Submitted URL: https://customer-staging.curiousnation.org/
Effective URL: https://ems.curiousnation.org/identities/sign_in
Submission: On September 10 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 13.32.143.110, located in United States and belongs to AMAZON-02, US. The main domain is ems.curiousnation.org.
TLS certificate: Issued by Amazon on May 8th 2021. Valid for: a year.
This is the only time ems.curiousnation.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 54.204.238.15 14618 (AMAZON-AES)
1 4 13.32.143.110 16509 (AMAZON-02)
5 13.32.143.65 16509 (AMAZON-02)
1 23.37.34.201 16625 (AKAMAI-AS)
1 151.101.114.137 54113 (FASTLY)
1 162.247.243.147 13335 (CLOUDFLAR...)
11 5
Domain Requested by
5 assets.curiousnation.org ems.curiousnation.org
assets.curiousnation.org
4 ems.curiousnation.org 1 redirects ems.curiousnation.org
2 customer-staging.curiousnation.org 2 redirects
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com ems.curiousnation.org
1 cloud.typography.com assets.curiousnation.org
11 6

This site contains links to these domains. Also see Links.

Domain
help.wearehearken.com
ems.wearehearken.eu
medium.com
wearehearken.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
curiousnation.org
Amazon
2021-05-08 -
2022-06-06
a year crt.sh
*.typography.com
DigiCert SHA2 Secure Server CA
2021-05-27 -
2022-06-01
a year crt.sh
*.newrelic.com
R3
2021-07-19 -
2021-10-17
3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh

This page contains 1 frames:

Primary Page: https://ems.curiousnation.org/identities/sign_in
Frame ID: F4401C929031F009146FB8995D03434E
Requests: 11 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://customer-staging.curiousnation.org/ HTTP 301
    https://customer-staging.curiousnation.org/admin/overview HTTP 302
    https://ems.curiousnation.org/admin/overview HTTP 302
    https://ems.curiousnation.org/identities/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

121 kB
Transfer

417 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://customer-staging.curiousnation.org/ HTTP 301
    https://customer-staging.curiousnation.org/admin/overview HTTP 302
    https://ems.curiousnation.org/admin/overview HTTP 302
    https://ems.curiousnation.org/identities/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sign_in
ems.curiousnation.org/identities/
Redirect Chain
  • https://customer-staging.curiousnation.org/
  • https://customer-staging.curiousnation.org/admin/overview
  • https://ems.curiousnation.org/admin/overview
  • https://ems.curiousnation.org/identities/sign_in
17 KB
7 KB
Document
General
Full URL
https://ems.curiousnation.org/identities/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-110.hel50.r.cloudfront.net
Software
Cowboy /
Resource Hash
2aef968ce78a6a96b69cfea4c0ab853f01ddecf05634292d933d1744e13fa86b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ems.curiousnation.org
:scheme
https
:path
/identities/sign_in
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
_hearken_session=SkNCL2t3ZjZPZWQ4U0tZbE0wYk9QMktwLzBkMDEyYWNFc2w0dUY0cHNEN1Zld3VibHdyKy9BWm5jYUxwSVN5S3hpZ1h0NUdDbUpzLytsVU9IU1dCZWNwKzBhREdTU1NXUSsyKzhTdVBMWmtnczRLSjlWaGZNcFdEWWt3c1JQakd6WHUrbHZpbTZwNnBUVjR6TGNOZU9JZ1l3a0MvSEd6YjI0KzgySWp5Zjd2M2xMd09yQXBYSGoxVjlTVllPWTUrNm1qTkZrNkNuQzBzYk9nMUM2TzlGTlFjRDdoaTRCc2xUYzZqTnZEOStJRlcybzdMVXU3aE5tQ1JydW9oNmJKT2p3ZndpODdmaWVPeWpmMkVCQ2xydk9HVmNDYmlGVWVReE5MQnlzOVNwOU9SSU0xSVlUWVpmeEhnNUFwc0dXVlBBd2p3TlFBWEhjZm1Lc2JBK2tqekJ6ZGZzajJuZ0t2ZGt2S05BZkRWZjZvPS0taWd1Y05kYTNiU0dzYUhkVXdEZGtnUT09--e57af683830ecc4db1384f1daa28cd4983848708
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
Cowboy
date
Fri, 10 Sep 2021 00:14:08 GMT
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
etag
W/"2c1b558c82151ae2536cd3f396eec35a"
cache-control
max-age=0, private, must-revalidate
set-cookie
_hearken_session=YnUrbDVnRUVlUUZwYnB5cjZ3VnFQNlZYUm0vdkplY05QY3ljYlRNcEtuQUkzZHFVNHcvb0hsQVkzR0VnMSt5WGI5Z1R3UndYdnM0SzlvdXJlQm42OFl0WFVaNDBERXlMdjZFMWdYYStmcWNzUHh3OXROa3E4emsveWJZZVQrV2paa1U0ZngreGpESHNUOVlyVVRqYVY5VlBZMjRrVzhnbXVUYkJ4b21RVG84a1BNbmRoKzRwZzhZZUlmOStxVTBHK3NubEI4R2p3OGVSWS9TQ00yWDJucm54OStOOGRuOXpreHh3STloQUszU2ozUUk4d2wwNDZybHoxa0xzcnpTcC0teDJIUUh5SmpQTVJJV0duKzUvdWdmdz09--314221a7cd0468f69719ba223daff64c8879b8ab; path=/; HttpOnly
x-request-id
afdbe3f2-b3bb-49d4-b4b1-8c4a99cf20fe
x-runtime
0.030173
via
1.1 vegur, 1.1 6a3cc273c6d3056526b53421b6dd28ea.cloudfront.net (CloudFront)
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
JVENbV9ekE7yWpbr8eiyi0PPEDI4V81i73OirFelS2T2JOcBVilZgQ==

Redirect headers

content-type
text/html; charset=utf-8
location
https://ems.curiousnation.org/identities/sign_in
server
Cowboy
date
Fri, 10 Sep 2021 00:14:08 GMT
cache-control
no-cache
set-cookie
_hearken_session=SkNCL2t3ZjZPZWQ4U0tZbE0wYk9QMktwLzBkMDEyYWNFc2w0dUY0cHNEN1Zld3VibHdyKy9BWm5jYUxwSVN5S3hpZ1h0NUdDbUpzLytsVU9IU1dCZWNwKzBhREdTU1NXUSsyKzhTdVBMWmtnczRLSjlWaGZNcFdEWWt3c1JQakd6WHUrbHZpbTZwNnBUVjR6TGNOZU9JZ1l3a0MvSEd6YjI0KzgySWp5Zjd2M2xMd09yQXBYSGoxVjlTVllPWTUrNm1qTkZrNkNuQzBzYk9nMUM2TzlGTlFjRDdoaTRCc2xUYzZqTnZEOStJRlcybzdMVXU3aE5tQ1JydW9oNmJKT2p3ZndpODdmaWVPeWpmMkVCQ2xydk9HVmNDYmlGVWVReE5MQnlzOVNwOU9SSU0xSVlUWVpmeEhnNUFwc0dXVlBBd2p3TlFBWEhjZm1Lc2JBK2tqekJ6ZGZzajJuZ0t2ZGt2S05BZkRWZjZvPS0taWd1Y05kYTNiU0dzYUhkVXdEZGtnUT09--e57af683830ecc4db1384f1daa28cd4983848708; path=/; HttpOnly
x-request-id
4bd8ccc6-71eb-474a-80ca-db2b59f9a418
x-runtime
0.018095
via
1.1 vegur, 1.1 6a3cc273c6d3056526b53421b6dd28ea.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
1PGgaUg6A5CQ_-ZpTlFoTZg_3Mv5jERTVJcV7OZJZKHN4eBEwwos0Q==
index-4a6dbaa0b88f048006cd6d2850cf89975d481d8e5d5f2323423df9d96587ee1b.css
assets.curiousnation.org/production/assets/admin/
205 KB
25 KB
Stylesheet
General
Full URL
https://assets.curiousnation.org/production/assets/admin/index-4a6dbaa0b88f048006cd6d2850cf89975d481d8e5d5f2323423df9d96587ee1b.css
Requested by
Host: ems.curiousnation.org
URL: https://ems.curiousnation.org/identities/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-65.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a6dbaa0b88f048006cd6d2850cf89975d481d8e5d5f2323423df9d96587ee1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ems.curiousnation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 10 Sep 2021 00:14:10 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 01:21:19 GMT
server
AmazonS3
x-amz-cf-pop
HEL50-C2
etag
W/"ca9b7090a2c21d859e86a00558b09eb8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 9267231a1fec2f141a931c8dc694fe1d.cloudfront.net (CloudFront)
cache-control
max-age=31556952
x-amz-cf-id
d7b8y1ZESGN89vFZclDcEEOA8wjVddOc5_zo9lfWmrqH6CSWMuOCsg==
cookieconfirm-a649f0c62deee411c405485fcd9d4e3b44e01e678859d81a9f9346da0fdda191.js
assets.curiousnation.org/production/assets/
1 KB
1016 B
Script
General
Full URL
https://assets.curiousnation.org/production/assets/cookieconfirm-a649f0c62deee411c405485fcd9d4e3b44e01e678859d81a9f9346da0fdda191.js
Requested by
Host: ems.curiousnation.org
URL: https://ems.curiousnation.org/identities/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-65.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a649f0c62deee411c405485fcd9d4e3b44e01e678859d81a9f9346da0fdda191

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ems.curiousnation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 10 Sep 2021 00:14:10 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 21:21:16 GMT
server
AmazonS3
x-amz-cf-pop
HEL50-C2
etag
W/"844e9a66077a9e703df40e20c10ccf74"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 9267231a1fec2f141a931c8dc694fe1d.cloudfront.net (CloudFront)
cache-control
max-age=31556952
x-amz-cf-id
RzDtEuMH3K08pVjg2Wnsdn-72sQHtI3AXT5BhWdn96N1jy7-P_Ep5Q==
jquery-8ddc89fb55e1e02e850bc79b3fedea21be380e58193a724f527057369c0b66ee.js
assets.curiousnation.org/production/assets/ext/jquery/1.11.2/
94 KB
33 KB
Script
General
Full URL
https://assets.curiousnation.org/production/assets/ext/jquery/1.11.2/jquery-8ddc89fb55e1e02e850bc79b3fedea21be380e58193a724f527057369c0b66ee.js
Requested by
Host: ems.curiousnation.org
URL: https://ems.curiousnation.org/identities/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-65.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ddc89fb55e1e02e850bc79b3fedea21be380e58193a724f527057369c0b66ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ems.curiousnation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 10 Sep 2021 00:14:10 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 21:21:16 GMT
server
AmazonS3
x-amz-cf-pop
HEL50-C2
etag
W/"9e303102c54c74f595c8b2ff647b4d3e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 9267231a1fec2f141a931c8dc694fe1d.cloudfront.net (CloudFront)
cache-control
max-age=31556952
x-amz-cf-id
-EjKBJRDRgCYSi35JatHYkZd7IAGA1ogapmObzsJpLVFoE6guDX9Yw==
admin-application-6d2dcf4d1f10c5941f4ccb1f1eb8deb4bbf2eea15939c7459ab75d9a19f8cac2.js
assets.curiousnation.org/production/assets/
43 KB
14 KB
Script
General
Full URL
https://assets.curiousnation.org/production/assets/admin-application-6d2dcf4d1f10c5941f4ccb1f1eb8deb4bbf2eea15939c7459ab75d9a19f8cac2.js
Requested by
Host: ems.curiousnation.org
URL: https://ems.curiousnation.org/identities/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-65.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d2dcf4d1f10c5941f4ccb1f1eb8deb4bbf2eea15939c7459ab75d9a19f8cac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ems.curiousnation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 10 Sep 2021 00:14:10 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 21:21:14 GMT
server
AmazonS3
x-amz-cf-pop
HEL50-C2
etag
W/"e5c0007b9b13ae4f952ed85a70af48c6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 9267231a1fec2f141a931c8dc694fe1d.cloudfront.net (CloudFront)
cache-control
max-age=31556952
x-amz-cf-id
XyFcVU4y1aJk3KvrnGUTNTcfdn2lbq-Wt7wtj0uRaRgr_EubLQSs1w==
logo.png
ems.curiousnation.org/img/
10 KB
10 KB
Image
General
Full URL
https://ems.curiousnation.org/img/logo.png
Requested by
Host: ems.curiousnation.org
URL: https://ems.curiousnation.org/identities/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-110.hel50.r.cloudfront.net
Software
Cowboy /
Resource Hash
2b4a6af45a894ed5e158ad7b09fcf0dc81dfb407739009d69059b9dc925b894e

Request headers

:path
/img/logo.png
pragma
no-cache
cookie
_hearken_session=YnUrbDVnRUVlUUZwYnB5cjZ3VnFQNlZYUm0vdkplY05QY3ljYlRNcEtuQUkzZHFVNHcvb0hsQVkzR0VnMSt5WGI5Z1R3UndYdnM0SzlvdXJlQm42OFl0WFVaNDBERXlMdjZFMWdYYStmcWNzUHh3OXROa3E4emsveWJZZVQrV2paa1U0ZngreGpESHNUOVlyVVRqYVY5VlBZMjRrVzhnbXVUYkJ4b21RVG84a1BNbmRoKzRwZzhZZUlmOStxVTBHK3NubEI4R2p3OGVSWS9TQ00yWDJucm54OStOOGRuOXpreHh3STloQUszU2ozUUk4d2wwNDZybHoxa0xzcnpTcC0teDJIUUh5SmpQTVJJV0duKzUvdWdmdz09--314221a7cd0468f69719ba223daff64c8879b8ab
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ems.curiousnation.org
referer
https://ems.curiousnation.org/identities/sign_in
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ems.curiousnation.org/identities/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:14:10 GMT
via
1.1 vegur, 1.1 6a3cc273c6d3056526b53421b6dd28ea.cloudfront.net (CloudFront)
last-modified
Mon, 06 Sep 2021 21:47:42 GMT
server
Cowboy
x-amz-cf-pop
HEL50-C2
x-cache
Miss from cloudfront
content-type
image/png
content-length
9751
x-amz-cf-id
q_r5wmQZQfi8ov82knjxTukIVnNiQYFfSIS0gKvOREDEEc9sEc54sg==
footer-logo.png
ems.curiousnation.org/img/
2 KB
3 KB
Image
General
Full URL
https://ems.curiousnation.org/img/footer-logo.png
Requested by
Host: ems.curiousnation.org
URL: https://ems.curiousnation.org/identities/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-110.hel50.r.cloudfront.net
Software
Cowboy /
Resource Hash
94ff4c672948f82c66e3295d7dcaf0f797c6f2474d5ece2e711c24f3fc618ad1

Request headers

:path
/img/footer-logo.png
pragma
no-cache
cookie
_hearken_session=YnUrbDVnRUVlUUZwYnB5cjZ3VnFQNlZYUm0vdkplY05QY3ljYlRNcEtuQUkzZHFVNHcvb0hsQVkzR0VnMSt5WGI5Z1R3UndYdnM0SzlvdXJlQm42OFl0WFVaNDBERXlMdjZFMWdYYStmcWNzUHh3OXROa3E4emsveWJZZVQrV2paa1U0ZngreGpESHNUOVlyVVRqYVY5VlBZMjRrVzhnbXVUYkJ4b21RVG84a1BNbmRoKzRwZzhZZUlmOStxVTBHK3NubEI4R2p3OGVSWS9TQ00yWDJucm54OStOOGRuOXpreHh3STloQUszU2ozUUk4d2wwNDZybHoxa0xzcnpTcC0teDJIUUh5SmpQTVJJV0duKzUvdWdmdz09--314221a7cd0468f69719ba223daff64c8879b8ab
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ems.curiousnation.org
referer
https://ems.curiousnation.org/identities/sign_in
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ems.curiousnation.org/identities/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:14:10 GMT
via
1.1 vegur, 1.1 6a3cc273c6d3056526b53421b6dd28ea.cloudfront.net (CloudFront)
last-modified
Mon, 06 Sep 2021 21:47:42 GMT
server
Cowboy
x-amz-cf-pop
HEL50-C2
x-cache
Miss from cloudfront
content-type
image/png
content-length
2504
x-amz-cf-id
RBUeVl2d4L7JoqSZrNNtj0qNINIJtAM1Q88ujFilC6RJrkxaU4wVNQ==
fonts.css
cloud.typography.com/7838894/7727412/css/
0
0
Stylesheet
General
Full URL
https://cloud.typography.com/7838894/7727412/css/fonts.css
Requested by
Host: assets.curiousnation.org
URL: https://assets.curiousnation.org/production/assets/admin/index-4a6dbaa0b88f048006cd6d2850cf89975d481d8e5d5f2323423df9d96587ee1b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.34.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-34-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.curiousnation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ems-icons-f9f30127d7a6bcad63bf247bfaa4c428582fb83202a5821f66aa9ea33afbd40e.woff
assets.curiousnation.org/production/assets/admin/fonts/
14 KB
15 KB
Font
General
Full URL
https://assets.curiousnation.org/production/assets/admin/fonts/ems-icons-f9f30127d7a6bcad63bf247bfaa4c428582fb83202a5821f66aa9ea33afbd40e.woff
Requested by
Host: assets.curiousnation.org
URL: https://assets.curiousnation.org/production/assets/admin/index-4a6dbaa0b88f048006cd6d2850cf89975d481d8e5d5f2323423df9d96587ee1b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-65.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9f30127d7a6bcad63bf247bfaa4c428582fb83202a5821f66aa9ea33afbd40e

Request headers

Referer
https://assets.curiousnation.org/production/assets/admin/index-4a6dbaa0b88f048006cd6d2850cf89975d481d8e5d5f2323423df9d96587ee1b.css
Origin
https://ems.curiousnation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 10 Sep 2021 00:14:13 GMT
via
1.1 1be9b204bafba40c329df0fd4961700e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Sep 2021 21:21:12 GMT
server
AmazonS3
x-amz-cf-pop
HEL50-C2
etag
"7de07076aa155d24f6040e7f9f957100"
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31556952
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
14516
x-amz-cf-id
MvtV-98jGyefrTnnJYx7a7dA2NfpGHBYBosf20pRbLBGven746nIRw==
nr-1210.min.js
js-agent.newrelic.com/
31 KB
12 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: ems.curiousnation.org
URL: https://ems.curiousnation.org/identities/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ems.curiousnation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
3700EJ4ZWWQ4P78Z
x-cache
HIT
content-length
11781
x-amz-id-2
WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by
cache-hhn4049-HHN
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1631232853.920096,VS0,VE0
date
Fri, 10 Sep 2021 00:14:12 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1484
7d8c889e2f
bam-cell.nr-data.net/1/
49 B
938 B
Script
General
Full URL
https://bam-cell.nr-data.net/1/7d8c889e2f?a=32557621&v=1210.e2a3f80&to=IA1cRBcKDwlURxcLUgYMRlkRDAYWHkZdEUUKDVxDSgsGEg%3D%3D&rst=5428&ck=1&ref=https://ems.curiousnation.org/identities/sign_in&qt=3&ap=29&be=1814&fe=5304&dc=4214&perf=%7B%22timing%22:%7B%22of%22:1631232847506,%22n%22:0,%22f%22:1557,%22dn%22:1557,%22dne%22:1557,%22c%22:1557,%22ce%22:1557,%22rq%22:1558,%22rp%22:1787,%22rpe%22:1788,%22dl%22:1791,%22di%22:4214,%22ds%22:4214,%22de%22:4246,%22dc%22:5304,%22l%22:5304,%22le%22:5406%7D,%22navigation%22:%7B%7D%7D&fp=4263&fcp=4263&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ems.curiousnation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:14:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlRTDgYDU1lVFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoHC1MKUnRMB05WAhtDUwZdAgFXBFVSBw5UUgMEBUBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
68c474733dad3317-CDG

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require object| HearkenCookieAcceptance function| $ function| jQuery function| fill_in_form_with_json function| collect_form_data_as_hash function| initialize_admin_modal function| flash_element function| getAllQueryStringParams function| getOneQueryStringParam function| cookiesAllowed function| cookiesDisallowed object| QuestionFilterHelpers object| ObjectInListHelpers object| jQuery1112030862540800460336 object| WorkingSpinnerHelpers object| TwistyHelpers object| adminModal object| FlashMessageHelpers object| ToggleClassHelpers object| QuestionsForVotingRoundSelectionHelpers

2 Cookies

Domain/Path Name / Value
customer-staging.curiousnation.org/ Name: _hearken_session
Value: elNwenRDUjIwcldnbkErR0thZzFvWVNVenZBV21zQVRYNmt2ZTY2ODcyaGU4MHVoaGZGZ0ZBU3NHT0ZQOGlmcEdPUkJFSERnK0RxV2lOMjdqRTBaRWgwaXNoM3NVb1BISWhVZW94RThQR29iMDE2aUl4K3BRd3hCUExTVE1oa1d0eTd2L2x1MVFsK3AxUHkwWUpzSEVRPT0tLWk0ZWJZSEdGRW43dkoyc2ljVUh2c2c9PQ%3D%3D--cef6619b6b77c4dfc494683256a7626d374e36af
ems.curiousnation.org/ Name: _hearken_session
Value: YnUrbDVnRUVlUUZwYnB5cjZ3VnFQNlZYUm0vdkplY05QY3ljYlRNcEtuQUkzZHFVNHcvb0hsQVkzR0VnMSt5WGI5Z1R3UndYdnM0SzlvdXJlQm42OFl0WFVaNDBERXlMdjZFMWdYYStmcWNzUHh3OXROa3E4emsveWJZZVQrV2paa1U0ZngreGpESHNUOVlyVVRqYVY5VlBZMjRrVzhnbXVUYkJ4b21RVG84a1BNbmRoKzRwZzhZZUlmOStxVTBHK3NubEI4R2p3OGVSWS9TQ00yWDJucm54OStOOGRuOXpreHh3STloQUszU2ozUUk4d2wwNDZybHoxa0xzcnpTcC0teDJIUUh5SmpQTVJJV0duKzUvdWdmdz09--314221a7cd0468f69719ba223daff64c8879b8ab

1 Console Messages

Source Level URL
Text
network error URL: https://cloud.typography.com/7838894/7727412/css/fonts.css
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block