pentesting.staging.studentapps.io Open in urlscan Pro
108.139.29.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pentesting.staging.studentapps.io/
Submission: On March 21 via api (March 21st 2024, 12:40:37 pm UTC) from US — Scanned from US

Summary HTTP 28 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 28 HTTP transactions. The main IP is 108.139.29.79, located in United States and belongs to AMAZON-02, US. The main domain is pentesting.staging.studentapps.io.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 19th 2024. Valid for: a year.

This is the only time pentesting.staging.studentapps.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	108.139.29.79 108.139.29.79	16509 (AMAZON-02) (AMAZON-02)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
28	2

26 108.139.29.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-79.jfk50.r.cloudfront.net

pentesting.staging.studentapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1071382.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	studentapps.io pentesting.staging.studentapps.io	1 MB
2	sentry.io o1071382.ingest.sentry.io	397 B
28	2

	Domain	Requested by
26	pentesting.staging.studentapps.io	pentesting.staging.studentapps.io
2	o1071382.ingest.sentry.io	pentesting.staging.studentapps.io
28	2

This site contains links to these domains. Also see Links.

Domain
www.robotsandpencils.com

Subject Issuer	Validity	Valid
pentesting.staging.studentapps.io Amazon RSA 2048 M03	`2024-03-19` - `2025-04-17`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pentesting.staging.studentapps.io/
Frame ID: E6CACADE18F6422ADECB45304C0FB841
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Student Apps Pen Testing

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1448 kB
Transfer

1411 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.robotsandpencils.com/#contact
Title: Help & Support

Search URL Search Domain Scan URL

URL: https://www.robotsandpencils.com/student-apps/privacy
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pentesting.staging.studentapps.io/ 2 KB
3 KB 586ms
366ms Document
text/html 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

22a029f011af1d1b0d4e8ae368ac2c040c4d013dadf25280ae6c882eb0f886f7

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 1903
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 12:40:32 GMT
etag: "3864e53f172987cdcba96767529e60ff"
last-modified: Tue, 19 Mar 2024 19:25:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
x-amz-cf-id: 2qIHXNisG2KZasUwGVjJKYeoSe5NvbGgULInuKb6TFma54Sj2JyYjg==
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: 6VKPV7qox8uTvdLlJEsVijU80UlV2uKf
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 lato.css
pentesting.staging.studentapps.io/shared/fonts/ 2 KB
3 KB 389ms
388ms Stylesheet
text/css 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/shared/fonts/lato.css

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5cff4609bc3354ab7695470e468e012a0d00bab14dce42e934be179c82fd0d74

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pentesting.staging.studentapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: gESN.75qqNq6pitGZaAPg4RqE_4UezfC
date: Thu, 21 Mar 2024 12:40:32 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2043
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:02 GMT
server: AmazonS3
etag: "9c1d4a44a0c8415e2236d7e3aeb96ac8"
x-frame-options: DENY
vary: Origin
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-amz-cf-id: T7_JN0bj_Z1Wb5wqsYXizgxs4_rW9rPn3-NaIIpiWyCqFXVHY6PMLQ==

GET
H2 200 theme.css
pentesting.staging.studentapps.io/theme/styles/ 7 KB
9 KB 391ms
390ms Stylesheet
text/css 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/theme/styles/theme.css

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f9659e177946ef96bf44e9c78932da4c1b64b5e7921a7bb9e4e010eef1ee6469

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pentesting.staging.studentapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: jIcQKpu5ur6b2nRzLz30LJz81.NBcL5B
date: Thu, 21 Mar 2024 12:40:32 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 7454
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:01 GMT
server: AmazonS3
etag: "f750ec155c78091f658e205c6bdff81f"
x-frame-options: DENY
vary: Origin
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-amz-cf-id: qKYV2L6O5oeB4X4rrb8jYNfboH_ZsEcF7ZOx-HL_NNYPFLhCm7-kXg==

GET
H2 200 index.74fb9b12.js Show response
pentesting.staging.studentapps.io/assets/ 1 MB
1 MB 328ms
327ms Script
application/javascript 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2ca534c9cabcb671bcf3b901bcdf0608adb856386f6c311077a8ac85e9752091

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
Origin: https://pentesting.staging.studentapps.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: MdT44nQ_sLAGJPcLGeqFIaW5el15K.e0
date: Thu, 21 Mar 2024 12:40:32 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1255561
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:02 GMT
server: AmazonS3
etag: "ef914100c2329e979f76fef5000ce334"
x-frame-options: DENY
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://pentesting.staging.studentapps.io
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: kdE5lWSQkTNV6peuaZHQIQS6z2dIyQis7nm0vlGjOw8ZJDEXlGQT4w==

GET
H2 200 index.1a924683.css
pentesting.staging.studentapps.io/assets/ 25 KB
27 KB 483ms
482ms Stylesheet
text/css 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/assets/index.1a924683.css

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dbb4f51794a1d394d0f9197acb73d01befa17bca662ca87930a26373d178f1b2

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pentesting.staging.studentapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Bi.cI0VZnKjXsqlQns2KoY72WdZPsZnI
date: Thu, 21 Mar 2024 12:40:32 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 26047
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:04 GMT
server: AmazonS3
etag: "3b62fb25865fd1aa4855b78b54912eb0"
x-frame-options: DENY
vary: Origin
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-amz-cf-id: y6MFVy9eXLk3OK1BUXsdY5d6nbrg3xRUB8GEYXWepzWbVsnYQ2dVuA==

GET
H2 200 lato-400-latin.woff2
pentesting.staging.studentapps.io/shared/fonts/ 23 KB
24 KB 334ms
334ms Font
font/woff2 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/shared/fonts/lato-400-latin.woff2

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/shared/fonts/lato.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/shared/fonts/lato.css
Origin: https://pentesting.staging.studentapps.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: cZeUaqi_CB1GxRJXy.T252s5CnPN1brA
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 23580
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:02 GMT
server: AmazonS3
etag: "e1b3b5908c9cf23dfb2b9c52b9a023ab"
x-frame-options: DENY
vary: Origin
content-type: font/woff2
access-control-allow-origin: https://pentesting.staging.studentapps.io
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: e1iXs3DCCy6FFjPMv7b2wtXGFEFs89T8dvg1InXEYTMZZKz_fVVqlQ==

POST
H2 200 / Show response
o1071382.ingest.sentry.io/api/6071319/envelope/ 2 B
299 B 124ms
44ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1071382.ingest.sentry.io/api/6071319/envelope/?sentry_key=76386782312b4e4a8d15eea831054a34&sentry_version=7&sentry_client=sentry.javascript.react%2F7.86.0

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 12:40:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 announcementDetails.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 300 B
2 KB 344ms
343ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/announcementDetails.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

955db2ce43ec59d30c0ab86dca82b8eb4db38bb808e8c8677657ec0176c46190

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-92b218f317307582-1

Response headers

x-amz-version-id: SqtA8lux2XTeRmzUwO2uf43BJyoTRLbw
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 300
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:24:59 GMT
server: AmazonS3
etag: "8ed1126f06bed39c879b591b2beb6f91"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: bkYWkYgdIAUqGRCPix78WMeqBoR7s9a871RoS8q2Zu0nmeOiPOh9gg==

GET
H2 200 announcements.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 352 B
2 KB 351ms
351ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/announcements.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

65ea403e02a6ff57a6962e07e44317fbdd8474b3de0a5a005d237f633b3b046b

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-93167aad2b1a533f-1

Response headers

x-amz-version-id: z3TtjGc1Fagc87six6cLf3PvT4rMtFlp
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 352
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:03 GMT
server: AmazonS3
etag: "180c767bfab9cb86526a0dd463412e63"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: -q0JlZmCC7elF9GJ-Zf0bYbUCMdkGKXN0pj7iUHk4m81GggsQ2vDpg==

GET
H2 200 common.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 3 KB
4 KB 315ms
314ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/common.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6510541595e4dbecaaa41a2cc8c11b06512b36e5cbd98711bd62a60e1e7c135b

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-a4297639b6e5da8c-1

Response headers

x-amz-version-id: rdfL1qGfhDHE2LWNfcQVjYiKbkRaSKqs
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2678
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:01 GMT
server: AmazonS3
etag: "d4e9684cf31ae3db03313a5ebe6520df"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: 3joKSpCPmozTAdi-umXKNKVAz59Mkj7kj7mdzYbUW3aWIafxG1qJTQ==

GET
H2 200 contacts.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 271 B
2 KB 324ms
324ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/contacts.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c74e13c4aaef20ad78fa423cd39c8985fc03dab14346fff6533244ea60020ca1

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-bda618be7a8fe3e6-1

Response headers

x-amz-version-id: PTpUJhvR4I3McziUjW07e.N7OI_kSU8w
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 271
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:00 GMT
server: AmazonS3
etag: "46ead6684c4a75d10178b3f3d2fdf3ae"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: kH5Gj3MaAlawI9Vao4QSvDpzNrfyQqz5jBEiv8UysMLZUSs3OnBMiA==

GET
H2 200 courseDetails.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 191 B
2 KB 316ms
316ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/courseDetails.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8ffb01d20a384b90ccfbb76ff2d2ab2ad269fcfd000bce48ba1484cb84ca2d55

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-824ded46e18d27b2-1

Response headers

x-amz-version-id: GIxWqqzfO3Zpwu0mU_l9xDB324bOsIFI
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 191
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:03 GMT
server: AmazonS3
etag: "c85a0dc36a1f8b84361978c5829ffab8"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: TKNar3zWKiu1C8nMqH0IbI5waixHHKHoYDHIKlRpvMngOUv19Ue0dg==

GET
H2 200 courses.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 677 B
2 KB 328ms
328ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/courses.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b586704b2ec4e343b7b5eeeb612a28a3f7ac90ccead7aacb4594b0ae53d823c8

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-8b8550551a92f570-1

Response headers

x-amz-version-id: hvnNZDKScHg2UP6jXdFI5J8zSZiyuEmf
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 677
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:01 GMT
server: AmazonS3
etag: "4881c6d507defc6c791a92abdfcb6339"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: 9wTetDiIrHVa4xDIYKy3wB4T6DK5QpMp3P_gpL2sa3XSxSnS88DPEw==

GET
H2 200 home.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 1 KB
3 KB 330ms
330ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/home.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e6e2748db793337ee8c6fdee7dcfe258459bbda32f62ea382f533fc173601364

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-a5de4f036ac1ea31-1

Response headers

x-amz-version-id: mk687kiuNRYcyMBd1NVFxJbo.1V6.wyQ
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1511
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:03 GMT
server: AmazonS3
etag: "8e9bd4bb75bc92a324bb2f01fbf2c994"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: dn1vexsTZi3WrcdYIJ3p4Tgr2ED43pHH4a3Wlj7GeMU1sllj1qhiBQ==

GET
H2 200 login.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 705 B
2 KB 345ms
345ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/login.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fabbaedfc35bfaa6fb5918e6e59e96a9500d47a5f94afa0ff356990c4b0303c8

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-869a7ef7698cbe4f-1

Response headers

x-amz-version-id: ZwaAMC9qZiOU7iV3kLPfDYnlfEzjhGpH
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 705
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:03 GMT
server: AmazonS3
etag: "b6366ec0623f68401d63f21e5fb59d1d"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: AWySHi0D250yZt0BHbh1yPXtWax_jLgOUv5bVOP6RC8ZZnfl5LaC-A==

GET
H2 200 more.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 191 B
2 KB 339ms
339ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/more.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d9884965801c744b6ff8c0ebf417df3bbe4848ef50f3bf21896ff642ad87c8aa

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-bf7e9d253097035c-1

Response headers

x-amz-version-id: mKmNoTADjORFt7bRpVLtZNhmVlZJBDwS
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 191
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:04 GMT
server: AmazonS3
etag: "9e9a6e173d7fa0b5f8237123113f6ddb"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: EGZF7X2GoagVhioYys5jx6r7YHjUpqTaurNHeHBQ0K2OFYH0Iq9nww==

GET
H2 200 slack.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 101 B
1 KB 335ms
335ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/slack.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

24dee9c34907469a03a9a3da1ee3938cbf66a560f4cbd4529dd242c75652b599

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-97d231bfd5c113ab-1

Response headers

x-amz-version-id: Sb5QA4.tShNm3FOakwOnuSiKuJSO9Z68
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 101
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:03 GMT
server: AmazonS3
etag: "1f29fb4521f0a0f14a8255ae89fd9e51"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: hsd-NdDv_XZY_GQJL_KCTwL0QqJuN063ZkVsb-YplCX3kxwGUeCbBQ==

GET
H2 200 toDoDetails.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 139 B
1 KB 322ms
322ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/toDoDetails.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5767c231d63cc152772924f6275a323514269438624ccd988fd6b13619d450ba

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-8c72034457a87a2b-1

Response headers

x-amz-version-id: UUfeCN.I01aaIMLDvSokLNg.whGeMMat
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 139
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:05 GMT
server: AmazonS3
etag: "0a77d979902ea1d5aff22871454b9454"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: lV4dVfjESufmPquraKfv1NXV76MthFePkz5uLDqddpc_TXA1WHy9xg==

GET
H2 200 toDos.json Show response
pentesting.staging.studentapps.io/translations/en-US/ 981 B
2 KB 333ms
333ms Fetch
application/json 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/translations/en-US/toDos.json

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c819bc8e7c6450bdc6d0475ef7867dc2355e1c45cc8755885140b582d8dde13b

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=refs%2Ftags%2Fv1.2.4-dcd38dc,sentry-public_key=76386782312b4e4a8d15eea831054a34,sentry-trace_id=db28b1e068e24bafbf4e4cf34cab3105,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace: db28b1e068e24bafbf4e4cf34cab3105-a2610ff4fd3abae8-1

Response headers

x-amz-version-id: I6FCcOdkrKO34cEMNKHYvAT_.aS2cxKv
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 981
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:01 GMT
server: AmazonS3
etag: "bd52d88d0d21df82dd74cb1b66b31064"
x-frame-options: DENY
vary: Origin
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: I9H80G-hVnJ1xbGzVrDsIIZc3MkGZ9BkuUTCbxPKKRwZnLz2sgPUPg==

GET
H2 200 index.d50c8255.js Show response
pentesting.staging.studentapps.io/assets/ 3 KB
5 KB 327ms
326ms Script
application/javascript 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/assets/index.d50c8255.js

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b1843f1784572aa2c9bc0b1e1dc4c7e2060ed4d7a6b994ca8782971063f390f6

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://pentesting.staging.studentapps.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: qOFP6bYeL65mGesNsNEQg9sxQFvDBoBS
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 3331
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:00 GMT
server: AmazonS3
etag: "7dcc677b859cad05c40b26dbe2d069f4"
x-frame-options: DENY
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://pentesting.staging.studentapps.io
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: xry0rhZWhEt926-oLXVeBxKA3guMrsEsqbL9LqIGUgcmSGR5b-nRLw==

GET
H2 200 index.1ada6b41.css
pentesting.staging.studentapps.io/assets/ 2 KB
3 KB 348ms
347ms Stylesheet
text/css 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/assets/index.1ada6b41.css

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7a6a8b12a34117dec8eb063003fb6d95de9ee96ff291b54b3c2a29dcc164b8b8

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pentesting.staging.studentapps.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: DrUBR8nXUVXb1uGutXRBnsOc_VSOzZZq
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1698
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:03 GMT
server: AmazonS3
etag: "cc6780a6c743c4477a4c70d7cef249cd"
x-frame-options: DENY
vary: Origin
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-amz-cf-id: W8uISXifbBUCuf-x7P6QYjupmymLsif10lBC0a9fPu4HWXOElcQDbg==

GET
H2 200 Modal.c6243718.js Show response
pentesting.staging.studentapps.io/assets/ 1 KB
3 KB 309ms
308ms Script
application/javascript 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/assets/Modal.c6243718.js

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b5afa3b9cdeac54f8977ad2b83a8c44ac6da6ac7eaad4fd6fbb131016e43c19a

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://pentesting.staging.studentapps.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: h4ezkBHw.wAR2teGS_QQppcN9GX5Ibqp
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1514
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:04 GMT
server: AmazonS3
etag: "0766546bfa265c1b78ee8550839504c4"
x-frame-options: DENY
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://pentesting.staging.studentapps.io
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: eU7fFe4r1QrfuGj2eaQtLAqZSJE4X832qW1GQrWHR5YtIdbqv1HHFw==

GET
H2 200 Modal.7a74bab4.css
pentesting.staging.studentapps.io/assets/ 1 KB
2 KB 330ms
330ms Stylesheet
text/css 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/assets/Modal.7a74bab4.css

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

be5b4c18722f0aa274f80f42658539dbd699635950dc6b9843e4d7545c292ad0

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pentesting.staging.studentapps.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: mEPqv6V8.1b8NLUoVj2LrthdhXgbWxk4
date: Thu, 21 Mar 2024 12:40:33 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1109
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:01 GMT
server: AmazonS3
etag: "402176752a3bb32135db7745cb2bca3d"
x-frame-options: DENY
vary: Origin
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-amz-cf-id: uFQvXLgcQv-NRgHspGTzbuA7BoucUlBoPxS3Yu173e70IpBCs18LCw==

GET
H2 200 light.svg
pentesting.staging.studentapps.io/theme/assets/logos/login/ 23 KB
24 KB 324ms
323ms Image
image/svg+xml 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentesting.staging.studentapps.io/theme/assets/logos/login/light.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4cf3c616c371395fc4a489207eb8305fbbb7bd66e99e64fc25950ca879d785c7

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pentesting.staging.studentapps.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: TD1Oh7g7Oex95Cnzx.XcXMYp48GBvLRn
date: Thu, 21 Mar 2024 12:40:34 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 23133
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:01 GMT
server: AmazonS3
etag: "4d64c7b6e4c2d202f42cf31302f7db66"
x-frame-options: DENY
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: LFwXUfSNGDXnRiKFzrxs0pi811zP7iETWLFl5QbfSlGSD3vapJz2ZA==

GET
H2 200 light.svg
pentesting.staging.studentapps.io/theme/assets/illustrations/login/ 43 KB
44 KB 335ms
335ms Image
image/svg+xml 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pentesting.staging.studentapps.io/theme/assets/illustrations/login/light.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ab0c2b929bf04653757bf96cf6b9f50ce254a2752b483d7ffd99cdd158b87ad

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pentesting.staging.studentapps.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: fuuxlF7qHvGzqy5I0_E7x8r.wdP9KJwr
date: Thu, 21 Mar 2024 12:40:34 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 43768
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:02 GMT
server: AmazonS3
etag: "a54419791f841a6d6980f664f16b9915"
x-frame-options: DENY
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 1k8l8NpmO6PJNQvnhN0KOSOlEY60aS8Bs7qhfJj_-k63gjUd2GWzyQ==

GET
H2 200 lato-900-latin.woff2
pentesting.staging.studentapps.io/shared/fonts/ 22 KB
23 KB 340ms
339ms Font
font/woff2 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/shared/fonts/lato-900-latin.woff2

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/shared/fonts/lato.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/shared/fonts/lato.css
Origin: https://pentesting.staging.studentapps.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: yqacIYEaJfdk62oKCe7MvkYAVFlSjBp.
date: Thu, 21 Mar 2024 12:40:34 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 22504
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:04 GMT
server: AmazonS3
etag: "1c6c65523675abc6fcd78e804325bd77"
x-frame-options: DENY
vary: Origin
content-type: font/woff2
access-control-allow-origin: https://pentesting.staging.studentapps.io
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: 6WXRuUNagVPVuPhRzghjnlfT8dE136nTB-Dq3ViBpqKQyV4p00991w==

GET
H2 200 lato-700-latin.woff2
pentesting.staging.studentapps.io/shared/fonts/ 23 KB
24 KB 332ms
331ms Font
font/woff2 108.139.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pentesting.staging.studentapps.io/shared/fonts/lato-700-latin.woff2

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/shared/fonts/lato.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-79.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pentesting.staging.studentapps.io/shared/fonts/lato.css
Origin: https://pentesting.staging.studentapps.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: JVsxPJ8ICrbC_p4uQP9sJAyzd1GcZaiD
date: Thu, 21 Mar 2024 12:40:34 GMT
via: 1.1 cc4ee60e87dead01c9e2d4b985af043e.cloudfront.net (CloudFront)
content-security-policy: frame-src *.auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src *.rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io *.sentry.io *.auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' *.salesforce.com *.force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 23040
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Mar 2024 19:25:01 GMT
server: AmazonS3
etag: "de69cf9e514df447d1b0bb16f49d2457"
x-frame-options: DENY
vary: Origin
content-type: font/woff2
access-control-allow-origin: https://pentesting.staging.studentapps.io
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: u73Px_IDvfTANQOUAva9CHHK8jepk8m48ZQ-XpeEO64TzqU-cO_X_g==

POST
H2 200 / Show response
o1071382.ingest.sentry.io/api/6071319/envelope/ 41 B
98 B 79ms
78ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1071382.ingest.sentry.io/api/6071319/envelope/?sentry_key=76386782312b4e4a8d15eea831054a34&sentry_version=7&sentry_client=sentry.javascript.react%2F7.86.0

Requested by

Host: pentesting.staging.studentapps.io
URL: https://pentesting.staging.studentapps.io/assets/index.74fb9b12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d766bd55dc7656a757a9394e70ff0929e1b881d09b434f0edcfd3174c9ee8791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pentesting.staging.studentapps.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 12:40:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| exports object| global object| process object| __SENTRY__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src .auth0.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; connect-src .rnp.io main-api.staging.studentapps.io pentesting.staging.studentapps.io .sentry.io .auth0.com api-js.mixpanel.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; worker-src blob:; manifest-src 'self'; base-uri 'self'; frame-ancestors 'none'; default-src 'self'; img-src 'self' .salesforce.com .force.com https://pentesting-staging.auth.us-west-2.amazoncognito.com https://cognito-idp.us-west-2.amazonaws.com/ https://pentesting-staging.auth.us-west-2.amazoncognito.com; script-src 'self' 'sha256-jNm5lN2NcccqGttPUeKzQAGgXWRl2wG7Ze6ASL2Gfbo=' 'sha256-fWEffNYGDN+XQ+YrsU/LKDZAnOcnSlra1fOIm+7oskM=' ; style-src 'self'; font-src 'self'; object-src 'none'; form-action 'self'; navigate-to 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

o1071382.ingest.sentry.io
pentesting.staging.studentapps.io
108.139.29.79
34.120.195.249
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
22a029f011af1d1b0d4e8ae368ac2c040c4d013dadf25280ae6c882eb0f886f7
24dee9c34907469a03a9a3da1ee3938cbf66a560f4cbd4529dd242c75652b599
2ca534c9cabcb671bcf3b901bcdf0608adb856386f6c311077a8ac85e9752091
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cf3c616c371395fc4a489207eb8305fbbb7bd66e99e64fc25950ca879d785c7
5767c231d63cc152772924f6275a323514269438624ccd988fd6b13619d450ba
5cff4609bc3354ab7695470e468e012a0d00bab14dce42e934be179c82fd0d74
6510541595e4dbecaaa41a2cc8c11b06512b36e5cbd98711bd62a60e1e7c135b
65ea403e02a6ff57a6962e07e44317fbdd8474b3de0a5a005d237f633b3b046b
7a6a8b12a34117dec8eb063003fb6d95de9ee96ff291b54b3c2a29dcc164b8b8
7ab0c2b929bf04653757bf96cf6b9f50ce254a2752b483d7ffd99cdd158b87ad
8ffb01d20a384b90ccfbb76ff2d2ab2ad269fcfd000bce48ba1484cb84ca2d55
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
955db2ce43ec59d30c0ab86dca82b8eb4db38bb808e8c8677657ec0176c46190
b1843f1784572aa2c9bc0b1e1dc4c7e2060ed4d7a6b994ca8782971063f390f6
b586704b2ec4e343b7b5eeeb612a28a3f7ac90ccead7aacb4594b0ae53d823c8
b5afa3b9cdeac54f8977ad2b83a8c44ac6da6ac7eaad4fd6fbb131016e43c19a
be5b4c18722f0aa274f80f42658539dbd699635950dc6b9843e4d7545c292ad0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c74e13c4aaef20ad78fa423cd39c8985fc03dab14346fff6533244ea60020ca1
c819bc8e7c6450bdc6d0475ef7867dc2355e1c45cc8755885140b582d8dde13b
d766bd55dc7656a757a9394e70ff0929e1b881d09b434f0edcfd3174c9ee8791
d9884965801c744b6ff8c0ebf417df3bbe4848ef50f3bf21896ff642ad87c8aa
dbb4f51794a1d394d0f9197acb73d01befa17bca662ca87930a26373d178f1b2
e6e2748db793337ee8c6fdee7dcfe258459bbda32f62ea382f533fc173601364
f9659e177946ef96bf44e9c78932da4c1b64b5e7921a7bb9e4e010eef1ee6469
fabbaedfc35bfaa6fb5918e6e59e96a9500d47a5f94afa0ff356990c4b0303c8

pentesting.staging.studentapps.io Open in urlscan Pro 108.139.29.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1448 kBTransfer

1411 kBSize

0 Cookies

2 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Security Headers

pentesting.staging.studentapps.io Open in urlscan Pro
108.139.29.79 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1448 kB
Transfer

1411 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions