response
crsmemberdirect.org/WmsWebSite/Scripts/ 82 KB
29 KB 735ms
298ms Script
application/javascript 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/Scripts/jquery.js

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
Content-Length: 29373
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK WebResource.axd Show response
crsmemberdirect.org/WmsWebSite/ 23 KB
6 KB 594ms
152ms Script
application/x-javascript 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDSw7IRhSvl_8MrdCAMxvOHZK2bt3nGcwCDiU8pdh5iu3seISTetgV147icU72_loQ2&t=638240163755514788

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: web server
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: no-store
Content-Length: 6007
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK Common.js Show response
crsmemberdirect.org/WmsWebSite/Scripts/ 6 KB
3 KB 620ms
151ms Script
application/javascript 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/Scripts/Common.js

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

30e7818fdf249e77558568e24d5f0775edc52a96281ffa55dff00a75d1ed11cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
Content-Length: 2307
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK ScriptResource.axd Show response
crsmemberdirect.org/WmsWebSite/ 100 KB
26 KB 852ms
285ms Script
application/x-javascript 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvgMsr7eY6AGge9hfvqrGXZxQezxJZP5AwGq0RHcDV0j_g1N2e7nLh3QIa9fhGrvVI403MvfBA2V8a0P99hZ60KL5-IC6vlPzbLocudqD3vkwfkyVuXoGmfNkcgxEsGGgQpmbkWj8UC-2qMFmfhTS22g1&t=96346c8

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 16 Sep 2023 11:24:40 GMT
Server: web server
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: no-store
Content-Length: 25609
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK ScriptResource.axd Show response
crsmemberdirect.org/WmsWebSite/ 39 KB
10 KB 855ms
284ms Script
application/x-javascript 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OBQrKgnoC8kER0H0pIJLMsO9FKumoQa1yjAhw72XVh7iApq2I-VdqZfr0K24_jjAd_stluRmusugmprMu-8NUAF3kclZY8NGVF3OoSLBRD1srHZq52iohI_ItPTeBjANe2CvglbNDr749BiKmxCA7hU1&t=96346c8

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 16 Sep 2023 11:24:40 GMT
Server: web server
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: no-store
Content-Length: 9984
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
crsmemberdirect.org/WmsWebSite/Scripts/ 28 KB
8 KB 767ms
159ms Script
application/javascript 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/Scripts/bootstrap.min.js

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
Content-Length: 7694
X-Xss-Protection: 1;mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store
Accept-Ranges: bytes

GET
H/1.1 200
OK WebResource.axd Show response
crsmemberdirect.org/WmsWebSite/ 3 KB
1 KB 772ms
152ms Script
application/x-javascript 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to

Full URL

https://crsmemberdirect.org/WmsWebSite/WebResource.axd?d=JoBkLzP19aTuxbWOhHobYvctr4BZDwJ-pl2w2YU_Z7XDQDKFNHzX_W6vhqXVBlos_-JmnMlOhrWNLK9nH95Oww2&t=638240163755514788

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: web server
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
X-Frame-Options: DENY, SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: no-store
Content-Length: 978
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK logo_cityofcinti_retire_white.png
crsmemberdirect.org/WmsWebSite/Images/ 23 KB
24 KB 153ms
153ms Image
image/png 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crsmemberdirect.org/WmsWebSite/Images/logo_cityofcinti_retire_white.png

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

e02eb3f934962ab5eaf6a9bea3baf76600ec6e0772057e041d5a2596b0fd1ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
X-Powered-By: ARR/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 23559
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK lrsDiamond.gif
crsmemberdirect.org/WmsWebSite/Images/ 706 B
1 KB 148ms
147ms Image
image/gif 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crsmemberdirect.org/WmsWebSite/Images/lrsDiamond.gif

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

d18181e6a76a9e56c97a28e0cd657053304ed6b0c6e4f5f05cc51561282c37e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
X-Powered-By: ARR/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 706
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK Cinci_Skyline2.jpg
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Images/ 287 KB
287 KB 150ms
145ms Image
image/jpeg 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Images/Cinci_Skyline2.jpg

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Common.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

57f401e164dcd87e2d8c017c02e6045f09eabfc6160594b4349383306d2be44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
X-Powered-By: ARR/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 293467
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK brushed_alu2.png
crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Images/ 16 KB
16 KB 160ms
156ms Image
image/png 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/Images/brushed_alu2.png

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/CustomControls.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

8bdaff1a6c82c18f3b28b9e5bdb3040150a7be448a9c69b986a2ca6f43346ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/App_Themes/PensionGold/CustomControls.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
X-Powered-By: ARR/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 16297
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK usernamebackground.png
crsmemberdirect.org/WmsWebSite/Images/ 691 B
1 KB 150ms
145ms Image
image/png 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crsmemberdirect.org/WmsWebSite/Images/usernamebackground.png

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

352219ed4e394c6439465104f0cd0804577725d0f055262b6d1478b5d2640347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
X-Powered-By: ARR/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 691
X-Xss-Protection: 1;mode=block

GET
H/1.1 200
OK passwordbackground.png
crsmemberdirect.org/WmsWebSite/Images/ 915 B
1 KB 160ms
155ms Image
image/png 199.96.6.40
LRS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crsmemberdirect.org/WmsWebSite/Images/passwordbackground.png

Requested by

Host: crsmemberdirect.org
URL: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.96.6.40 Farmersville, United States, ASN19065 (LRS, US),

Reverse DNS

Software

web server / ARR/3.0

Resource Hash

55167ae4514a09863b40f6a2e16932be456528e4c47caef99480a26aa8387a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crsmemberdirect.org/WmsWebSite/Login.aspx?ReturnUrl=/wmswebsite/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains
Date: Sun, 17 Sep 2023 02:06:32 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Aug 2023 14:27:48 GMT
Server: web server
ETag: "08a7ad44dd0d91:0"
X-Powered-By: ARR/3.0
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 915
X-Xss-Protection: 1;mode=block

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 308ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88f421b2498fd4ff75eeb6df1d0e8b5e1f038007350ad968d4f258cbe50a02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://crsmemberdirect.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:29:25 GMT
x-content-type-options: nosniff
age: 200229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18656
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:30:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:29:25 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			crsmemberdirect.org/	1970-01-20 14:48:46	Name: WmsWebSite_bindingid Value: O7pSFZu1vNW/nM7hCiO970VMwfPRX2dvjNIGPsZd+Cl6FL8Jz2NKEz3BOlAJiTj9jGgSsSIevlcGwSNVi2qqY1Rrh1vDiQYp00IQ74zkIesxCef0uP2AAwooPdgpbAbrWaVIQ8N/GxUAfwnl4OVgFidEdM2yzkpi5I3WqkB+JGQ=
			crsmemberdirect.org/	1969-12-31 23:59:59	Name: MD_ASP.NET_SessionId Value: pmuyvbyj2p3piae2eheotg1p

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crsmemberdirect.org
fonts.googleapis.com
fonts.gstatic.com
199.96.6.40
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
02e1fa0a7a382b8bd4bd31aa0846c3b5aa675d201650b4696a66525c9aa2c8df
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
3011dee085f8a8b1de55218f7a3d79cf1fb463aad2a6dc8d70f1c72762afaecb
30e7818fdf249e77558568e24d5f0775edc52a96281ffa55dff00a75d1ed11cb
352219ed4e394c6439465104f0cd0804577725d0f055262b6d1478b5d2640347
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
423b5b1ddd44d280c87bee8de02acbc629f0915ebad01cc81e8e51ba31def736
55167ae4514a09863b40f6a2e16932be456528e4c47caef99480a26aa8387a07
57f401e164dcd87e2d8c017c02e6045f09eabfc6160594b4349383306d2be44e
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6e94c86ce1708b9dfe17721c60f035a612cbec7eec1b6d8badaa5b674f88a420
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8bdaff1a6c82c18f3b28b9e5bdb3040150a7be448a9c69b986a2ca6f43346ee2
94e4d683da6b21b51a6ebbee2d6d8a4f5885bb7922d3883117c9ee580275e74b
a693da5c77936d9284136963451c4ce092a8a6e46499a8119d4345bad611a676
c4e19408d72c12adea74d08446c4872c5487bba5007e68e4ca94bab99b776a0e
d18181e6a76a9e56c97a28e0cd657053304ed6b0c6e4f5f05cc51561282c37e4
e02eb3f934962ab5eaf6a9bea3baf76600ec6e0772057e041d5a2596b0fd1ff2
e0549215de3768cc1a94f817a3dec40c3c9a3d3cd1859bf77bf4b74817241199
e05c7bbbe31d1a4c0d6ee65941939abb8f3f95d105e0690d5de82071c8a12e5e
e3a4a3b49a181a5414dacb87f94faa1040fdca80c1cfca4070e130a7189937a0
e88f421b2498fd4ff75eeb6df1d0e8b5e1f038007350ad968d4f258cbe50a02c
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f549fbdb513ea89d318f82f49882050300fd313ac0de5c4f4df8f073dc230a0d

crsmemberdirect.org Open in urlscan Pro 199.96.6.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

478 kBTransfer

814 kBSize

2 Cookies

2 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

crsmemberdirect.org Open in urlscan Pro
199.96.6.40 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

478 kB
Transfer

814 kB
Size

2
Cookies

25 HTTP transactions
0 data transactions