Welcome to HFC ALLOCATION
We are a confidentiality focused marketplace for legitimate parties to make deals on AIM Credit Transfers as well collaborate to have others import for you or offer your credits to import for parties.
The name of the game is Trust
Everyone is Vetted
We manually approve each member request to ensure only legitimate parties are members
Total Anonymity
No one knows or can determine who anyone is unless you tell them who you are
Communicate in Total Privacy
As owners of the platform we can only see that parties communicated but cannot see any of the context of their discussions
Everyone is Vetted
We manually approve each member request
to ensure only legitimate parties are members
Total Anonymity
No one knows or can determine who anyone
is unless you tell them who you are
Communicate in Total Privacy
As owners of the platform we can only see that parties communicated but cannot see any of the context of their discussions
Middle Man Services
Have you made a deal in the general terms through the chat and want to make sure the other party doesn’t back out or change terms when they learn who you are, let us help.
Middle Man Services
Have you made a deal in the general terms through the chat and want to make sure the other party doesn’t back out or change terms when they learn who you are, let us help.
4 simple acronyms
WTS
Willing to sell credits or HFCs.
WTB
Willing to Buy credits or HFCs.
INI
In Need of Import – want someone to be importer of record for you.
ATI
Able to Import – Do you have credits and can be importer of Record for others.
WTS
Willing to sell credits or HFCs.
WTB
Willing to Buy credits or HFCs.
INI
In Need of Import – want someone to be importer of record for you.
ATI
Able to Import – Do you have credits and can be importer of Record for others.
Confidential Communication is Key
FREQUENTLY ASKED QUESTIONS
The frontend is using VueJS 3 and is compiled & minified.
The whole web application is MVC based, with frontend making requests to backend secured API. The application consists of two frontends + two backends integrated as a single web application. The first web application stays in front of the second while the second web application is used only by authenticated (logged in) users only. Splitting the front side from the backbone of the website introduces further difficulties for all malicious users.
User passwords are stored using a custom variation of salted BCrypt hashing algorithm.
Emails are completely anonymous via a special anonymization service which serves as the middleman email relay, that guarantees that your email can not be tracked by any means. The anonymous email relay service is completely separated and isolated from the website’s server and is totally independent.
Our webserver is using latest Apache 2.4.59 with included ModSecurity and suExec as first-line defense.
All network requests are monitored by integrated WAF (Firewall) that applies specific rules and can restrict malicious attacks via temporary or permanent IP bans.
There are also dedicated IDS (Intrusion detection systems) and IPS (intrusion prevention systems) to log all potential security related incidents.
Regular backups are done to prevent data loss.
Latest PHP 8 version is used with its latest security patches.
User data is protected by a SSL certificate issued by https://www.alphassl.com/ using SHA256RSA algorithm.
- TLS (Transport Layer Security)
- SSL (Secure Sockets Layer)
- HTTPS (Hypertext Transfer Protocol Secure)
We are using the latest Laravel framework which includes security patches against SQL Injections and XSS security vulnerabilities. All forms are secured by CSRF tokens.