urlscan.io logo urlscan.io
SecurityTrails logo

jndwymv.vxewebjsxmla.hath.network Open in urlscan Pro
129.146.245.219  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jndwymv.vxewebjsxmla.hath.network/
Effective URL: https://jndwymv.vxewebjsxmla.hath.network/
Submission: On July 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 129.146.245.219, located in Phoenix, United States and belongs to ORACLE-BMC-31898, US. The main domain is jndwymv.vxewebjsxmla.hath.network.
TLS certificate: Issued by R3 on May 25th 2024. Valid for: 3 months.
This is the only time jndwymv.vxewebjsxmla.hath.network was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 129.146.245.219 31898 (ORACLE-BM...)
2 172.67.171.38 13335 (CLOUDFLAR...)
11 3
Domain Requested by
2 docs.cnss.io jndwymv.vxewebjsxmla.hath.network
1 jndwymv.vxewebjsxmla.hath.network
0 www.googletagmanager.com Failed jndwymv.vxewebjsxmla.hath.network
11 3

This site contains links to these domains. Also see Links.

Domain
docs.cnss.io
github.com
gitter.im
poeditor.com
Subject Issuer Validity Valid
cnss.io
R3		 2024-05-25 -
2024-08-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://jndwymv.vxewebjsxmla.hath.network/
Frame ID: 7B643CAAE0D068FAFF530C175EB321E6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CodiMD - Gemeinschaftliche Markdown Notizen

Page URL History Show full URLs

  1. http://jndwymv.vxewebjsxmla.hath.network/ HTTP 307
    https://jndwymv.vxewebjsxmla.hath.network/ Page URL

Page Statistics

11
Requests

18 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

377 kB
Transfer

374 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jndwymv.vxewebjsxmla.hath.network/ HTTP 307
    https://jndwymv.vxewebjsxmla.hath.network/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jndwymv.vxewebjsxmla.hath.network/
Redirect Chain
  • http://jndwymv.vxewebjsxmla.hath.network/
  • https://jndwymv.vxewebjsxmla.hath.network/
15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jndwymv.vxewebjsxmla.hath.network/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
129.146.245.219 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.23.0 / Express
Resource Hash
87fafb5906b43100d0f6db2b7b0b5749d2700041bfe91c1f848e82b7612f3020
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-843fc76a-7bbe-4b38-a50d-18bb00a3756b' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='; img-src * data:; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com; font-src 'self' data: https://public.slidesharecdn.com https://*.disquscdn.com; object-src *; media-src *; child-src *; connect-src *
Strict-Transport-Security max-age=31536000; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

codimd-version
2.4.1
content-security-policy
default-src 'self'; script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-843fc76a-7bbe-4b38-a50d-18bb00a3756b' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='; img-src * data:; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com; font-src 'self' data: https://public.slidesharecdn.com https://*.disquscdn.com; object-src *; media-src *; child-src *; connect-src *
content-type
text/html; charset=utf-8
date
Mon, 01 Jul 2024 04:44:14 GMT
referrer-policy
same-origin
server
nginx/1.23.0
strict-transport-security
max-age=31536000; preload max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
Express

Redirect headers

Location
https://jndwymv.vxewebjsxmla.hath.network/
Non-Authoritative-Reason
HttpsUpgrades
screenshot.png
docs.cnss.io/ 		358 KB
359 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://docs.cnss.io/screenshot.png
Requested by
Host: jndwymv.vxewebjsxmla.hath.network
URL: https://jndwymv.vxewebjsxmla.hath.network/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8e36b883e6043278c97a503a081a934f64e06cef3d8cba65545b9f5ad269a429
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-8ec3b8f3-21c9-4997-a433-3a5799bdbdee' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='; img-src * data:; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com; font-src 'self' data: https://public.slidesharecdn.com https://*.disquscdn.com; object-src *; media-src *; child-src *; connect-src *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:44:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-8ec3b8f3-21c9-4997-a433-3a5799bdbdee' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='; img-src * data:; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com; font-src 'self' data: https://public.slidesharecdn.com https://*.disquscdn.com; object-src *; media-src *; child-src *; connect-src *
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
366447
referrer-policy
same-origin
last-modified
Mon, 05 Jul 2021 09:34:09 GMT
server
cloudflare
etag
W/"5976f-17a76049268"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1JQl5feYEsnUdNzm%2BZWQN1tjul4iN6ctnphOizIla6BLrZy7qKqx0ciHDcsX0j89eXHY07OVJkjOZEUID2Krzw3OJPE7Ol42u4DJZ5rIjH2YkKqep1v05s7zuSlZj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
89c3bd5d7a1d18d9-FRA
priority
u=2,i
font.css
docs.cnss.io/css/ 		0
0
fork-awesome.min.css
docs.cnss.io/build/fork-awesome/css/ 		0
0
cover-styles-pack.css
docs.cnss.io/build/ 		0
0
cover.css
docs.cnss.io/build/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
config
docs.cnss.io/ 		0
0
common.1349a0316c4d8448fc8a.js
docs.cnss.io/build/ 		0
0
cover-pack.97360d007dee48c4aeb4.js
docs.cnss.io/build/ 		0
0
favicon.png
docs.cnss.io/ 		725 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://docs.cnss.io/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d8b6d5022c9036bee6da38436db7dba4b1551ad1e0baf9c79f9facf9d8c98abd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-cf56dcee-42b1-4b53-947b-8431cf4e52e4' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='; img-src * data:; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com; font-src 'self' data: https://public.slidesharecdn.com https://*.disquscdn.com; object-src *; media-src *; child-src *; connect-src *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 04:44:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-cf56dcee-42b1-4b53-947b-8431cf4e52e4' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='; img-src * data:; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com; font-src 'self' data: https://public.slidesharecdn.com https://*.disquscdn.com; object-src *; media-src *; child-src *; connect-src *
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
725
referrer-policy
same-origin
last-modified
Mon, 05 Jul 2021 09:34:09 GMT
server
cloudflare
etag
W/"2d5-17a76049268"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2Bl0haB4CgwW%2B%2FymO%2B5JWFvi%2FurhkxYgLjYK4l56mhiiMLBxArYPri6MuzKOYyhz16j5yeF5PmHCr9gDTlP6GVGmF3OrSApH0JGWr0BYIIxuCdi13pcAvxB3C42NFgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
89c3bd659a2118d9-FRA
priority
u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
docs.cnss.io
URL
https://docs.cnss.io/css/font.css
Domain
docs.cnss.io
URL
https://docs.cnss.io/build/fork-awesome/css/fork-awesome.min.css
Domain
docs.cnss.io
URL
https://docs.cnss.io/build/cover-styles-pack.css
Domain
docs.cnss.io
URL
https://docs.cnss.io/build/cover.css
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-82055456-6
Domain
docs.cnss.io
URL
https://docs.cnss.io/config
Domain
docs.cnss.io
URL
https://docs.cnss.io/build/common.1349a0316c4d8448fc8a.js
Domain
docs.cnss.io
URL
https://docs.cnss.io/build/cover-pack.97360d007dee48c4aeb4.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Domain/Path Name / Value
jndwymv.vxewebjsxmla.hath.network/ Name: connect.sid
Value: s%3Atpkt0_MMmqi14ZkF0eNSn_FjGyDcNeAa.%2BolY9ZXWrQaQqX%2B9JGVCvfhkfLq1gCvil3NGpHZVCMY

10 Console Messages

Source Level URL
Text
security error URL: https://jndwymv.vxewebjsxmla.hath.network/(Line 16)
Message:
Refused to load the stylesheet 'https://docs.cnss.io/css/font.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://jndwymv.vxewebjsxmla.hath.network/(Line 17)
Message:
Refused to load the stylesheet 'https://docs.cnss.io/build/fork-awesome/css/fork-awesome.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://jndwymv.vxewebjsxmla.hath.network/(Line 18)
Message:
Refused to load the stylesheet 'https://docs.cnss.io/build/cover-styles-pack.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://jndwymv.vxewebjsxmla.hath.network/(Line 18)
Message:
Refused to load the stylesheet 'https://docs.cnss.io/build/cover.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://jndwymv.vxewebjsxmla.hath.network/
Message:
Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=UA-82055456-6' because it violates the following Content Security Policy directive: "script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-843fc76a-7bbe-4b38-a50d-18bb00a3756b' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://jndwymv.vxewebjsxmla.hath.network/(Line 21)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-843fc76a-7bbe-4b38-a50d-18bb00a3756b' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='". Either the 'unsafe-inline' keyword, a hash ('sha256-zX2hNpP3zInd3udpcvb8MJienI+xiIr+SDD90xpXDc0='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://jndwymv.vxewebjsxmla.hath.network/
Message:
Refused to load the script 'https://docs.cnss.io/config' because it violates the following Content Security Policy directive: "script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-843fc76a-7bbe-4b38-a50d-18bb00a3756b' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://jndwymv.vxewebjsxmla.hath.network/
Message:
Refused to load the script 'https://docs.cnss.io/build/common.1349a0316c4d8448fc8a.js' because it violates the following Content Security Policy directive: "script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-843fc76a-7bbe-4b38-a50d-18bb00a3756b' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://jndwymv.vxewebjsxmla.hath.network/
Message:
Refused to load the script 'https://docs.cnss.io/build/cover-pack.97360d007dee48c4aeb4.js' because it violates the following Content Security Policy directive: "script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-843fc76a-7bbe-4b38-a50d-18bb00a3756b' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
recommendation verbose URL: https://jndwymv.vxewebjsxmla.hath.network/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' vimeo.com https://gist.github.com www.slideshare.net https://query.yahooapis.com 'unsafe-eval' https://disqus.com https://*.disqus.com https://*.disquscdn.com https://www.google-analytics.com 'nonce-843fc76a-7bbe-4b38-a50d-18bb00a3756b' 'sha256-81acLZNZISnyGYZrSuoYhpzwDTTxi7vC1YM4uNxqWaM='; img-src * data:; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://*.disquscdn.com; font-src 'self' data: https://public.slidesharecdn.com https://*.disquscdn.com; object-src *; media-src *; child-src *; connect-src *
Strict-Transport-Security max-age=31536000; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff