urlscan.io logo urlscan.io
SecurityTrails logo

www.coalfire.com Open in urlscan Pro
18.189.126.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www2.coalfire.com/e/21732/ll-PenRisk-Rpt2023-Email1-0923/7nlthc/2013739828?h=HzMbo7fQhmXH2GE4fo0xKr6wkqniVyp8BbN84...
Effective URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk...
Submission: On September 12 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 25 domains to perform 116 HTTP transactions. The main IP is 18.189.126.226, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.coalfire.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 28th 2023. Valid for: a year.
This is the only time www.coalfire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 3.92.120.28 14618 (AMAZON-AES)
50 18.189.126.226 16509 (AMAZON-02)
15 2600:1901:0:5... 15169 (GOOGLE)
4 152.195.15.58 15133 (EDGECAST)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2600:1901:0:c... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
2 2600:1901:0:1... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 34.95.108.180 396982 (GOOGLE-CL...)
3 3 2a00:1450:400... 15169 (GOOGLE)
4 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 146.75.116.157 54113 (FASTLY)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
2 3 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:26d... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 18.165.183.34 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:211... 16509 (AMAZON-02)
3 4 3.94.248.42 14618 (AMAZON-AES)
2 2 52.211.144.29 16509 (AMAZON-02)
1 1 18.203.57.57 16509 (AMAZON-02)
1 98.98.134.241 21859 (ZEN-ECN)
1 34.194.101.237 14618 (AMAZON-AES)
116 28
4    3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com
www2.coalfire.com
pi.pardot.com
50    18.189.126.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-126-226.us-east-2.compute.amazonaws.com
www.coalfire.com
15    2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
app.usercentrics.eu
4    152.195.15.58 (United States)

ASN15133 (EDGECAST, US)
cdn.bizible.com
cdn.bizibly.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.usercentrics.eu
2    2600:1901:0:7903:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
graphql.usercentrics.eu
2    2600:1901:0:1e38:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
consent-api.service.consent.usercentrics.eu
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com
uct.service.usercentrics.eu
3    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
collect.coalfire.com
1    2600:9000:26db:e000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    18.165.183.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-34.zrh55.r.cloudfront.net
js.zi-scripts.com
2    2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
1    2600:9000:211e:7000:4:8491:f2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.clickagy.com
4    3.94.248.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-248-42.compute-1.amazonaws.com
aorta.clickagy.com
2    52.211.144.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-144-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.203.57.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-57-57.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
1    34.194.101.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-101-237.compute-1.amazonaws.com
hemsync.clickagy.com
Apex Domain
Subdomains		 Transfer
55 coalfire.com
www2.coalfire.com
www.coalfire.com
collect.coalfire.com
1 MB
28 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 10774
api.usercentrics.eu — Cisco Umbrella Rank: 8799
graphql.usercentrics.eu — Cisco Umbrella Rank: 13494
consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 15307
uct.service.usercentrics.eu — Cisco Umbrella Rank: 16448
193 KB
6 clickagy.com
tags.clickagy.com — Cisco Umbrella Rank: 26224
aorta.clickagy.com — Cisco Umbrella Rank: 2452
hemsync.clickagy.com — Cisco Umbrella Rank: 22548
15 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 410
www.linkedin.com — Cisco Umbrella Rank: 692
px4.ads.linkedin.com — Cisco Umbrella Rank: 6273
5 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5677
721 B
4 google.com
www.google.com — Cisco Umbrella Rank: 2
948 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
2 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 11395
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 421
14 KB
3 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 506
www.google-analytics.com — Cisco Umbrella Rank: 44
38 KB
3 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 7945
26 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
2 KB
2 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 5078
2 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 5254
4 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 970
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
170 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1171
70 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 873
187 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 971
216 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1189
378 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 914
395 B
1 t.co
t.co — Cisco Umbrella Rank: 590
377 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 911
15 KB
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 14549
203 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 419
33 KB
116 25
Domain Requested by
50 www.coalfire.com www.coalfire.com
15 app.usercentrics.eu www.coalfire.com
app.usercentrics.eu
8 api.usercentrics.eu app.usercentrics.eu
4 aorta.clickagy.com 3 redirects cdn.bizible.com
4 www.google.de www.coalfire.com
4 www.google.com 4 redirects
3 js.zi-scripts.com www.coalfire.com
js.zi-scripts.com
3 px.ads.linkedin.com 3 redirects
3 collect.coalfire.com 2 redirects cdn.bizible.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.coalfire.com
3 stats.g.doubleclick.net 3 redirects
3 cdn.bizible.com www.coalfire.com
cdn.bizible.com
2 dpm.demdex.net 2 redirects
2 ws.zoominfo.com js.zi-scripts.com
2 pi.pardot.com www.coalfire.com
pi.pardot.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 ssl.google-analytics.com 1 redirects www.coalfire.com
2 consent-api.service.consent.usercentrics.eu app.usercentrics.eu
2 graphql.usercentrics.eu app.usercentrics.eu
2 www.googletagmanager.com www.coalfire.com
www.googletagmanager.com
2 maxcdn.bootstrapcdn.com www.coalfire.com
maxcdn.bootstrapcdn.com
2 www2.coalfire.com 1 redirects pi.pardot.com
1 hemsync.clickagy.com cdn.bizible.com
1 pixel-sync.sitescout.com
1 sync.crwdcntrl.net 1 redirects
1 tags.clickagy.com www.coalfire.com
1 googleads.g.doubleclick.net 1 redirects
1 px4.ads.linkedin.com www.coalfire.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io cdn.bizible.com
1 analytics.twitter.com www.coalfire.com
1 t.co www.coalfire.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 uct.service.usercentrics.eu www.coalfire.com
1 cdn.bizibly.com www.coalfire.com
1 ajax.googleapis.com www.coalfire.com
116 37

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
one.coalfire.com
Subject Issuer Validity Valid
coalfire.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-25		 a year crt.sh
app.usercentrics.eu
GTS CA 1D4		 2023-08-09 -
2023-11-07		 3 months crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-01 -
2024-07-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
api.usercentrics.eu
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
graphql.usercentrics.eu
GTS CA 1D4		 2023-08-06 -
2023-11-04		 3 months crt.sh
consent-api.service.consent.usercentrics.eu
GTS CA 1D4		 2023-08-18 -
2023-11-16		 3 months crt.sh
uct.service.usercentrics.eu
GTS CA 1D4		 2023-07-28 -
2023-10-26		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
collect.coalfire.com
GTS CA 1D4		 2023-09-04 -
2023-12-03		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-07-23		 a year crt.sh
js.zi-scripts.com
Amazon RSA 2048 M02		 2022-10-17 -
2023-11-15		 a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
www2.coalfire.com
R3		 2023-08-01 -
2023-10-30		 3 months crt.sh
*.clickagy.com
Amazon RSA 2048 M02		 2023-02-27 -
2024-02-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Frame ID: B3A8120536C1DF8B13BD257865B987B4
Requests: 108 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - Coalfire

Page URL History Show full URLs

  1. https://www2.coalfire.com/e/21732/ll-PenRisk-Rpt2023-Email1-0923/7nlthc/2013739828?h=HzMbo7fQhmXH2GE4f... HTTP 301
    https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /CMSPages/GetResource\.ashx
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

95 %
HTTPS

59 %
IPv6

25
Domains

37
Subdomains

28
IPs

4
Countries

1866 kB
Transfer

3619 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www2.coalfire.com/e/21732/ll-PenRisk-Rpt2023-Email1-0923/7nlthc/2013739828?h=HzMbo7fQhmXH2GE4fo0xKr6wkqniVyp8BbN84copAvI HTTP 301
    https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1678827290&utmhn=www.coalfire.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=404%20-%20Coalfire&utmhid=1143353248&utmr=-&utmp=%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&utmht=1694541129837&utmac=UA-27111939-1&utmcc=__utma%3D116837012.231716712.1694541130.1694541130.1694541130.1%3B%2B__utmz%3D116837012.1694541130.1.1.utmcsr%3Dpardot%7Cutmccn%3DPenTest_All_PenRisk_Rpt2023_Email1_0923%7Cutmcmd%3Demail%3B&utmjid=755676376&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27111939-1&cid=231716712.1694541130&jid=755676376&_v=5.7.2&z=1678827290 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=231716712.1694541130&jid=755676376&_v=5.7.2&z=1678827290 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=231716712.1694541130&jid=755676376&_v=5.7.2&z=1678827290&slf_rd=1&random=4263792829
Request Chain 98
  • https://collect.coalfire.com/j/collect?v=1&_v=j101&a=1143353248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&ul=en-us&de=UTF-8&dt=404%20-%20Coalfire&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=116837012.231716712.1694541130.1694541130.1694541130.1&_utmz=116837012.1694541130.1.1.utmcsr%3Dpardot%7Cutmccn%3DPenTest_All_PenRisk_Rpt2023_Email1_0923%7Cutmcmd%3Demail&_utmht=1694541130153&_u=YADCAEABAAAAACAEKI~&jid=981284867&gjid=1996805186&cid=1466600106.1694541130&tid=UA-27111939-5&_gid=1713205783.1694541130&_fplc=0&_r=1&gtm=45He3960n81M5HMLKB&z=106906508 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27111939-5&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=981284867&_gid=1713205783.1694541130&gjid=1996805186&_v=j101&z=106906508 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-5&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=981284867&_v=j101&z=106906508 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-5&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=981284867&_v=j101&z=106906508&slf_rd=1&random=1777788298
Request Chain 99
  • https://collect.coalfire.com/j/collect?v=1&_v=j101&a=1143353248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&ul=en-us&de=UTF-8&dt=404%20-%20Coalfire&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=116837012.231716712.1694541130.1694541130.1694541130.1&_utmz=116837012.1694541130.1.1.utmcsr%3Dpardot%7Cutmccn%3DPenTest_All_PenRisk_Rpt2023_Email1_0923%7Cutmcmd%3Demail&_utmht=1694541130159&_u=YCDCCEABBAAAACAEKI~&jid=1376479408&gjid=1398545900&cid=1466600106.1694541130&tid=UA-27111939-7&_gid=1713205783.1694541130&_fplc=0&_r=1&gtm=45He3960n81M5HMLKB&z=1286673380 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27111939-1&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=1376479408&_gid=1713205783.1694541130&gjid=1398545900&_v=j101&z=1286673380 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=1376479408&_v=j101&z=1286673380 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=1376479408&_v=j101&z=1286673380&slf_rd=1&random=3629350007
Request Chain 101
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D15004%26time%3D1694541130164%26url%3Dhttps%253A%252F%252Fwww.coalfire.com%252Fc%252Fpentest%252Fpenrisk2023%252Freport%253Futm_source%253Dpardot%2526utm_medium%253Demail%2526utm_campaign%253DPenTest_All_PenRisk_Rpt2023_Email1_0923%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&cookiesTest=true&liSync=true&e_ipv6=AQLTYAiUSulzuAAAAYqKhayZxby-Cu5tRhiPx7Fls98LKP1K5mXy6tY4XMuJPNakoDWrbIMF
Request Chain 102
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1020366730/?random=789866989&fst=1694541130623&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e39b0&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&tiba=404%20-%20Coalfire&auid=613963095.1694541131&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/1020366730/?random=789866989&fst=1694538000000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e39b0&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&tiba=404%20-%20Coalfire&is_vtc=1&random=649304041 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1020366730/?random=789866989&fst=1694538000000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e39b0&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&tiba=404%20-%20Coalfire&is_vtc=1&random=649304041&ipr=y
Request Chain 113
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:d31bf8749be47249062f429aef3bc9f9&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:d31bf8749be47249062f429aef3bc9f9&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=58617995446846946071024265169741884246 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d31bf8749be47249062f429aef3bc9f9/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm= HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request report
www.coalfire.com/c/pentest/penrisk2023/
Redirect Chain
  • https://www2.coalfire.com/e/21732/ll-PenRisk-Rpt2023-Email1-0923/7nlthc/2013739828?h=HzMbo7fQhmXH2GE4fo0xKr6wkqniVyp8BbN84copAvI
  • https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
51 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
218ed771f77b90f6edf02e38181c6303eb2ec3e9e7e2a3ae932fb9885cde4b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
deflate
content-length
12050
content-type
text/html; charset=utf-8
date
Tue, 12 Sep 2023 17:52:08 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-server
02
x-ua-compatible
IE=Edge

Redirect headers

Connection
keep-alive
Content-Length
186
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Sep 2023 17:52:08 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
max-age=63072000
content-encoding
gzip
expires
Thu, 11 Sep 2025 17:52:08 GMT
location
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
loader.js
app.usercentrics.eu/browser-ui/latest/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/latest/loader.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5c2208f81da1de3ce7aa221e5d1c530ac6c0d0f48f3ce5af617b86c2596a446f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:33:51 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
1098
x-guploader-uploadid
ADPycduy0WaqukoUpZBmVsHK9hHMGAc7MFENYFIPtUJ5RT4LYYIxpyPu4KND0PHODpL2fLURmBpkkBU-2k19cXD14ncX
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20291
last-modified
Mon, 11 Sep 2023 13:09:51 GMT
server
UploadServer
etag
"0f0177d6171aabb755c953815c4ce928"
x-goog-generation
1694437791801028
x-goog-hash
crc32c=r1XJVA==, md5=DwF31hcaq7dVyVOBXEzpKA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
20291
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 12 Sep 2023 18:33:51 GMT
bizible.js
cdn.bizible.com/scripts/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
847f8e19eccd79ada556ff8e54e8c0f366d829ee40acc884b8847111e0ed85b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
last-modified
Fri, 08 Sep 2023 21:22:33 GMT
server
ECS (frb/67D4)
age
49299
etag
"ee46cc949ae2d91:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
25480
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718, 718
age
19312553
cdn-cachedat
2021-04-13 02:36:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
357c5298f2849c0ce9712c57ec240f4e
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
805a00a83ddf3719-FRA
cdn-requestpullsuccess
True
GothamSSm-Book_Web.woff
www.coalfire.com/medialib/assets/fonts/woff/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/fonts/woff/GothamSSm-Book_Web.woff
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d2a556ea02fcc5a15d61bf72db750806ac9a34d9a21a016dc13ce55d91125cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Dec 2020 03:19:15 GMT
server
Microsoft-IIS/10.0
etag
"6054f03ca3ced61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
x-server
02
accept-ranges
bytes
content-length
77834
GothamSSm-Book_Web.woff2
www.coalfire.com/medialib/assets/fonts/woff2/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/fonts/woff2/GothamSSm-Book_Web.woff2
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cf90393fb75b508d08edef4b520043e25c94840572f5f8beece1b8d36af0db79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Dec 2020 03:19:15 GMT
server
Microsoft-IIS/10.0
etag
"b58feb3ca3ced61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
x-server
02
accept-ranges
bytes
content-length
59494
GothamSSm-Black_Web.woff
www.coalfire.com/medialib/assets/fonts/woff/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/fonts/woff/GothamSSm-Black_Web.woff
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1e706f3dd4d9040f39c5778800da8d07d6bacd9d42f53b1973340b6be8a6d601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Dec 2020 03:19:15 GMT
server
Microsoft-IIS/10.0
etag
"1af2ed3ca3ced61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
x-server
02
accept-ranges
bytes
content-length
78990
GothamSSm-Black_Web.woff2
www.coalfire.com/medialib/assets/fonts/woff2/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/fonts/woff2/GothamSSm-Black_Web.woff2
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fbbb7c786fedf982daa720d6f45224954f874ebbcd96b7682a6d8ed6db8812e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Dec 2020 03:19:15 GMT
server
Microsoft-IIS/10.0
etag
"b58feb3ca3ced61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
x-server
02
accept-ranges
bytes
content-length
60566
GothamSSm-Bold_Web.woff
www.coalfire.com/medialib/assets/fonts/woff/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/fonts/woff/GothamSSm-Bold_Web.woff
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3eb9136907c478f7cade82f3a908eab89b3ce25f8b76a50bd96f52b92e4ef5bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Dec 2020 03:19:15 GMT
server
Microsoft-IIS/10.0
etag
"1af2ed3ca3ced61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
x-server
02
accept-ranges
bytes
content-length
78226
GothamSSm-Bold_Web.woff2
www.coalfire.com/medialib/assets/fonts/woff2/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/fonts/woff2/GothamSSm-Bold_Web.woff2
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0953086712fc42ce7a78b99f83a93ea38d9a6aacd1d55bc0a6f8951e55a0427f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Dec 2020 03:19:11 GMT
server
Microsoft-IIS/10.0
etag
"f4e3bf3aa3ced61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
x-server
02
accept-ranges
bytes
content-length
60078
GetCSS.aspx
www.coalfire.com/CMSPages/ 		515 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/CMSPages/GetCSS.aspx?stylesheetname=main&v=780e87b8-8629-48e5-832e-01304a862125
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6e264347e0ba007435517809224a3d4c167dbefc312a84a847feade7cfaded93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
deflate
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
attachment; filename="main.css"
content-length
79287
last-modified
Mon, 31 Jul 2023 18:17:40 GMT
server
Microsoft-IIS/10.0
etag
"cssstylesheet|780e87b8-8629-48e5-832e-01304a862125"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, must-revalidate
x-server
02
expires
Sat, 11 Nov 2023 17:52:09 GMT
GetCSS.aspx
www.coalfire.com/CMSPages/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/CMSPages/GetCSS.aspx?stylesheetname=overrides&v=cce254ea-c13e-4211-9cf9-fbf5d73464c0
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
73f54927a2249a304d2d3fea110b44ee59bca395abb7e8f504fbb05cb25306a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
deflate
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
attachment; filename="overrides.css"
content-length
1581
last-modified
Wed, 23 Aug 2023 21:37:08 GMT
server
Microsoft-IIS/10.0
etag
"cssstylesheet|cce254ea-c13e-4211-9cf9-fbf5d73464c0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, must-revalidate
x-server
02
expires
Sat, 11 Nov 2023 17:52:09 GMT
modernizr-min.js
www.coalfire.com/medialib/assets/js/libs/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/libs/modernizr-min.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
649a19b0312b61fcae12a8bf907e83314dfbbf1a41e8935123bb28c9b21d36f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 02 Jul 2018 21:27:26 GMT
server
Microsoft-IIS/10.0
etag
"e67b0794b12d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-server
02
accept-ranges
bytes
content-length
4340
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 12:07:30 GMT
isotope-pkgd-min.js
www.coalfire.com/medialib/assets/js/libs/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/libs/isotope-pkgd-min.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
732d84a1e85c52c0621163300e7ac0dbe700ff7841e5f7c7c3b4ac5753da69ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 02 Jul 2018 21:27:26 GMT
server
Microsoft-IIS/10.0
etag
"e67b0794b12d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-server
02
accept-ranges
bytes
content-length
13438
jquery-fitvids.js
www.coalfire.com/medialib/assets/js/libs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/libs/jquery-fitvids.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a0d5f91a5430829df5638fa69b85a6e361876d5499744cc724d01c342d944a75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 02 Jul 2018 21:27:26 GMT
server
Microsoft-IIS/10.0
etag
"e67b0794b12d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-server
02
accept-ranges
bytes
content-length
1541
jquery-cycle2-min.js
www.coalfire.com/medialib/assets/js/homepage_v2_09_2014/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/homepage_v2_09_2014/jquery-cycle2-min.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
88c4c27b1f0143e895c6964ef373284642816a887d0f3f61ded115acce51c6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 02 Jul 2018 21:27:26 GMT
server
Microsoft-IIS/10.0
etag
"e67b0794b12d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-server
02
accept-ranges
bytes
content-length
8872
jquery-cycle2-carousel-min.js
www.coalfire.com/medialib/assets/js/homepage_v2_09_2014/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/homepage_v2_09_2014/jquery-cycle2-carousel-min.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f14bd5a8d478749fec7908827e1543c62599f154a5dd875fab9e0fac61e9575
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 02 Jul 2018 21:27:26 GMT
server
Microsoft-IIS/10.0
etag
"e67b0794b12d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-server
02
accept-ranges
bytes
content-length
1987
jquery-bxslider-min.js
www.coalfire.com/medialib/assets/js/homepage_v2_09_2014/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/homepage_v2_09_2014/jquery-bxslider-min.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
789156caf1d31112bc736fe100df1c85d895df0663f305bf6b2423d1ee57e14a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 19 Feb 2021 23:12:59 GMT
server
Microsoft-IIS/10.0
etag
"4ecd4c3147d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-server
02
accept-ranges
bytes
content-length
6531
GetCSS.aspx
www.coalfire.com/CMSPages/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/CMSPages/GetCSS.aspx?stylesheetname=bxslider
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9365afa4d2eb8620a545c637aee28d4cb620c741deede525a39abc1cccf3c43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
deflate
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
attachment; filename="Bxslider.css"
content-length
832
last-modified
Tue, 14 Oct 2014 14:14:15 GMT
server
Microsoft-IIS/10.0
etag
"cssstylesheet|b319b9f9-2662-48b2-9ff4-c7d3b5b24437"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, must-revalidate
x-server
02
expires
Sat, 11 Nov 2023 17:52:09 GMT
respond-min.js
www.coalfire.com/medialib/assets/js/libs/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/libs/respond-min.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 02 Jul 2018 21:27:26 GMT
server
Microsoft-IIS/10.0
etag
"e67b0794b12d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-server
02
accept-ranges
bytes
content-length
2613
GetResource.ashx
www.coalfire.com/CMSPages/ 		400 B
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/CMSPages/GetResource.ashx?_webparts=677
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d1f17a805e51c2fc4fb792380df938df52b9c0796d029baf1c05a65a578400c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
deflate
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
attachment; filename="SearchBox.css"
content-length
215
last-modified
Mon, 24 Jan 2022 22:30:53 GMT
server
Microsoft-IIS/10.0
etag
"webpart|SearchBox"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
public, must-revalidate
x-server
02
expires
Sat, 11 Nov 2023 17:52:09 GMT
WebResource.axd
www.coalfire.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDWty0eZs1JJ0ZA66DiUC-3V9m6Z3sPSfHr3iHbBiZ4wuXIhuwTg7yf2FP4i2ajuoA2&t=637823365837077270
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 08 Mar 2022 11:43:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
x-server
02
content-length
6007
expires
Wed, 11 Sep 2024 01:30:41 GMT
ScriptResource.axd
www.coalfire.com/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvrIXPlXOFpQDPoXf1SJXTB0ATyDkqTvNCY7KJhqnnEqQgTmCmfD9_dLnvD-ShUzRjOiShiwKOKH_b4yNdfi8sxtevQYFAhXVq76Y-2ISUy9KSoNkvOqR27nsCYkFiJxuLXScDs71O0IZ7cOOrg3LyTk1&t=ffffffffaa493ab8
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Sep 2023 01:30:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
x-server
02
content-length
25609
expires
Wed, 11 Sep 2024 01:30:41 GMT
ScriptResource.axd
www.coalfire.com/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OOF8_6BUxceCpGxDvCDAPzEUGYnpFM0h7yI4sD_85xMjk4Y-fJ4hA2cmRgQILDaaTwjBbt6ge1fNeXk2PYlYfXsTjHVvKqVMR1bkANjvX7hfhsm_PYodOn-m0VI-FjFz9tM8nbFGtZhwqAuOuW_OiHI1&t=ffffffffaa493ab8
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Sep 2023 01:30:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public
x-server
02
content-length
9984
expires
Wed, 11 Sep 2024 01:30:41 GMT
ScriptResource.axd
www.coalfire.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/ScriptResource.axd?d=eE6V8nDbUVn0gtG6hKNX_KPfPXhnqR3w9GUAvNoUtvdqiQyQxp_45DR1_M8Ng0tSit7s_bnZaAyghK7ICjc-z9yDHtNPLrDf8ehhfMzq15kRFvkoKfNAkgNEgugXmVmU0&t=27679117
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
351064c4585c86aa016649d1e4fde71419edc20a9b1d5c533679381aa0cde8d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Sep 2023 01:30:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public
x-server
02
content-length
3586
expires
Wed, 11 Sep 2024 01:30:41 GMT
ScriptResource.axd
www.coalfire.com/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/ScriptResource.axd?d=mcAASOSteirJeuV-3by3UbOfpT-L_bAXs0a4SIeUmyfRUthqhZghLUBuO2mKr7cIIclPL7VjN0ZN6kC0v4WDCXMhbRyZHBI2soYbiiStRY81&t=27679117
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
55a061b73398cc441a08110dc39014ade72a132413ea449e3b38ea1b36933672
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Sep 2023 01:30:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public
x-server
02
content-length
4737
expires
Wed, 11 Sep 2024 01:30:41 GMT
ScriptResource.axd
www.coalfire.com/ 		877 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/ScriptResource.axd?d=jwf4VSQi7LeShc44FJ-gAUCu-iQFfSEpUGGqK9oH6cgeHgOg3PnLt-p6UPDFwte09oTf7bn13I_xNw73GEA3mNEqUAodIz_7EUVkKgH2bbIj9rexUSrt8wHzdl9vTv-i0&t=27679117
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d4d19f0fb634296b2d6238acd844a6c6365e9ab8a88144b44d4e48b17ba9a0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Sep 2023 01:30:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public
x-server
02
content-length
441
expires
Wed, 11 Sep 2024 01:30:41 GMT
ScriptResource.axd
www.coalfire.com/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/ScriptResource.axd?d=HEFpVKbnoeQjkjHkFKu3MBAUf_HGKcsOOSMEnlGroMU_NnVmx5TuxIzQuJtlP6KC84iBXGHGqvrQvSTjkcEIqTJ5BecXRi3CwtvfcuyEmV2JuailcCgmpiyDhE8o1RE80&t=27679117
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
409e67050a48e6d35061568944465e103059094d0dd5fb88d6d506f6803f82f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Sep 2023 01:32:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public
x-server
02
content-length
1863
expires
Wed, 11 Sep 2024 01:32:59 GMT
ScriptResource.axd
www.coalfire.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/ScriptResource.axd?d=X6kQKInQS5YQqruiTh57iOIcHsPFqU13NRrDasRNQT_VIPmUzmf1l8GFzr5lFrr5n_WcLPXLZipN7bqwYLnKZaoKBgk4hhqS2l-ERuM_IQeAiPIB1lsImDUSRMab5Uvf0&t=27679117
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ea17237fc12bcbbad4c16f8789840fac4b9ab881e93fc9ec08166468f1bec52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 Sep 2023 01:32:59 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public
x-server
02
content-length
1418
expires
Wed, 11 Sep 2024 01:32:59 GMT
logo.svg
www.coalfire.com/medialib/assets/images/design/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/design/logo.svg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6244449b7e181c47b1674736e30afb54b830673c4f7a4a15358cabce9e17b347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Dec 2020 03:19:11 GMT
server
Microsoft-IIS/10.0
etag
"f749a33aa3ced61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-server
02
accept-ranges
bytes
content-length
2592
Megamenu_Tile_Solutions.png
www.coalfire.com/medialib/assets/images/Solutions/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Solutions/Megamenu_Tile_Solutions.png?ext=.png
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6113c7a7b55ac26a9952be06bafc69b6a5a3e3f4748c4ae9927d17e5f4994ef6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 23 Dec 2020 19:43:01 GMT
server
Microsoft-IIS/10.0
etag
"16fdf1d263d9d61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
x-server
02
accept-ranges
bytes
content-length
35947
Coalfire_FedRAMP_285X185_FINAL.png
www.coalfire.com/medialib/assets/images/Compliance/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Compliance/Coalfire_FedRAMP_285X185_FINAL.png?ext=.png
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
offsec-nav.png
www.coalfire.com/medialib/assets/images/Platforms/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Platforms/offsec-nav.png?ext=.png
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
HiTech_thumb.jpg
www.coalfire.com/medialib/assets/images/Compliance/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Compliance/HiTech_thumb.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
CE-logo-homepage.png
www.coalfire.com/medialib/assets/images/Solutions/Compliance%20Services/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Solutions/Compliance%20Services/CE-logo-homepage.png?ext=.png
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
hexeon-nav_1.png
www.coalfire.com/medialib/assets/images/Platforms/ 		489 KB
490 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Platforms/hexeon-nav_1.png?ext=.png
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c5d98513ecc9d73f4b4c1664cca3683bce1e91b3b51a48641badd0f3154fb0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 02 Aug 2023 23:45:19 GMT
server
Microsoft-IIS/10.0
etag
"ce91d659bc5d91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
x-server
02
accept-ranges
bytes
content-length
500876
Blog.jpg
www.coalfire.com/medialib/assets/images/Menu/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Menu/Blog.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
Resources_sm.jpg
www.coalfire.com/medialib/assets/images/Menu/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Menu/Resources_sm.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7571165bf90a3af07d4017f0fedf9925d24613151add4e7402f319ca3d95cea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Dec 2020 03:19:23 GMT
server
Microsoft-IIS/10.0
etag
"4fc5e241a3ced61:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-server
02
accept-ranges
bytes
content-length
14045
Menu-About.jpg
www.coalfire.com/medialib/assets/images/Menu/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Menu/Menu-About.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b4e83bfdcf41906929536087360e1c7c3936620997193773c224759ed8dd982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 02 Jul 2018 21:27:24 GMT
server
Microsoft-IIS/10.0
etag
"caef0774b12d41:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-server
02
accept-ranges
bytes
content-length
73864
coalfireteam-1.jpg
www.coalfire.com/medialib/assets/images/Compliance/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Compliance/coalfireteam-1.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
Coalfire_AboutImage_285x175.jpg
www.coalfire.com/medialib/assets/images/About/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/About/Coalfire_AboutImage_285x175.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
BoD-nav-tile_o.jpg
www.coalfire.com/medialib/assets/images/Board-of-Directors/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Board-of-Directors/BoD-nav-tile_o.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
DandI_Nav_1.jpg
www.coalfire.com/medialib/assets/images/About/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/About/DandI_Nav_1.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b4c29a2320c4b4c717b8f2decfb353e18278d205281a91e81b678d88c56c909a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 26 Sep 2022 16:48:29 GMT
server
Microsoft-IIS/10.0
etag
"8d4ef8cdc7d1d81:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-server
02
accept-ranges
bytes
content-length
18744
TomMcAndrew-285x175.jpg
www.coalfire.com/medialib/assets/images/Board-of-Directors/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Board-of-Directors/TomMcAndrew-285x175.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
Partners_285px.jpg
www.coalfire.com/medialib/assets/images/Partners/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Partners/Partners_285px.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
Menu-Rick_sm.jpg
www.coalfire.com/medialib/assets/images/Menu/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Menu/Menu-Rick_sm.jpg?ext=.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
RD-nav.png
www.coalfire.com/medialib/assets/images/LABS/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/LABS/RD-nav.png?ext=.png
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
megamenu-image.jpg
www.coalfire.com/medialib/assets/images/Design/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Design/megamenu-image.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
bootstrap-min.js
www.coalfire.com/medialib/assets/js/libs/ 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/libs/bootstrap-min.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
newjs.js
www.coalfire.com/medialib/assets/js/homepage_v2_09_2014/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/medialib/assets/js/homepage_v2_09_2014/newjs.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
10eae1cbed8658eb296ce3ab7b32e6f53234c822caf691241a1ac20fe552eeaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 02 Jul 2018 21:27:26 GMT
server
Microsoft-IIS/10.0
etag
"e67b0794b12d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-server
02
accept-ranges
bytes
content-length
2715
GetResource.ashx
www.coalfire.com/CMSPages/ 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coalfire.com/CMSPages/GetResource.ashx?scriptfile=/CMSScripts/Custom/coalfire.js?v=17
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		235 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5HMLKB
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f000e4f33d19a4f2f25f4847cd9c6e0ea039882c89a7bb91eee8a364515e76ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80736
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 16:38:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Sep 2023 17:52:09 GMT
index.module.js
app.usercentrics.eu/browser-ui/3.28.0/ 		353 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/index.module.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
49e7e4526ff8e95c2a97049dda6cb7051e5bbd474981e3b4c2483e852b530ece
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:12:31 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103178
x-guploader-uploadid
ADPycdt30gUp_fFTEocXIOAsSySdrO0Dk8J6A8pRc51fHVQV5Rafj73ABhXJE9BAsU4rLCf2TWD9h3B4zBy_SYIbaDt-lQR27PTK
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104267
last-modified
Mon, 11 Sep 2023 13:09:28 GMT
server
UploadServer
etag
"a19cb3b7aab9cb9cc6fef663d4b89b5a"
x-goog-generation
1694437768216328
x-goog-hash
crc32c=0K1z5w==, md5=oZyzt6q5y5zG/vZj1LibWg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
104267
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:12:31 GMT
sfBiDUafD-dU2z.json
api.usercentrics.eu/ruleSet/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/ruleSet/sfBiDUafD-dU2z.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.coalfire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 17:52:09 GMT
expires
Tue, 12 Sep 2023 17:52:09 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycds-VWyOth5LMpSsxP1xWtlFu2VYlJMLH4emcXYCb9Bkq4Sx-hScgMmZ5q7RbznD2nTS9JhIMDF-4hI1E4m68Gz4
sfBiDUafD-dU2z.json
api.usercentrics.eu/ruleSet/ 		170 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/ruleSet/sfBiDUafD-dU2z.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.28.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a698177c753565fce6a3e77f45164a698234f2197f71e605b2986eb8caa4deaa
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdtZa4uW4sjPlQ5hYUtue0KoirfaV3hAoim-ZG6zj0gV848KdnxodToaRbi8ECtyTZGiaTYRFAVINxG-b6Nzf7DM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
159
last-modified
Wed, 06 Sep 2023 20:06:15 GMT
server
UploadServer
etag
"4c70fa4c6177af24db16306e7bac5800"
vary
Accept-Encoding
x-goog-generation
1694030775771726
x-goog-hash
crc32c=gmfjWg==, md5=THD6TGF3ryTbFjBue6xYAA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=1800
x-goog-stored-content-length
159
accept-ranges
bytes
content-type
application/json
expires
Tue, 12 Sep 2023 18:22:09 GMT
languages.json
api.usercentrics.eu/settings/ICyVb7rjTcR20Q/latest/ 		56 B
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/ICyVb7rjTcR20Q/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.28.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a75d094caba33ac05120819a5fd16b225bcd6ceda6d4b507d6dac56d3bbd4320
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdve8VwsqfjAOar2kPL0EIb8eyh7FPAWrFEATKNgqCj1ODmofdLiS4WusEA-_CoxRJrqt6mpCLVm113QwFpuaoxBrw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61
last-modified
Wed, 06 Sep 2023 20:58:35 GMT
server
UploadServer
etag
"7b4ce3ef65807b62b061d70c8aa5a09f"
vary
Accept-Encoding
x-goog-generation
1694033915906235
x-goog-hash
crc32c=SJK0Nw==, md5=e0zj72WAe2KwYdcMiqWgnw==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
61
accept-ranges
bytes
content-type
application/json
expires
Tue, 12 Sep 2023 17:53:09 GMT
languages.json
api.usercentrics.eu/settings/ICyVb7rjTcR20Q/latest/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/ICyVb7rjTcR20Q/latest/languages.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.coalfire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 17:52:09 GMT
expires
Tue, 12 Sep 2023 17:52:09 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdvzwH9vYcYiByskk98REa5dSOWmlNk14m9liop9IFUGR1QoYI-L358uIJWM47dw_WXr0sxA5tHjeR0LxWn6GisqJg
en.json
api.usercentrics.eu/settings/ICyVb7rjTcR20Q/latest/ 		20 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/ICyVb7rjTcR20Q/latest/en.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.28.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6b3251cdcfa69e957afd47f9ca7873e140068f7662b95044a5ae3291b1fb9ab8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdvMkW0vcTFlfYctYHI6z23EPpfSBTX1gmnpUtiXaIOsyWOnfabO9-b3F9pRXPgsJpmxwumOAtHxUAzKGrT-f2gicQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6650
last-modified
Wed, 06 Sep 2023 20:58:35 GMT
server
UploadServer
etag
"5ce0d30d59dc88165d8ec0c1f2b970fc"
vary
Accept-Encoding
x-goog-generation
1694033915861593
x-goog-hash
crc32c=IMwTtg==, md5=XODTDVnciBZdjsDB8rlw/A==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
6650
accept-ranges
bytes
content-type
application/json
expires
Tue, 12 Sep 2023 17:53:09 GMT
en.json
api.usercentrics.eu/settings/ICyVb7rjTcR20Q/latest/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/ICyVb7rjTcR20Q/latest/en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.coalfire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 17:52:09 GMT
expires
Tue, 12 Sep 2023 17:52:09 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdtc0xw47KxtCbTYKaWtlUI010gNpqLvEiXlBUn92_vY4xsiwXeskDzbi7jYSrffWFDcsAJbRVaF7-tlYz3D-El62gNebcBN
1px.png
app.usercentrics.eu/session/ 		489 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=ICyVb7rjTcR20Q
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:27:26 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
1483
x-guploader-uploadid
ADPycduPlNsZjmGCpj8C7tqgQpWgAI7brMAbl6mYw1PdeiTLD31kJBEmmUMqYkGi-8NCmPK3Ocb9UEojxhYMZVVFC-NXIXRcTTa0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Tue, 12 Sep 2023 17:57:26 GMT
DefaultData-31c6284c-a9f96e2d.js
app.usercentrics.eu/browser-ui/3.28.0/ 		2 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/DefaultData-31c6284c-a9f96e2d.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c1d88c3f43d79aede868b5f269df39558671aeef35949c08e64edfc50d891e46
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:33 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103116
x-guploader-uploadid
ADPycdsIbrw8ikRoB_yWkO-CIlPXZecDleCcdiPVYK0M_pEgaOlckgQSD3TpXRUrA4dRjqdSUdDx-VCGRyeCv2bX-Ska8CTCz8tN
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
967
last-modified
Mon, 11 Sep 2023 13:09:18 GMT
server
UploadServer
etag
"fa2b9eb19c5a9af59d3adaff06f26a1f"
x-goog-generation
1694437758560833
x-goog-hash
crc32c=b5Cn1g==, md5=+iuesZxamvWdOtr/BvJqHw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
967
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:33 GMT
translations-en.json
api.usercentrics.eu/translations/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.coalfire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 17:52:09 GMT
expires
Tue, 12 Sep 2023 17:52:09 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdvfemqHlmbXCXiAnW899ggut5S-z9a2JV892UFWvyovr9lXbKtgVMED1v3ZBL4hm6OoFVHKuT6-BwyAV5LqtJ7XXA
translations-en.json
api.usercentrics.eu/translations/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.28.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ca61f2ecdd14c962119c00d8eb5f4912e6b400b4817e41fd27a3765fec580c00
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Sep 2023 09:06:46 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
31523
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdsT3tpz1NXtH0SwUUUZ2kWRZPxlfd-kfgEAnEN1sfQResKWt_SS4r3-7USOKV9xG1xh3yKuQWauaUYZuo6VxeHY8XrtXtFp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2360
last-modified
Mon, 11 Sep 2023 07:33:50 GMT
server
UploadServer
etag
"3d054eecf556c1878bee9e30149c27e6"
vary
Accept-Encoding
x-goog-generation
1694417630850337
x-goog-hash
crc32c=cuU6lQ==, md5=PQVO7PVWwYeL7p4wFJwn5g==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2360
accept-ranges
bytes
content-type
application/json
expires
Wed, 13 Sep 2023 09:06:46 GMT
DefaultUI-5dedf851-bda4fdfd.js
app.usercentrics.eu/browser-ui/3.28.0/ 		2 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/DefaultUI-5dedf851-bda4fdfd.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
66d07a14c8b23fea5984edff84aee8145354e065953992bb215af906cb83a06f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:42 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103107
x-guploader-uploadid
ADPycduz21faYMg6IYcqDrezpv9eHqLYmXI_6vpCh9F4Uyy045Dp2TqYh_by10ISpRNg2oQbRtkn6eaDJYDaOxyzQdgs
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
758
last-modified
Mon, 11 Sep 2023 13:09:19 GMT
server
UploadServer
etag
"0b45c358e80b95cc47eddefd65cbaf64"
x-goog-generation
1694437759160876
x-goog-hash
crc32c=prBB6A==, md5=C0XDWOgLlcxH7d79ZcuvZA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
758
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:42 GMT
FirstLayerCustomization-e8acd088-9c380bb1.js
app.usercentrics.eu/browser-ui/3.28.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/FirstLayerCustomization-e8acd088-9c380bb1.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fdca819eed878aa74b52c43b07ef775bde65457494c40a2228697a5fe298158d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.28.0/DefaultUI-5dedf851-bda4fdfd.js
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:35 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103114
x-guploader-uploadid
ADPycdsPkGP7S0zaYT_q1vIVn8vc_ZviMZwO6NEEfYYtztwPdCh4MLOGWltrGx5kTbyxlv5fSx1zUaPHtoOnuwuk5yypv2rBUbJy
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1075
last-modified
Mon, 11 Sep 2023 13:09:19 GMT
server
UploadServer
etag
"6e57c6a5603d3e756744a1d8c1794813"
x-goog-generation
1694437759456276
x-goog-hash
crc32c=0brlww==, md5=blfGpWA9PnVnRKHYwXlIEw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1075
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:35 GMT
ButtonsCustomization-21e66be1-7501b445.js
app.usercentrics.eu/browser-ui/3.28.0/ 		473 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/ButtonsCustomization-21e66be1-7501b445.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4a0e0c5931babc166aaca2c1a7ca666d4ca07fcd2579fbdd9163ad9b9273102b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.28.0/DefaultUI-5dedf851-bda4fdfd.js
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:35 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103114
x-guploader-uploadid
ADPycdv6jwiTspu1PpV7CF8qXrLn-tWTDy9gwBpsWHz7XskF-AI1UC5yWWUoSVKYgfbPQfvW3WJR5eIB0ikgXteSvR0QoIDn0KKY
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
last-modified
Mon, 11 Sep 2023 13:09:17 GMT
server
UploadServer
etag
"442a884a61ab82e3bb3e97e9156262fb"
x-goog-generation
1694437757754935
x-goog-hash
crc32c=Wd7nqg==, md5=RCqISmGrguO7PpfpFWJi+w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
236
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:35 GMT
SecondLayerUI-b78286ca-56660a36.js
app.usercentrics.eu/browser-ui/3.28.0/ 		567 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/SecondLayerUI-b78286ca-56660a36.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c901db9e6f8fefdd9f9460445a4c4963bdb4dab1d5841f0827ab66da9b0c984b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.28.0/DefaultUI-5dedf851-bda4fdfd.js
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:42 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103107
x-guploader-uploadid
ADPycdstpFb2mL6zEKjYss6fNZyAaj22DBZh-vumEd6JG10dChoevpyLHRVz7FDmNgMj-A3fHABmYyhOQskldaLcTV9p
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
last-modified
Mon, 11 Sep 2023 13:09:20 GMT
server
UploadServer
etag
"5e8c30a12beeab958fe1a704c97f5341"
x-goog-generation
1694437760724971
x-goog-hash
crc32c=VCtE/A==, md5=XowwoSvuq5WP4acEyX9TQQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
317
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:42 GMT
Taglogger-d1b2f2a9-a8e89842.js
app.usercentrics.eu/browser-ui/3.28.0/ 		1 KB
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/Taglogger-d1b2f2a9-a8e89842.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
02de7011c861174353741463bfa50c040236cf408e32e718f28d630d2a794dc1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:36 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103113
x-guploader-uploadid
ADPycdsLm58CQttWY2QIrqHKSL5ncjdU0iOnZRdaq2SeohGskgk0cnVNw4gUGzKnf4LOJVqZVVDLzq0_ntkgArLGW_RSzDNGjZoz
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
617
last-modified
Mon, 11 Sep 2023 13:09:21 GMT
server
UploadServer
etag
"a52e33fbe53654f005d4241435b66ff5"
x-goog-generation
1694437761877756
x-goog-hash
crc32c=XdAkwQ==, md5=pS4z++U2VPAF1CQUNbZv9Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
617
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:36 GMT
graphql
graphql.usercentrics.eu/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql.usercentrics.eu/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://www.coalfire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Sep 2023 17:52:09 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
2
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://www.coalfire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 12 Sep 2023 17:52:09 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
a9f02908123010bcd7f6ebeca452b2da
graphql
graphql.usercentrics.eu/ 		118 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql.usercentrics.eu/graphql
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.28.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash
eaad5d4323baa7b8253c466f77b7b70f641f5425cc9fb973ee59aca4a64ef2e0

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
X-Request-ID
58d93ff0-5721-4cbb-b1e9-a5b59dd41970
content-type
application/json

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
Express
etag
W/"76-JbkW3v6AHcWXxKTCkCETNru2AQY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
77 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/2
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.28.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
X-Request-ID
19e07b99-d797-4e38-9144-95840fe2221c
content-type
application/json

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
via
1.1 google
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
a40ddc73f75d6bb4161a5310c73ce771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Sep 2023 17:51:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
31
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 12 Sep 2023 19:51:38 GMT
hero-redesign.jpg
www.coalfire.com/medialib/assets/images/contact/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/contact/hero-redesign.jpg
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d6285f5020d1971a6b0cc8c97df1ab2f42f4c9b00e12720aea59b6c88b2d1a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 16 Dec 2022 23:26:15 GMT
server
Microsoft-IIS/10.0
etag
"bbeb95caa511d91:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-server
02
accept-ranges
bytes
content-length
25396
Coalfire_Icon_404ErrorPage_v1.png
www.coalfire.com/medialib/assets/images/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coalfire.com/medialib/assets/images/Coalfire_Icon_404ErrorPage_v1.png
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/CMSPages/GetCSS.aspx?stylesheetname=overrides&v=cce254ea-c13e-4211-9cf9-fbf5d73464c0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.126.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-126-226.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/CMSPages/GetCSS.aspx?stylesheetname=overrides&v=cce254ea-c13e-4211-9cf9-fbf5d73464c0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
cache-control
no-store, max-age=0
server
awselb/2.0
x-amzn-waf-action
challenge
content-length
0
content-type
text/html; charset=UTF-8
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
3923608
cdn-cachedat
02/05/2022 16:58:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
65452
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"d95d6f5d5ab7cfefd09651800b69bd54"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b9371c5b3529d852d30df44a406a6c33
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
805a00ac8f583718-FRA
cdn-requestpullsuccess
True
PrivacyButton-3727979f.js
app.usercentrics.eu/browser-ui/3.28.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/PrivacyButton-3727979f.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4d667e6159d9d32473a8c3850a7da05b26d4c92885285d9fb7527578b601fd05
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:44 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103105
x-guploader-uploadid
ADPycdul8x-0DLfJWmEdn7zeWzg1gXGbVdfSftqPnVBelRuu54KFgd-IoMefp_COsBrw7u00QqKj1fPBTE5eSPu9uAeZ_A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2449
last-modified
Mon, 11 Sep 2023 13:09:19 GMT
server
UploadServer
etag
"1281acf97fc3e61609acf054aba5c09b"
x-goog-generation
1694437759749617
x-goog-hash
crc32c=VBHw7g==, md5=EoGs+X/D5hYJrPBUq6XAmw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
2449
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:44 GMT
index-6ed50dab.js
app.usercentrics.eu/browser-ui/3.28.0/ 		2 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/index-6ed50dab.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
96cc45661a421a0cef86c13b89e151be63d5397ad86431105dbd68e113fc8911
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:52 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103097
x-guploader-uploadid
ADPycdtfhRaDxO6PReTVvSNuCUelXj5R8ilolWjGMyWEvhB58Bm1QrXXFW8cADwaOdECFEPvd9SPov2ruxFE1xtLctpsLy7MgFmN
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
807
last-modified
Mon, 11 Sep 2023 13:09:26 GMT
server
UploadServer
etag
"eb2ec0b6df978634b36294289b9f3720"
x-goog-generation
1694437766873203
x-goog-hash
crc32c=hhWphQ==, md5=6y7Att+XhjSzYpQom583IA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
807
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:52 GMT
ipv
cdn.bizible.com/m/ 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=65d1db8037e54b7eadc75547eaf47635&_biz_s=3f0390&_biz_l=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&_biz_t=1694541129082&_biz_i=%0A%09404%20-%20Coalfire%0A&_biz_n=0&rnd=741176&cdn_o=a&_biz_z=1694541129797
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 17:52:09 GMT
last-modified
Wed, 06 Sep 2023 04:10:18 GMT
server
ECS (frb/6760)
age
567711
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
u
cdn.bizibly.com/ 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/u?_biz_u=65d1db8037e54b7eadc75547eaf47635&_biz_s=3f0390&_biz_l=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&_biz_t=1694541129808&_biz_i=%0A%09404%20-%20Coalfire%0A&rnd=965903&cdn_o=a&_biz_z=1694541129808
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 17:52:09 GMT
last-modified
Sat, 09 Sep 2023 01:06:58 GMT
server
ECS (frb/6752)
age
319511
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
uct
uct.service.usercentrics.eu/ 		35 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uct.service.usercentrics.eu/uct?v=1&sid=ICyVb7rjTcR20Q&t=1&abv=&r=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport&cb=1694541129822
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.108.95.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
x-powered-by
Express
content-type
image/gif
x-cloud-trace-context
2c6595a7b124e7e82f805ba09b1a6667
cache-control
no-store
function-execution-id
740gv7afd7hg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1678827290&utmhn=www.coalfire.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=404...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27111939-1&cid=231716712.1694541130&jid=755676376&_v=5.7.2&z=1678827290
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=231716712.1694541130&jid=755676376&_v=5.7.2&z=1678827290
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=231716712.1694541130&jid=755676376&_v=5.7.2&z=1678827290&slf_rd=1&random=4263792829
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=231716712.1694541130&jid=755676376&_v=5.7.2&z=1678827290&slf_rd=1&random=4263792829
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 17:52:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Sep 2023 17:52:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=231716712.1694541130&jid=755676376&_v=5.7.2&z=1678827290&slf_rd=1&random=4263792829
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xdc.js
cdn.bizible.com/ 		116 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=65d1db8037e54b7eadc75547eaf47635&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.09.07
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
f862422b6e0e2beafcff010fda5ac8fbe766a5da2d38e028e3b4af8413ea44c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:10 GMT
content-encoding
gzip
server
ECS (frb/6711)
etag
6D2C4AE4
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
content-length
218
index-5f1b204a.js
app.usercentrics.eu/browser-ui/3.28.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/index-5f1b204a.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7ba3401b7acffc7bfdd6273328b2bb6dd7ef909a94d5152607f9efae2100281c
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://www.coalfire.com/
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:52 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103097
x-guploader-uploadid
ADPycdtmbso2DkmH-DQI6dtu7kS16sdlHbH7FV-aMylocXhTOF1SqOTERXv_4-buagORTeKwFHT16Zt4gjYWGe5divsuhVtAVxET
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2061
last-modified
Mon, 11 Sep 2023 13:09:26 GMT
server
UploadServer
etag
"ad7fd758a73fbd9941514a723a1f856f"
x-goog-generation
1694437766601946
x-goog-hash
crc32c=qyOG2w==, md5=rX/XWKc/vZlBUUpyOh+Fbw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
2061
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:52 GMT
SaveButton-b74138cd.js
app.usercentrics.eu/browser-ui/3.28.0/ 		1 KB
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/SaveButton-b74138cd.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a06278bd18d2b2b3f3f6113c1ae2d1367f661da4834dba59595a48c7ea73dfc4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.28.0/index-5f1b204a.js
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:52 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103097
x-guploader-uploadid
ADPycdshPFLNq-IXxt0_vUpbUPg8deQFDvBd2xZyugnWiDdDQN6hbbNgnkElJXbkUUDl6f_9pk7Rg4S1seaHDdwUE8sOlrSRPkdA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
617
last-modified
Mon, 11 Sep 2023 13:09:20 GMT
server
UploadServer
etag
"eb65c99dec7643ccc2e28193ef419143"
x-goog-generation
1694437760400985
x-goog-hash
crc32c=FimBuA==, md5=62XJnex2Q8zC4oGT70GRQw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
617
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:52 GMT
VirtualServiceItem-5c9d709c.js
app.usercentrics.eu/browser-ui/3.28.0/ 		156 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/VirtualServiceItem-5c9d709c.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5235a3f7fdf581c52be4c2b1540c4e13fd433298db6eb34cd35b0f17b6f474e5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.28.0/index-5f1b204a.js
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:52 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103097
x-guploader-uploadid
ADPycdtcb4NMKN8OLahijfw8X3Z1mHiecv5MvsvQy0MBXFyrsNt6LRR25MTo21Pawn5TEZJrFi64QDw8apefxsqjX0hRFSQ02syl
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48496
last-modified
Mon, 11 Sep 2023 13:09:22 GMT
server
UploadServer
etag
"12bbc35a1b0d6663e22214b242991531"
x-goog-generation
1694437762837042
x-goog-hash
crc32c=12qCkQ==, md5=ErvDWhsNZmPiIhSyQpkVMQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
48496
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:52 GMT
DefaultTabs-c1c08716.js
app.usercentrics.eu/browser-ui/3.28.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.28.0/DefaultTabs-c1c08716.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
21d06dbdf2db238c20fadbc910aad8fb8611b69444e5214dec2706cfc4776178
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.28.0/index-5f1b204a.js
Origin
https://www.coalfire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 13:13:43 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
103106
x-guploader-uploadid
ADPycdu9vQ3a7UI8Y5-Ou6e685YeNVLHEhoWigV4Ugzx0rflFHcjSMiuRXS0N-jf2okRS39nODbaHnIdDDZ-EY1VDTwYbQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1684
last-modified
Mon, 11 Sep 2023 13:09:18 GMT
server
UploadServer
etag
"518087641db744e4cf398d96aa2d4fc8"
x-goog-generation
1694437758879738
x-goog-hash
crc32c=HYifDg==, md5=UYCHZB23ROTPOY2Wqi1PyA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1684
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 10 Sep 2024 13:13:43 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5HMLKB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Sep 2023 17:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
147
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Sep 2023 19:49:43 GMT
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5HMLKB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 12 Sep 2023 17:52:09 GMT
last-modified
Wed, 06 Sep 2023 22:41:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2DCFFFE52E634F5690134DBE0651D3B4 Ref B: FRAEDGE1418 Ref C: 2023-09-12T17:52:09Z
etag
"09cc4613e1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12981
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5HMLKB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=18993
accept-ranges
bytes
content-length
3822
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5HMLKB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230111-FRA
js
www.googletagmanager.com/gtag/ 		286 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TJH13ST8WH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5HMLKB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b2ff274fec313e0397ea01bf4d57cabc1c50a05ee52a32e9ed48eb72748aea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92895
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Sep 2023 17:52:09 GMT
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=256420eb-ffba-4cee-a1ef-b32eb486843e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=84102f5e-e004-4fc6-8f86-afce617031a1&tw_document_href=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o213t&type=javascript&version=2.3.29
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time
174
date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
51e19c78b244e597
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
0866af6ee1ef2d0e23fcaada6231f0aff8494e0a07b532848f25d29b8f5735a6
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=256420eb-ffba-4cee-a1ef-b32eb486843e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=84102f5e-e004-4fc6-8f86-afce617031a1&tw_document_href=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o213t&type=javascript&version=2.3.29
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time
188
date
Tue, 12 Sep 2023 17:52:09 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
01561f7f7794f8cc
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
d4075f3468f295b4561e3624d2678c297606bc10c60a763f406dea067912ecad
content-length
43
5067562.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5067562.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 12 Sep 2023 17:52:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 181DA47A806A4A7697BDE77D93F65C48 Ref B: FRAEDGE1418 Ref C: 2023-09-12T17:52:10Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5067562&tm=gtm002&Ver=2&mid=67ed478d-49cd-42f9-9673-72ecd8bcca8d&sid=18a39fc0519511ee91835d992292c5aa&vid=18a3c2e0519511eeaa866bfdf068416d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=404%20-%20Coalfire&kw=Coalfire,%20Security&p=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&r=&lt=1916&evt=pageLoad&sv=1&rn=104791
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 17:52:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D91999A3DA08465F9036C5D9FDDCE981 Ref B: FRAEDGE1418 Ref C: 2023-09-12T17:52:10Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
collect.coalfire.com/g/ 		549 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.coalfire.com/g/collect?v=2&tid=G-TJH13ST8WH&gtm=45je3960&_p=1143353248&cid=1466600106.1694541130&ul=en-us&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&_s=1&dl=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&sid=1694541130&sct=1&seg=0&dt=404%20-%20Coalfire&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=page_view.1694541427137_16945420591331&richsstsse
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
b524f4fd5f7e07ee4d6fcefc957e6906a28153286c61585aecfdeb6dc309fe6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.coalfire.com
cache-control
no-cache
access-control-allow-credentials
true
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=14813
accept-ranges
bytes
content-length
4862
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://collect.coalfire.com/j/collect?v=1&_v=j101&a=1143353248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27111939-5&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=981284867&_gid=1713205783.1694541130&gjid=199680518...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-5&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=981284867&_v=j101&z=106906508
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-5&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=981284867&_v=j101&z=106906508&slf_rd=1&random=1777788298
42 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-5&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=981284867&_v=j101&z=106906508&slf_rd=1&random=1777788298
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 17:52:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Sep 2023 17:52:10 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-5&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=981284867&_v=j101&z=106906508&slf_rd=1&random=1777788298
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://collect.coalfire.com/j/collect?v=1&_v=j101&a=1143353248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27111939-1&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=1376479408&_gid=1713205783.1694541130&gjid=13985459...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=1376479408&_v=j101&z=1286673380
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=1376479408&_v=j101&z=1286673380&slf_rd=1&random=362935...
42 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=1376479408&_v=j101&z=1286673380&slf_rd=1&random=3629350007
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 17:52:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Sep 2023 17:52:10 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27111939-1&cid=x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130&jid=1376479408&_v=j101&z=1286673380&slf_rd=1&random=3629350007
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/15004/domain/coalfire.com/ 		36 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/15004/domain/coalfire.com/token
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 12:16:02 GMT
content-encoding
gzip
via
1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
20168
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30636
x-amz-cf-id
xYCm852xTZD9L-yaEvaM5KQtZ-UfSpArPWVH4Q5bUdti62tWfIkM9A==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D15004%26time%3D1694541130164%26url%3Dhttps%253A%252F%252Fwww.coalfire.com%252Fc%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&cookiesTest=true&liSync=true&e_ipv6=AQLTYAiUSulzuAAAAYqKhayZxby-Cu5tRhiPx7Fls98LKP1K5mXy6tY4XMuJPNakoDWrbIMF
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 3411605E4C3B40BAB99C1F56317E76EC Ref B: FRAEDGE1117 Ref C: 2023-09-12T17:52:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFLRothPshLWuOo+p2NQ==

Redirect headers

date
Tue, 12 Sep 2023 17:52:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CE1D0077D4424AE0ABF5F4F236B94D6F Ref B: FRAEDGE1722 Ref C: 2023-09-12T17:52:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=15004&time=1694541130164&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&cookiesTest=true&liSync=true&e_ipv6=AQLTYAiUSulzuAAAAYqKhayZxby-Cu5tRhiPx7Fls98LKP1K5mXy6tY4XMuJPNakoDWrbIMF
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFLRoqGtU6Kq86fWUpIA==
/
www.google.de/pagead/1p-user-list/1020366730/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1020366730/?random=789866989&fst=1694541130623&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e39b0&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-user-list/1020366730/?random=789866989&fst=1694538000000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e39b0&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpen...
  • https://www.google.de/pagead/1p-user-list/1020366730/?random=789866989&fst=1694538000000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e39b0&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpent...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1020366730/?random=789866989&fst=1694538000000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e39b0&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&tiba=404%20-%20Coalfire&is_vtc=1&random=649304041&ipr=y
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H3
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 17:52:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Sep 2023 17:52:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-user-list/1020366730/?random=789866989&fst=1694538000000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e39b0&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&tiba=404%20-%20Coalfire&is_vtc=1&random=649304041&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 17:52:11 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Mon, 04 Sep 2023 05:27:53 GMT
Server
PardotServer
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Thu, 11 Sep 2025 17:52:11 GMT
zi-tag.js
js.zi-scripts.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-34.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 09:01:53 GMT
x-amz-version-id
Rt6XPSKiJ8UdHSAhNzDbvtFnl_cNNgVn
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 07:50:42 GMT
server
AmazonS3
via
1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
etag
W/"4eb0c668e820abe414d19a11b92dd0fa"
age
31819
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XZFcbSdLFqGEi-4pgKTxrda3-eoo7liu7qv2-PHRTaDSglskvacrzw==
getSubscriptions
js.zi-scripts.com/unified/v1/master/ 		146 B
508 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-34.zrh55.r.cloudfront.net
Software
/ Express
Resource Hash
b2962d3370a8af51a2744b88b0297758072f5457780bc5d504fc7d6e6ad75193

Request headers

Content-Type
application/json
Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer f7654bb4211680022026
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
visited_url
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923

Response headers

date
Tue, 12 Sep 2023 17:52:11 GMT
via
1.1 2177a1d449a3e8dc7269040f15d81cb0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
x-powered-by
Express
etag
W/"92-FrRF7zuGm/Sv/2CCH4yi/stgKCw"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
content-length
146
apigw-requestid
LJ7D5hGQvHcEP1g=
x-amz-cf-id
EUXHbrsFg8fHUp3nAPf0Skbo4i_DeNR9eAMTXTBADGrBmY8iA2iraQ==
getSubscriptions
js.zi-scripts.com/unified/v1/master/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-34.zrh55.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.coalfire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
LJ7D1jgwPHcEPyg=
date
Tue, 12 Sep 2023 17:52:11 GMT
vary
Access-Control-Request-Headers
via
1.1 2177a1d449a3e8dc7269040f15d81cb0.cloudfront.net (CloudFront)
x-amz-cf-id
hgk5gZmkUu7AhEYNUEhcILA-fum4k8RxU5zn2bWt0GlFkBsHOkZfqg==
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
x-powered-by
Express
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1062&account_id=22732&title=404%20-%20Coalfire&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&referrer=&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923&utm_medium=email&utm_source=pardot
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
fd707a6d75140315f78f0c85d9fe96dcfc7f313dda81253d08d09199f50cdc69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 12 Sep 2023 17:52:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
549
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
ws.zoominfo.com/pixel/UmBXlQyFFtQFqDmHCTyq/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/UmBXlQyFFtQFqDmHCTyq/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ad071a6aae52457b424cd5f7b3b7b4b491a6f3ad144a1f12bc9b1b794c608339
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
_vtok
MTg1LjIxMy4xNTUuMTQx
_zitok
6969285fa82eaea7417a1694541131
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 12 Sep 2023 17:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://www.coalfire.com
access-control-allow-credentials
true
cf-ray
805a00bc89b72c37-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc
h3=":443"; ma=86400
/
ws.zoominfo.com/pixel/UmBXlQyFFtQFqDmHCTyq/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/UmBXlQyFFtQFqDmHCTyq/?iszitag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type
Access-Control-Request-Method
GET
Origin
https://www.coalfire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
access-control-allow-origin
https://www.coalfire.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
805a00bb9a74381c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Sep 2023 17:52:12 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
analytics
www2.coalfire.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.coalfire.com/analytics?conly=true&visitor_id=722436043&visitor_id_sign=0e89424cfca6f302b2546b1425d11cd93098cce08bd53d81f101a7c59994ed8e04eab35c4ff51e20f7faa52c09c478aeff08b69d&pi_opt_in=&campaign_id=1062&account_id=22732&title=404%20-%20Coalfire&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&referrer=&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923&utm_medium=email&utm_source=pardot
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1062&account_id=22732&title=404%20-%20Coalfire&url=https%3A%2F%2Fwww.coalfire.com%2Fc%2Fpentest%2Fpenrisk2023%2Freport%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3DPenTest_All_PenRisk_Rpt2023_Email1_0923&referrer=&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923&utm_medium=email&utm_source=pardot
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 12 Sep 2023 17:52:12 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
data.js
tags.clickagy.com/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by
Host: www.coalfire.com
URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7000:4:8491:f2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b4271027e46806719691a0dfc61a82fe4ea2b09df996a17005d9912a4ed8e15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
JOlib1fRCa8RmNX69B9aAMs7j3FJEws8
content-encoding
br
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
date
Tue, 12 Sep 2023 13:03:59 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-C2
age
17295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 26 Aug 2023 21:29:37 GMT
server
AmazonS3
etag
W/"fab8ca9363bb88ba327b1ea4a3ef7d74"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
6ua9H-dwGFKO1cCR6RwZpD7Ox1XKUk06PXBFadXkeYs4fuxFv0_EPw==
data
aorta.clickagy.com/ 		57 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aorta.clickagy.com/data
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.248.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-248-42.compute-1.amazonaws.com
Software
Aorta/20230817.d884ef624 /
Resource Hash
d468d100d4e82f994b64611147c149c56ffc7fab69059cbc1098248602ead1f9

Request headers

Referer
https://www.coalfire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Sep 2023 17:52:13 GMT
content-encoding
gzip
server
Aorta/20230817.d884ef624
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.coalfire.com
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
5cc5b13a59d9
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
82
usersync
pixel-sync.sitescout.com/connectors/clickagy/
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:d31bf8749be47249062f429aef3bc9f9&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:d31bf8749be47249062f429aef3bc9f9&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_U...
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=58617995446846946071024265169741884246
  • https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d31bf8749be47249062f429aef3bc9f9/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7...
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm=
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
Protocol
H2
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 12 Sep 2023 17:52:14 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

date
Tue, 12 Sep 2023 17:52:14 GMT
server
Aorta/20230817.d884ef624
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
location
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
5cc5b13a59d9
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
hasHashes
hemsync.clickagy.com/external/ 		2 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.101.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-101-237.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.coalfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:52:13 GMT
content-encoding
gzip
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.coalfire.com
access-control-expose-headers
content-length, last-modified, expires, content-type
access-control-allow-credentials
true
content-length
28

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer object| Bizible object| BizTrackingA object| BizA function| __import__ boolean| UC_UI_IS_RENDERED function| dynamicImportPolyfill object| Modernizr object| _gaq function| $ function| jQuery object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry string| piAId string| piCId object| respond object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| PM_Postback function| PM_Callback function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events boolean| isUnminified object| CommonToolkitScripts object| $common object| CMS function| WebForm_OnSubmit object| CF function| SetClickToCall undefined| slider undefined| reinitTimer undefined| currentMode function| ChangeTextPostion function| resizeColMd4 function| resizeVideoThumbs object| _vis_opt_queue object| LC_API object| jQuery111106646124711871395 object| UC_UI object| _gat object| gaGlobal object| google_tag_manager object| google_tag_data number| gtmPageLoadId string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| twq object| zi string| ZIProjectKey object| regeneratorRuntime object| twttr function| UET function| UET_init function| UET_push object| ueto_b4478159c9 object| uetq function| onYouTubeIframeAPIReady object| process object| gaplugins object| gaData function| lintrk boolean| _already_called_lintrk object| zitag function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse object| ziws function| _initClickagy

51 Cookies

Domain/Path Name / Value
www.coalfire.com/ Name: CMSPreferredCulture
Value: en-US
www.coalfire.com/ Name: CMSCsrfCookie
Value: XT3MkpNnFTZU8GM4EScnu/Q/yyav+M7z+k8y2md1
www.coalfire.com/ Name: ASP.NET_SessionId
Value: rsjfkfycgt3pritenon5exhg
.coalfire.com/ Name: _biz_uid
Value: 65d1db8037e54b7eadc75547eaf47635
.coalfire.com/ Name: _biz_sid
Value: 3f0390
.coalfire.com/ Name: _biz_nA
Value: 1
.bizible.com/ Name: _BUID
Value: 65d1db8037e54b7eadc75547eaf47635
.coalfire.com/ Name: __utma
Value: 116837012.231716712.1694541130.1694541130.1694541130.1
.coalfire.com/ Name: __utmc
Value: 116837012
.coalfire.com/ Name: __utmz
Value: 116837012.1694541130.1.1.utmcsr=pardot|utmccn=PenTest_All_PenRisk_Rpt2023_Email1_0923|utmcmd=email
.coalfire.com/ Name: __utmt
Value: 1
.bizibly.com/ Name: _BUID
Value: 8ab6d219c619c6af086e0bcea77a90b3
.coalfire.com/ Name: __utmb
Value: 116837012.1.10.1694541130
.coalfire.com/ Name: _biz_pendingA
Value: %5B%5D
www.coalfire.com/ Name: AWSALB
Value: nI4t30CwsUJ4WfDnmbIj07dJGE74ZpDuqS972LezzjyIIjA5211WR50k0HmGmlOkfNhbMkYILhACR6sInkujCz8EejjZog+6b3hTU7EsqLpM5oFG0Ibo2KES8pkB
www.coalfire.com/ Name: AWSALBCORS
Value: nI4t30CwsUJ4WfDnmbIj07dJGE74ZpDuqS972LezzjyIIjA5211WR50k0HmGmlOkfNhbMkYILhACR6sInkujCz8EejjZog+6b3hTU7EsqLpM5oFG0Ibo2KES8pkB
.coalfire.com/ Name: _uetsid
Value: 18a39fc0519511ee91835d992292c5aa
.coalfire.com/ Name: _uetvid
Value: 18a3c2e0519511eeaa866bfdf068416d
.coalfire.com/ Name: _ga_TJH13ST8WH
Value: GS1.1.1694541130.1.0.1694541130.0.0.0
.coalfire.com/ Name: _ga
Value: GA1.2.1466600106.1694541130
.coalfire.com/ Name: _gid
Value: GA1.2.1713205783.1694541130
.coalfire.com/ Name: _gat_UA-27111939-5
Value: 1
.coalfire.com/ Name: _gat_UA-27111939-7
Value: 1
.bing.com/ Name: MUID
Value: 2D600ABE5C0460C1208D19345D6F611B
.coalfire.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.t.co/ Name: muc_ads
Value: 9e05ec32-5a5c-466f-b9a0-e8b79661ea40
www.coalfire.com/ Name: ln_or
Value: eyIxNTAwNCI6ImQifQ%3D%3D
.twitter.com/ Name: personalization_id
Value: "v1_xugOQXNV56rdJZrioiGhSA=="
.linkedin.com/ Name: li_sugr
Value: 5fce6df7-5276-4038-8b91-086ea4ddd4aa
.linkedin.com/ Name: bcookie
Value: "v=2&1f78cec4-ed51-4061-814e-1ac6281a73bc"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3006:u=1:x=1:i=1694541130:t=1694627530:v=2:sig=AQF2QAm7t0N7PKwLAydX8o3zvyUKzJJz"
.linkedin.com/ Name: UserMatchHistory
Value: AQI1YRv71_IHMwAAAYqKhasD5bfEyy5cXZgkewC0wbKMBwzmL4p73s16mUbVo5l2vfsG1G5n9j8uCQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKa55H-V1DAyAAAAYqKhasDNkeKtjgycHfVopykH3AcdcoDk6Xerf-X3tz_uKPgaE4JvBtXAmUvvHbKbqDzpQ
.coalfire.com/ Name: FPAU
Value: 1.2.613963095.1694541131
.coalfire.com/ Name: FPID
Value: FPID1.2.x6AAAmHh1LJtI7e8n7x9ECo2M2QGvv5oduNg1NCJ30k%3D.1694541130
.coalfire.com/ Name: FPLC
Value: irG0UcvwZyStyCkNnvkHTyRMLwVCMBQ1TiSrtUuFAd%2BGqEpx5KbQj6rkFcjqCwgrHbVp4yUWbitTMyOD5w%2F5%2B2JrwxCeM7P%2B4bRlN2aTOqbBXHoheXtoGKu7F5TF7g%3D%3D
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230912175210763f11d6-a52d-4e11-8ee0-b1e8228227a5AQEl26ySmfoyF9FHoliFIbYTsan2AAN-"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTQ1NDExMzA7MjswMjEq0zbZCBGbMLZkU9v8ooXJaQHpabHMDjuaymNH+sVkRw==
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.www.coalfire.com/ Name: _zitok
Value: 6969285fa82eaea7417a1694541131
.pardot.com/ Name: visitor_id21732
Value: 722436043
.pardot.com/ Name: visitor_id21732-hash
Value: 0e89424cfca6f302b2546b1425d11cd93098cce08bd53d81f101a7c59994ed8e04eab35c4ff51e20f7faa52c09c478aeff08b69d
pi.pardot.com/ Name: lpv21732
Value: aHR0cHM6Ly93d3cuY29hbGZpcmUuY29tL2MvcGVudGVzdC9wZW5yaXNrMjAyMy9yZXBvcnQ%2FdXRtX3NvdXJjZT1wYXJkb3QmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249UGVuVGVzdF9BbGxfUGVuUmlza19ScHQyMDIzX0VtYWlsMV8wOTIz
www.coalfire.com/ Name: visitor_id21732
Value: 722436043
www.coalfire.com/ Name: visitor_id21732-hash
Value: 0e89424cfca6f302b2546b1425d11cd93098cce08bd53d81f101a7c59994ed8e04eab35c4ff51e20f7faa52c09c478aeff08b69d
www2.coalfire.com/ Name: visitor_id21732
Value: 722436043
www2.coalfire.com/ Name: visitor_id21732-hash
Value: 0e89424cfca6f302b2546b1425d11cd93098cce08bd53d81f101a7c59994ed8e04eab35c4ff51e20f7faa52c09c478aeff08b69d
.zoominfo.com/ Name: __cf_bm
Value: 9wzowLhQKxugU4HME0D9DV4r2uqldMJsi8xJV5gKkoM-1694541132-0-AXmJPgtkhf2EjHfEVH1Its0HeUheIjBkhW/2SO/eeXSklONkzKO1/DA5Wcj61PRGAokXOoRj9BtYU2seTv4FsOo=
.zoominfo.com/ Name: _cfuvid
Value: _f2bJriNUUqlwQMNe5rQPw1.08KIxa3Ap2g7.4phZ2I-1694541132390-0-604800000
.demdex.net/ Name: demdex
Value: 58617995446846946071024265169741884246
.dpm.demdex.net/ Name: dpm
Value: 58617995446846946071024265169741884246

1 Console Messages

Source Level URL
Text
network error URL: https://www.coalfire.com/c/pentest/penrisk2023/report?utm_source=pardot&utm_medium=email&utm_campaign=PenTest_All_PenRisk_Rpt2023_Email1_0923
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
aorta.clickagy.com
api.usercentrics.eu
app.usercentrics.eu
bat.bing.com
cdn.bizible.com
cdn.bizibly.com
cdn.linkedin.oribi.io
collect.coalfire.com
consent-api.service.consent.usercentrics.eu
dpm.demdex.net
googleads.g.doubleclick.net
graphql.usercentrics.eu
hemsync.clickagy.com
js.zi-scripts.com
maxcdn.bootstrapcdn.com
pi.pardot.com
pixel-sync.sitescout.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
ssl.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.crwdcntrl.net
t.co
tags.clickagy.com
uct.service.usercentrics.eu
ws.zoominfo.com
www.coalfire.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www2.coalfire.com
104.244.42.131
104.244.42.133
13.107.42.14
146.75.116.157
152.195.15.58
18.165.183.34
18.189.126.226
18.203.57.57
2001:4860:4802:34::15
2600:1901:0:1e38::
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2600:9000:211e:7000:4:8491:f2c0:93a1
2600:9000:26db:e000:2:53b2:240:93a1
2606:4700::6810:890f
2606:4700::6812:acf
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:400c:c04::9c
2a02:26f0:780::210:a423
3.92.120.28
3.94.248.42
34.194.101.237
34.95.108.180
52.211.144.29
98.98.134.241
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
02de7011c861174353741463bfa50c040236cf408e32e718f28d630d2a794dc1
0953086712fc42ce7a78b99f83a93ea38d9a6aacd1d55bc0a6f8951e55a0427f
0b4271027e46806719691a0dfc61a82fe4ea2b09df996a17005d9912a4ed8e15
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10eae1cbed8658eb296ce3ab7b32e6f53234c822caf691241a1ac20fe552eeaa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1e706f3dd4d9040f39c5778800da8d07d6bacd9d42f53b1973340b6be8a6d601
218ed771f77b90f6edf02e38181c6303eb2ec3e9e7e2a3ae932fb9885cde4b92
21d06dbdf2db238c20fadbc910aad8fb8611b69444e5214dec2706cfc4776178
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
351064c4585c86aa016649d1e4fde71419edc20a9b1d5c533679381aa0cde8d5
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3c5d98513ecc9d73f4b4c1664cca3683bce1e91b3b51a48641badd0f3154fb0b
3eb9136907c478f7cade82f3a908eab89b3ce25f8b76a50bd96f52b92e4ef5bc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
409e67050a48e6d35061568944465e103059094d0dd5fb88d6d506f6803f82f3
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
49e7e4526ff8e95c2a97049dda6cb7051e5bbd474981e3b4c2483e852b530ece
4a0e0c5931babc166aaca2c1a7ca666d4ca07fcd2579fbdd9163ad9b9273102b
4d667e6159d9d32473a8c3850a7da05b26d4c92885285d9fb7527578b601fd05
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5235a3f7fdf581c52be4c2b1540c4e13fd433298db6eb34cd35b0f17b6f474e5
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a061b73398cc441a08110dc39014ade72a132413ea449e3b38ea1b36933672
5c2208f81da1de3ce7aa221e5d1c530ac6c0d0f48f3ce5af617b86c2596a446f
5d1f17a805e51c2fc4fb792380df938df52b9c0796d029baf1c05a65a578400c
5d2a556ea02fcc5a15d61bf72db750806ac9a34d9a21a016dc13ce55d91125cf
6113c7a7b55ac26a9952be06bafc69b6a5a3e3f4748c4ae9927d17e5f4994ef6
6244449b7e181c47b1674736e30afb54b830673c4f7a4a15358cabce9e17b347
649a19b0312b61fcae12a8bf907e83314dfbbf1a41e8935123bb28c9b21d36f1
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
66d07a14c8b23fea5984edff84aee8145354e065953992bb215af906cb83a06f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3251cdcfa69e957afd47f9ca7873e140068f7662b95044a5ae3291b1fb9ab8
6e264347e0ba007435517809224a3d4c167dbefc312a84a847feade7cfaded93
732d84a1e85c52c0621163300e7ac0dbe700ff7841e5f7c7c3b4ac5753da69ee
73f54927a2249a304d2d3fea110b44ee59bca395abb7e8f504fbb05cb25306a2
7571165bf90a3af07d4017f0fedf9925d24613151add4e7402f319ca3d95cea2
789156caf1d31112bc736fe100df1c85d895df0663f305bf6b2423d1ee57e14a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7ba3401b7acffc7bfdd6273328b2bb6dd7ef909a94d5152607f9efae2100281c
83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
847f8e19eccd79ada556ff8e54e8c0f366d829ee40acc884b8847111e0ed85b2
88c4c27b1f0143e895c6964ef373284642816a887d0f3f61ded115acce51c6aa
8b4e83bfdcf41906929536087360e1c7c3936620997193773c224759ed8dd982
8ea17237fc12bcbbad4c16f8789840fac4b9ab881e93fc9ec08166468f1bec52
9365afa4d2eb8620a545c637aee28d4cb620c741deede525a39abc1cccf3c43e
96cc45661a421a0cef86c13b89e151be63d5397ad86431105dbd68e113fc8911
9b2ff274fec313e0397ea01bf4d57cabc1c50a05ee52a32e9ed48eb72748aea1
9d6285f5020d1971a6b0cc8c97df1ab2f42f4c9b00e12720aea59b6c88b2d1a8
9f14bd5a8d478749fec7908827e1543c62599f154a5dd875fab9e0fac61e9575
a06278bd18d2b2b3f3f6113c1ae2d1367f661da4834dba59595a48c7ea73dfc4
a0d5f91a5430829df5638fa69b85a6e361876d5499744cc724d01c342d944a75
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a698177c753565fce6a3e77f45164a698234f2197f71e605b2986eb8caa4deaa
a75d094caba33ac05120819a5fd16b225bcd6ceda6d4b507d6dac56d3bbd4320
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad071a6aae52457b424cd5f7b3b7b4b491a6f3ad144a1f12bc9b1b794c608339
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b2962d3370a8af51a2744b88b0297758072f5457780bc5d504fc7d6e6ad75193
b4c29a2320c4b4c717b8f2decfb353e18278d205281a91e81b678d88c56c909a
b524f4fd5f7e07ee4d6fcefc957e6906a28153286c61585aecfdeb6dc309fe6f
c1d88c3f43d79aede868b5f269df39558671aeef35949c08e64edfc50d891e46
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b
c901db9e6f8fefdd9f9460445a4c4963bdb4dab1d5841f0827ab66da9b0c984b
ca61f2ecdd14c962119c00d8eb5f4912e6b400b4817e41fd27a3765fec580c00
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf90393fb75b508d08edef4b520043e25c94840572f5f8beece1b8d36af0db79
d468d100d4e82f994b64611147c149c56ffc7fab69059cbc1098248602ead1f9
d4d19f0fb634296b2d6238acd844a6c6365e9ab8a88144b44d4e48b17ba9a0a6
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaad5d4323baa7b8253c466f77b7b70f641f5425cc9fb973ee59aca4a64ef2e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f000e4f33d19a4f2f25f4847cd9c6e0ea039882c89a7bb91eee8a364515e76ba
f862422b6e0e2beafcff010fda5ac8fbe766a5da2d38e028e3b4af8413ea44c2
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fbbb7c786fedf982daa720d6f45224954f874ebbcd96b7682a6d8ed6db8812e0
fd707a6d75140315f78f0c85d9fe96dcfc7f313dda81253d08d09199f50cdc69
fdca819eed878aa74b52c43b07ef775bde65457494c40a2228697a5fe298158d