sfrhctf.org Open in urlscan Pro
209.59.156.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sfrhctf.org/
Effective URL:
https://sfrhctf.org/
Submission: On March 04 via manual (March 4th 2020, 4:09:24 pm UTC) from US

Summary HTTP 21 Redirects Links 11 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 209.59.156.224, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is sfrhctf.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 27th 2020. Valid for: 3 months.

This is the only time sfrhctf.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 16	209.59.156.224 209.59.156.224		32244 (LIQUIDWEB) (LIQUIDWEB)
1 2	2a00:1450:400... 2a00:1450:4001:81a::200e		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c		15169 (GOOGLE) (GOOGLE)
21	4

16 209.59.156.224 (Lansing, United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: host.rhctf.org

sfrhctf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	sfrhctf.org 1 redirects sfrhctf.org	564 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	doubleclick.net stats.g.doubleclick.net	113 B
0	sfgov.org Failed www6.sfgov.org Failed
21	4

	Domain	Requested by
16	sfrhctf.org	1 redirects sfrhctf.org
2	www.google-analytics.com	1 redirects sfrhctf.org
1	stats.g.doubleclick.net	sfrhctf.org
0	www6.sfgov.org Failed	sfrhctf.org
21	4

This site contains links to these domains. Also see Links.

Domain
www.sfgov.org
www6.sfgov.org
sfgov.org
www.amlegal.com

Subject Issuer	Validity	Valid
sfrhctf.org cPanel, Inc. Certification Authority	`2020-02-27` - `2020-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sfrhctf.org/
Frame ID: 94AF303F3999D234BD5849F496845FAB
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sfrhctf.org/ HTTP 301
https://sfrhctf.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

21
Requests

81 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

581 kB
Transfer

804 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sfgov.org/
Title: SFGOV

Search URL Search Domain Scan URL

URL: http://www6.sfgov.org/index.aspx?page=2
Title: Residents

Search URL Search Domain Scan URL

URL: http://www6.sfgov.org/index.aspx?page=3
Title: Business

Search URL Search Domain Scan URL

URL: http://www6.sfgov.org/index.aspx?page=4
Title: Government

Search URL Search Domain Scan URL

URL: http://www6.sfgov.org/index.aspx?page=5
Title: Visitors

Search URL Search Domain Scan URL

URL: http://www6.sfgov.org/index.aspx?page=6
Title: Online Services

Search URL Search Domain Scan URL

URL: http://sfgov.org/
Title: SF GOV

Search URL Search Domain Scan URL

URL: http://www.amlegal.com/nxt/gateway.dll/California/charter_sf/appendixaemploymentprovisions*?f=templates$fn=default.htm$3.0$vid=amlegal:sanfrancisco_ca$anc=JD_A8.432
Title: Appendix A8.432

Search URL Search Domain Scan URL

URL: http://www6.sfgov.org/index.aspx?page=44
Title: CONTACT SFGOV

Search URL Search Domain Scan URL

URL: http://www6.sfgov.org/index.aspx?page=73
Title: ACCESSIBILITY

Search URL Search Domain Scan URL

URL: http://www6.sfgov.org/index.aspx?page=45
Title: POLICIES

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sfrhctf.org/ HTTP 301
https://sfrhctf.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=551305115&t=pageview&_s=1&dl=https%3A%2F%2Fsfrhctf.org%2F&ul=en-us&de=UTF-8&dt=Overview%20-Retiree%20Health%20Care%20Trust%20Fund%20%7C%20Retiree%20Health%20Care%20Trust%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1643426749&gjid=904144873&cid=2088950567.1583338133&tid=UA-58985400-1&_gid=295674418.1583338133&_r=1&z=424787918 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58985400-1&cid=2088950567.1583338133&jid=1643426749&_gid=295674418.1583338133&gjid=904144873&_v=j81&z=424787918

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
sfrhctf.org/
Redirect Chain

http://sfrhctf.org/
https://sfrhctf.org/

13 KB
5 KB

570ms
342ms

Document
text/html

209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache / PHP/7.0.33
Resource Hash: 09c351abea01d6c0b3891faa7baa803a155d221f3fabe1f4dad901cdcb4d8fee

Request headers

Host: sfrhctf.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Link: <https://sfrhctf.org/wp-json/>; rel="https://api.w.org/", <https://sfrhctf.org/>; rel=shortlink
Cache-Control: max-age=600
Expires: Wed, 04 Mar 2020 16:18:52 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4352
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 04 Mar 2020 16:08:51 GMT
Server: Apache
Location: https://sfrhctf.org/
Cache-Control: max-age=600
Expires: Wed, 04 Mar 2020 16:18:51 GMT
Content-Length: 228
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK style.css
sfrhctf.org/wp-content/themes/sfers-trust-fund/ 22 KB
5 KB 116ms
114ms Stylesheet
text/css 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/style.css?ver=1.1.1
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 93c1125e666288696c9cf7de1dd711a857320dfdc708047837ea2b7736aad499

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Apr 2019 16:03:59 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4705
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK responsive.css
sfrhctf.org/wp-content/themes/sfers-trust-fund/css/ 13 KB
3 KB 229ms
113ms Stylesheet
text/css 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/css/responsive.css?ver=1.1.1
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 694faa17515b952655ea02e80926abaaa26913a99c6470eec06baf04f32804cc

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Apr 2018 15:56:20 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2558
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK default.min.css
sfrhctf.org/wp-content/plugins/tablepress/css/ 6 KB
3 KB 337ms
113ms Stylesheet
text/css 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/wp-content/plugins/tablepress/css/default.min.css?ver=1.9
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Apr 2018 15:54:05 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2732
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK jquery.js Show response
sfrhctf.org/wp-includes/js/jquery/ 95 KB
33 KB 341ms
116ms Script
application/javascript 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 11:07:07 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33776
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
sfrhctf.org/wp-includes/js/jquery/ 10 KB
4 KB 342ms
113ms Script
application/javascript 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 10:11:28 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4014
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK RHCTF_logo_2018.svg
sfrhctf.org/wp-content/themes/sfers-trust-fund/images/ 355 KB
268 KB 358ms
121ms Image
image/svg+xml 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/images/RHCTF_logo_2018.svg
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 18f05ca64a1d93092b7415b5ac7a3bd3418791882462ba4d9515e2475fe0c13a

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Apr 2018 15:56:47 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=172800
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Fri, 06 Mar 2020 16:08:52 GMT

GET
H/1.1 200
OK maxresdefault.jpg
sfrhctf.org/wp-content/uploads/2018/03/ 228 KB
228 KB 241ms
119ms Image
image/jpeg 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfrhctf.org/wp-content/uploads/2018/03/maxresdefault.jpg
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 1d1b72f6b6d3c2b209e1b561a3d51ce5ee8b044fd2321a78f8feee45a8db65f8

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Last-Modified: Tue, 24 Apr 2018 15:57:00 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 233312
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK global.js Show response
sfrhctf.org/wp-content/themes/sfers-trust-fund/js/ 1 KB
802 B 113ms
112ms Script
application/javascript 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/js/global.js?ver=1.1.1
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 6ad32bd3df073f9c678581f333ade133109705913308ed82830df7c0ccb08d35

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Apr 2018 15:56:52 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 418
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
sfrhctf.org/wp-includes/js/ 1 KB
1 KB 114ms
113ms Script
application/javascript 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/wp-includes/js/wp-embed.min.js?ver=4.9.13
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 03:34:32 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 753
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
sfrhctf.org/wp-includes/js/ 12 KB
5 KB 114ms
114ms Script
application/javascript 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sfrhctf.org/wp-includes/js/wp-emoji-release.min.js?ver=4.9.13
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Aug 2018 23:00:59 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4382
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sfrhctf.org
URL: https://sfrhctf.org/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1001
date: Wed, 04 Mar 2020 15:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 04 Mar 2020 17:52:11 GMT

GET
H/1.1 200
OK new-background.jpg
sfrhctf.org/wp-content/themes/sfers-trust-fund/images/ 312 B
627 B 123ms
119ms Image
image/jpeg 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/images/new-background.jpg
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: a9daca2642ee6025230aa61c5f1a7f52e3ffed748f493195b93f472936187af0

Request headers

Referer: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/style.css?ver=1.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 04 Mar 2020 16:08:52 GMT
Last-Modified: Tue, 24 Apr 2018 15:56:45 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 312
Expires: Fri, 03 Apr 2020 16:08:52 GMT

GET
H/1.1 200
OK page_bg.png
sfrhctf.org/wp-content/themes/sfers-trust-fund/images/ 5 KB
5 KB 212ms
114ms Image
image/png 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/images/page_bg.png
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 18378f615bd33adecad02a476841edad61908ef18f8b388da8a2fecc186b01a8

Request headers

Referer: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/style.css?ver=1.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 04 Mar 2020 16:08:53 GMT
Last-Modified: Tue, 24 Apr 2018 15:56:46 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5185
Expires: Fri, 03 Apr 2020 16:08:53 GMT

GET Bheader_mid.gif
www6.sfgov.org/ftp/sfsoap/images/global/ 0
0

GET headerblue_nav.gif
www6.sfgov.org/ftp/sfsoap/images/global/ 0
0

GET Bheader_left.gif
www6.sfgov.org/ftp/sfsoap/images/global/ 0
0

GET Bheader_right.gif
www6.sfgov.org/ftp/sfsoap/images/global/ 0
0

GET
H/1.1 200
OK mobile-menu.png
sfrhctf.org/wp-content/themes/sfers-trust-fund/images/ 259 B
572 B 114ms
113ms Image
image/png 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/images/mobile-menu.png
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: 182f887539976441a4513eed36f419949ce61533ca87caab5afc8454c6185122

Request headers

Referer: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/style.css?ver=1.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 04 Mar 2020 16:08:53 GMT
Last-Modified: Tue, 24 Apr 2018 15:56:44 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 259
Expires: Fri, 03 Apr 2020 16:08:53 GMT

GET
H/1.1 200
OK container_bottom.png
sfrhctf.org/wp-content/themes/sfers-trust-fund/images/ 382 B
695 B 212ms
114ms Image
image/png 209.59.156.224
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/images/container_bottom.png
Requested by: Host: sfrhctf.org
URL: https://sfrhctf.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.156.224 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rhctf.org
Software: Apache /
Resource Hash: c951fcbb14d26dcc05990760c92b4f97fb6793e4e7a914abffbfe8f98b4e2fed

Request headers

Referer: https://sfrhctf.org/wp-content/themes/sfers-trust-fund/style.css?ver=1.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 04 Mar 2020 16:08:53 GMT
Last-Modified: Tue, 24 Apr 2018 15:56:37 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 382
Expires: Fri, 03 Apr 2020 16:08:53 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=551305115&t=pageview&_s=1&dl=https%3A%2F%2Fsfrhctf.org%2F&ul=en-us&de=UTF-8&dt=Overview%20-Retiree%20Health%20Care%20Trust%20Fund%20%7C%20Ret...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58985400-1&cid=2088950567.1583338133&jid=1643426749&_gid=295674418.1583338133&gjid=904144873&_v=j81&z=424787918

35 B
113 B

18ms
18ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58985400-1&cid=2088950567.1583338133&jid=1643426749&_gid=295674418.1583338133&gjid=904144873&_v=j81&z=424787918

Requested by

Host: sfrhctf.org
URL: https://sfrhctf.org/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sfrhctf.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 04 Mar 2020 16:08:52 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Mar 2020 16:08:52 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58985400-1&cid=2088950567.1583338133&jid=1643426749&_gid=295674418.1583338133&gjid=904144873&_v=j81&z=424787918
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www6.sfgov.org
URL: https://www6.sfgov.org/ftp/sfsoap/images/global/Bheader_mid.gif

Domain: www6.sfgov.org
URL: https://www6.sfgov.org/ftp/sfsoap/images/global/headerblue_nav.gif

Domain: www6.sfgov.org
URL: https://www6.sfgov.org/ftp/sfsoap/images/global/Bheader_left.gif

Domain: www6.sfgov.org
URL: https://www6.sfgov.org/ftp/sfsoap/images/global/Bheader_right.gif

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| wp object| twemoji

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://sfrhctf.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sfrhctf.org
stats.g.doubleclick.net
www.google-analytics.com
www6.sfgov.org
www6.sfgov.org
209.59.156.224
2a00:1450:4001:81a::200e
2a00:1450:400c:c00::9c
09c351abea01d6c0b3891faa7baa803a155d221f3fabe1f4dad901cdcb4d8fee
182f887539976441a4513eed36f419949ce61533ca87caab5afc8454c6185122
18378f615bd33adecad02a476841edad61908ef18f8b388da8a2fecc186b01a8
18f05ca64a1d93092b7415b5ac7a3bd3418791882462ba4d9515e2475fe0c13a
1d1b72f6b6d3c2b209e1b561a3d51ce5ee8b044fd2321a78f8feee45a8db65f8
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
694faa17515b952655ea02e80926abaaa26913a99c6470eec06baf04f32804cc
6ad32bd3df073f9c678581f333ade133109705913308ed82830df7c0ccb08d35
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93c1125e666288696c9cf7de1dd711a857320dfdc708047837ea2b7736aad499
a9daca2642ee6025230aa61c5f1a7f52e3ffed748f493195b93f472936187af0
c951fcbb14d26dcc05990760c92b4f97fb6793e4e7a914abffbfe8f98b4e2fed
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d