pentest-signin-formatic.dev.onevigor.tv Open in urlscan Pro
35.85.149.253 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pentest-signin-formatic.dev.onevigor.tv/
Submission: On September 16 via api (September 16th 2024, 10:31:05 am UTC) from US — Scanned from US

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 31 HTTP transactions. The main IP is 35.85.149.253, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is pentest-signin-formatic.dev.onevigor.tv.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 29th 2024. Valid for: a year.

This is the only time pentest-signin-formatic.dev.onevigor.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	35.85.149.253 35.85.149.253	16509 (AMAZON-02) (AMAZON-02)
1	142.251.35.170 142.251.35.170	15169 (GOOGLE) (GOOGLE)
2	142.251.40.227 142.251.40.227	15169 (GOOGLE) (GOOGLE)
4	18.236.33.55 18.236.33.55	16509 (AMAZON-02) (AMAZON-02)
31	4

24 35.85.149.253 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-149-253.us-west-2.compute.amazonaws.com

pentest-signin-formatic.dev.onevigor.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pentest-signin.dev.edisen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pentest-signin.dev.onevigor.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.227 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.236.33.55 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-236-33-55.us-west-2.compute.amazonaws.com

pentest-signin.dev.edisen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pentest-signin.dev.onevigor.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	onevigor.tv pentest-signin-formatic.dev.onevigor.tv pentest-signin.dev.onevigor.tv	1 MB
4	edisen.com pentest-signin.dev.edisen.com	2 KB
2	gstatic.com fonts.gstatic.com	37 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
31	4

	Domain	Requested by
20	pentest-signin-formatic.dev.onevigor.tv	pentest-signin-formatic.dev.onevigor.tv
4	pentest-signin.dev.onevigor.tv	pentest-signin-formatic.dev.onevigor.tv
4	pentest-signin.dev.edisen.com	pentest-signin-formatic.dev.onevigor.tv
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	pentest-signin-formatic.dev.onevigor.tv
31	5

This site contains no links.

Subject Issuer	Validity	Valid
*.dev.onevigor.tv Amazon RSA 2048 M03	`2024-01-29` - `2025-02-26`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pentest-signin-formatic.dev.onevigor.tv/
Frame ID: 240E06B95DA24DDA29EBEA900705A810
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Formatic | Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

1222 kB
Transfer

1633 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pentest-signin-formatic.dev.onevigor.tv/ 5 KB
2 KB 512ms
82ms Document
text/html 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

1f65008e7f37d60936057c60119eec6023f0cc2fea4401534c37bb3f6d8e583a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-store, max-age=0
content-encoding: gzip
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
content-type: text/html; charset=utf-8
date: Mon, 16 Sep 2024 10:30:52 GMT
etag: W/"153a-pkYXS70UnUjv62h0RMp8bhcm+jc"
pragma: no-cache
strict-transport-security: max-age=7776000000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 432ms
30ms Stylesheet
text/css 142.251.35.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f10.1e100.net

Software

ESF /

Resource Hash

46c9cfa873e7d765392b2636d4b8e02d2d87d59b698eb06d7927366a65fd412d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 10:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 10:01:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Sep 2024 10:30:52 GMT

GET
H2 200 bootstrap.min.css
pentest-signin-formatic.dev.onevigor.tv/assets/js/bootstrap/css/ 116 KB
20 KB 83ms
79ms Stylesheet
text/css 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/bootstrap/css/bootstrap.min.css

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

9e133a673fe0e9e9d4fee6807918de9159115ccbe03b2c3ef9b91a908c203ea1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"1d1e7-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 login.min.css
pentest-signin-formatic.dev.onevigor.tv/assets/css/ 17 KB
4 KB 244ms
241ms Stylesheet
text/css 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/css/login.min.css

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

20113431a3bd2077c20bb6d5d5aaf9dfa43ed1f603e7a871c4d27238a87acdcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"420b-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 formatic-bg1-phone.png
pentest-signin-formatic.dev.onevigor.tv/assets/img/ 157 KB
158 KB 85ms
82ms Image
image/png 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/img/formatic-bg1-phone.png

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

6ab949f49381710523ababe9ac374af2584d6e9f3724ec472d201a6ec6c3761f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
etag: W/"27293-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 160403
x-xss-protection: 1; mode=block

GET
H2 200 formatic-bg1-tablet.png
pentest-signin-formatic.dev.onevigor.tv/assets/img/ 177 KB
178 KB 198ms
196ms Image
image/png 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/img/formatic-bg1-tablet.png

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

ed677c9ac77014ee30eb14593141c6ec01342d83200e51eb8ffac3f7681e0baf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
etag: W/"2c2b8-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 180920
x-xss-protection: 1; mode=block

GET
H2 200 formatic-bg1-landscape.png
pentest-signin-formatic.dev.onevigor.tv/assets/img/ 556 KB
558 KB 81ms
76ms Image
image/png 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/img/formatic-bg1-landscape.png

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

5f93a6d0e9067792c4a3144e0e7378a2a3deae50bc7d128c0873634cfaefa92b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
etag: W/"8b0c6-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 569542
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
pentest-signin-formatic.dev.onevigor.tv/assets/js/ 171 KB
43 KB 96ms
91ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/jquery.min.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

7cd22d163d43d99a3cf3cd5562598bf3ad692353843e6145c5659cc6854f6da7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"2aa78-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 jquery.toaster.js Show response
pentest-signin-formatic.dev.onevigor.tv/assets/js/ 5 KB
2 KB 94ms
89ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/jquery.toaster.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

1207cdddab788cf47609c743cfcf50977900498be5cef816b3adb426da1281b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"1345-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 custom-toaster.js Show response
pentest-signin-formatic.dev.onevigor.tv/assets/js/custom-toaster/ 5 KB
2 KB 95ms
90ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/custom-toaster/custom-toaster.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

111c9708cb81c49769a802a3734b2109ee3ed5fa57b56ea0c4b5c6ce909b13a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"13af-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 vigor-client-auth-manager.js Show response
pentest-signin-formatic.dev.onevigor.tv/ 30 KB
31 KB 178ms
173ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/vigor-client-auth-manager.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

bccafa084bff05a3e616200c5b95795ac535be16ac0190f1d594cb7d7327ed1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"77ae-7438674ba0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 30638
x-xss-protection: 1; mode=block

GET
H2 200 new_check.js Show response
pentest-signin-formatic.dev.onevigor.tv/assets/js/ 36 KB
7 KB 231ms
227ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/new_check.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

a0e1587dc9d47a55665bd0c65ca9f28fad33cde6e65cc279003ea0faa73f142e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"8ead-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 jquery.validate.min.js Show response
pentest-signin-formatic.dev.onevigor.tv/assets/js/jquery-validation/js/ 36 KB
9 KB 229ms
225ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/jquery-validation/js/jquery.validate.min.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

ce9a54e3dac81ba87ba38edf1e0f854c09050b002a1ef5a1b50371981d2461a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"8ee4-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 select2.full.min.js Show response
pentest-signin-formatic.dev.onevigor.tv/assets/js/select2/js/ 141 KB
26 KB 231ms
227ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/select2/js/select2.full.min.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

837151d010d03151d6ee42d33aea8f3a4fcb1db4d38e632f8b910a246eaadcb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"23212-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 jquery.backstretch.min.js Show response
pentest-signin-formatic.dev.onevigor.tv/assets/js/backstretch/ 6 KB
3 KB 229ms
226ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/backstretch/jquery.backstretch.min.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

095204485c93ce0c8727ae412ebcb4daff1de871e5de0d8c35f510d6df68690b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:52 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"18e9-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 login.min.js Show response
pentest-signin-formatic.dev.onevigor.tv/assets/js/ 2 KB
1 KB 316ms
313ms Script
application/javascript 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/js/login.min.js

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

2d077b5e22300b47d98bac923dd22589ec6f5a516b327ae60529a6cc55cfa6c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:53 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
content-encoding: gzip
etag: W/"611-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 404 /
pentest-signin-formatic.dev.onevigor.tv/assets/img/ 44 B
44 B 254ms
251ms Image
application/json 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/img/

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

23b416af4fff82f160dd6001497437777fc4a439693357344bdd865bd184cbf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:53 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
x-dns-prefetch-control: off
content-length: 44
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"2c-cr9sUo/NyjOTtEk60NmioBp4F4c"
x-download-options: noopen
x-frame-options: DENY
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv/
cache-control: no-store, max-age=0
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 456ms
34ms Font
font/woff2 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pentest-signin-formatic.dev.onevigor.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 20:49:19 GMT
x-content-type-options: nosniff
age: 308494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 20:49:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 458ms
37ms Font
font/woff2 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pentest-signin-formatic.dev.onevigor.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 20:46:30 GMT
x-content-type-options: nosniff
age: 308663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 20:46:30 GMT

GET
H2 200 domains Show response
pentest-signin-formatic.dev.onevigor.tv/auth/ 294 B
1 KB 115ms
96ms XHR
application/json 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/auth/domains

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/vigor-client-auth-manager.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

4e7c4f2464483dd413e45ecf5e3647c970be416b79b8dab1b090b00d9c1e5b62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://pentest-signin-formatic.dev.onevigor.tv/
X-Requested-With: true
Authorization: Session
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Sep 2024 10:30:53 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
x-dns-prefetch-control: off
content-length: 294
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"126-PeKRVNnNKAya4np3XIGRwnqv4tE"
x-download-options: noopen
x-frame-options: DENY
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv/
cache-control: no-store, max-age=0
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization

GET
H2 200 formatic1.png
pentest-signin-formatic.dev.onevigor.tv/assets/img/ 134 KB
134 KB 86ms
82ms Image
image/png 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/assets/img/formatic1.png

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

a2d14de72c70275b5193758ba982fea0b883da4db46f69a7c9144271d4f85525

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:53 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
etag: W/"2163c-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 136764
x-xss-protection: 1; mode=block

GET
H2 401 cookie Show response
pentest-signin.dev.edisen.com/session/ 123 B
1 KB 265ms
234ms XHR
application/json 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin.dev.edisen.com/session/cookie

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/vigor-client-auth-manager.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

195b9d0e040f0ba6a2fc5f61f3cb6f425a0be0cc1826151d987b80b9c5d19524

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://pentest-signin-formatic.dev.onevigor.tv/
X-Requested-With: true
Authorization: Session
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Sep 2024 10:30:54 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
x-dns-prefetch-control: off
content-length: 123
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"7b-a0DFUXKT30l+3lGpgdfGOpFWVqw"
x-download-options: noopen
x-frame-options: DENY
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
cache-control: no-store, max-age=0
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization

GET
H2 401 cookie Show response
pentest-signin.dev.onevigor.tv/session/ 123 B
1 KB 313ms
259ms XHR
application/json 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin.dev.onevigor.tv/session/cookie

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/vigor-client-auth-manager.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

1ece27709dc6940c2a35be3e8030b6f7bac98d9d4a5ca0c9b416e55972375f61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://pentest-signin-formatic.dev.onevigor.tv/
X-Requested-With: true
Authorization: Session
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Sep 2024 10:30:54 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
x-dns-prefetch-control: off
content-length: 123
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"7b-nl/ZkJFYz0fwDEJBU/qNMAXHh8s"
x-download-options: noopen
x-frame-options: DENY
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
cache-control: no-store, max-age=0
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization

OPTIONS
H2 200 cookie
pentest-signin.dev.edisen.com/session/ 0
0 879ms
407ms Preflight
application/json 18.236.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin.dev.edisen.com/session/cookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.236.33.55 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-236-33-55.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-requested-with
Access-Control-Request-Method: GET
Origin: https://pentest-signin-formatic.dev.onevigor.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
content-length: 99
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
content-type: application/json; charset=utf-8
date: Mon, 16 Sep 2024 10:30:53 GMT
etag: W/"63-AlRukMHGfESGl9yJSOHStcMPxVE"
strict-transport-security: max-age=7776000000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 cookie
pentest-signin.dev.onevigor.tv/session/ 0
0 829ms
80ms Preflight
application/json 18.236.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin.dev.onevigor.tv/session/cookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.236.33.55 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-236-33-55.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-requested-with
Access-Control-Request-Method: GET
Origin: https://pentest-signin-formatic.dev.onevigor.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
content-length: 99
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
content-type: application/json; charset=utf-8
date: Mon, 16 Sep 2024 10:30:54 GMT
etag: W/"63-8AgKUdPRMarQoAJCbrzIQk/2DsQ"
strict-transport-security: max-age=7776000000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 favicon.png
pentest-signin-formatic.dev.onevigor.tv/img/ 510 B
1 KB 246ms
18ms Other
image/png 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/img/favicon.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

a5923e990f6cfa636269a5c6e0274a94d1ec5adea36c95ab466172b2e28ee4dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentest-signin-formatic.dev.onevigor.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 10:30:53 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
last-modified: Thu, 08 Aug 2024 22:51:58 GMT
etag: W/"1fe-191343116b0"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 510
x-xss-protection: 1; mode=block

POST
H2 200 local Show response
pentest-signin.dev.edisen.com/auth/ 36 B
964 B 92ms
86ms XHR
application/json 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin.dev.edisen.com/auth/local

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/vigor-client-auth-manager.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

ce0516b3b07f7595b30dcb3fe7ab0cdcf3e09e6e29741dd1d98d9fe4ff76b379

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://pentest-signin-formatic.dev.onevigor.tv/
X-Requested-With: true
Authorization: Session
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Sep 2024 10:30:54 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
x-dns-prefetch-control: off
content-length: 36
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"24-PP5Oiy+lJFSNJ0KreDtm9KTU7js"
x-download-options: noopen
x-frame-options: DENY
vary: X-HTTP-Method-Override, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
cache-control: no-store, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization

POST
H2 200 local Show response
pentest-signin.dev.onevigor.tv/auth/ 36 B
964 B 90ms
84ms XHR
application/json 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin.dev.onevigor.tv/auth/local

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/vigor-client-auth-manager.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

ce0516b3b07f7595b30dcb3fe7ab0cdcf3e09e6e29741dd1d98d9fe4ff76b379

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://pentest-signin-formatic.dev.onevigor.tv/
X-Requested-With: true
Authorization: Session
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Sep 2024 10:30:54 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
x-dns-prefetch-control: off
content-length: 36
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"24-PP5Oiy+lJFSNJ0KreDtm9KTU7js"
x-download-options: noopen
x-frame-options: DENY
vary: X-HTTP-Method-Override, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
cache-control: no-store, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization

OPTIONS
H2 200 local
pentest-signin.dev.edisen.com/auth/ 0
0 97ms
93ms Preflight
application/json 18.236.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin.dev.edisen.com/auth/local

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.236.33.55 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-236-33-55.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://pentest-signin-formatic.dev.onevigor.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
content-length: 99
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
content-type: application/json; charset=utf-8
date: Mon, 16 Sep 2024 10:30:54 GMT
etag: W/"63-23AJC6t4n0eX2zIKfKfXrr2TTg8"
strict-transport-security: max-age=7776000000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 local
pentest-signin.dev.onevigor.tv/auth/ 0
0 98ms
94ms Preflight
application/json 18.236.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin.dev.onevigor.tv/auth/local

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.236.33.55 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-236-33-55.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://pentest-signin-formatic.dev.onevigor.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
content-length: 99
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
content-type: application/json; charset=utf-8
date: Mon, 16 Sep 2024 10:30:54 GMT
etag: W/"63-KGOYXYOxgEGv4JzKeRKAAM0wdp4"
strict-transport-security: max-age=7776000000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 local Show response
pentest-signin-formatic.dev.onevigor.tv/auth/ 36 B
964 B 90ms
79ms XHR
application/json 35.85.149.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentest-signin-formatic.dev.onevigor.tv/auth/local

Requested by

Host: pentest-signin-formatic.dev.onevigor.tv
URL: https://pentest-signin-formatic.dev.onevigor.tv/assets/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.149.253 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-149-253.us-west-2.compute.amazonaws.com

Software

Resource Hash

ce0516b3b07f7595b30dcb3fe7ab0cdcf3e09e6e29741dd1d98d9fe4ff76b379

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://pentest-signin-formatic.dev.onevigor.tv/
X-Requested-With: true
Authorization: Session
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Sep 2024 10:30:54 GMT
strict-transport-security: max-age=7776000000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.google.com *.gstatic.com; script-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.jquery.com *.google.com *.gstatic.com; style-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us 'unsafe-inline' *.googleapis.com *.typekit.net; font-src 'self' *.edisen.com *.vigorsystemsinc.com *.onevigor.tv *.onevigor.us *.gstatic.com *.typekit.net
x-dns-prefetch-control: off
content-length: 36
x-xss-protection: 1; mode=block
pragma: no-cache
etag: W/"24-PP5Oiy+lJFSNJ0KreDtm9KTU7js"
x-download-options: noopen
x-frame-options: DENY
vary: X-HTTP-Method-Override, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pentest-signin-formatic.dev.onevigor.tv
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
cache-control: no-store, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Accept, Accept-Version, Content-Length, Content-Type, Authorization

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pentest-signin-formatic.dev.onevigor.tv/assets/img/ Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://pentest-signin-formatic.dev.onevigor.tv/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://pentest-signin.dev.edisen.com/session/cookie Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://pentest-signin.dev.onevigor.tv/session/cookie Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .google.com .gstatic.com; script-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .jquery.com .google.com .gstatic.com; style-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us 'unsafe-inline' .googleapis.com .typekit.net; font-src 'self' .edisen.com .vigorsystemsinc.com .onevigor.tv .onevigor.us .gstatic.com *.typekit.net
Strict-Transport-Security	max-age=7776000000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pentest-signin-formatic.dev.onevigor.tv
pentest-signin.dev.edisen.com
pentest-signin.dev.onevigor.tv
142.251.35.170
142.251.40.227
18.236.33.55
35.85.149.253
095204485c93ce0c8727ae412ebcb4daff1de871e5de0d8c35f510d6df68690b
111c9708cb81c49769a802a3734b2109ee3ed5fa57b56ea0c4b5c6ce909b13a5
1207cdddab788cf47609c743cfcf50977900498be5cef816b3adb426da1281b8
195b9d0e040f0ba6a2fc5f61f3cb6f425a0be0cc1826151d987b80b9c5d19524
1ece27709dc6940c2a35be3e8030b6f7bac98d9d4a5ca0c9b416e55972375f61
1f65008e7f37d60936057c60119eec6023f0cc2fea4401534c37bb3f6d8e583a
20113431a3bd2077c20bb6d5d5aaf9dfa43ed1f603e7a871c4d27238a87acdcd
23b416af4fff82f160dd6001497437777fc4a439693357344bdd865bd184cbf2
2d077b5e22300b47d98bac923dd22589ec6f5a516b327ae60529a6cc55cfa6c7
46c9cfa873e7d765392b2636d4b8e02d2d87d59b698eb06d7927366a65fd412d
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e7c4f2464483dd413e45ecf5e3647c970be416b79b8dab1b090b00d9c1e5b62
5f93a6d0e9067792c4a3144e0e7378a2a3deae50bc7d128c0873634cfaefa92b
6ab949f49381710523ababe9ac374af2584d6e9f3724ec472d201a6ec6c3761f
7cd22d163d43d99a3cf3cd5562598bf3ad692353843e6145c5659cc6854f6da7
837151d010d03151d6ee42d33aea8f3a4fcb1db4d38e632f8b910a246eaadcb7
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9e133a673fe0e9e9d4fee6807918de9159115ccbe03b2c3ef9b91a908c203ea1
a0e1587dc9d47a55665bd0c65ca9f28fad33cde6e65cc279003ea0faa73f142e
a2d14de72c70275b5193758ba982fea0b883da4db46f69a7c9144271d4f85525
a5923e990f6cfa636269a5c6e0274a94d1ec5adea36c95ab466172b2e28ee4dc
bccafa084bff05a3e616200c5b95795ac535be16ac0190f1d594cb7d7327ed1f
ce0516b3b07f7595b30dcb3fe7ab0cdcf3e09e6e29741dd1d98d9fe4ff76b379
ce9a54e3dac81ba87ba38edf1e0f854c09050b002a1ef5a1b50371981d2461a6
ed677c9ac77014ee30eb14593141c6ec01342d83200e51eb8ffac3f7681e0baf

pentest-signin-formatic.dev.onevigor.tv Open in urlscan Pro 35.85.149.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

1222 kBTransfer

1633 kBSize

0 Cookies

0 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pentest-signin-formatic.dev.onevigor.tv Open in urlscan Pro
35.85.149.253 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

1222 kB
Transfer

1633 kB
Size

0
Cookies

31 HTTP transactions
0 data transactions