embersandepics.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2d0c  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response embersandepics.pages.dev/	11 KB 4 KB	98ms 49ms	Document text/html	2606:4700:310c::ac42:2d0c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:310c::ac42:2d0c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f81de78bb173a6dcdd0487d4b07424ecefbc1941e8143702b2bf3a0bc6b33ea8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-ray 82de65117a828ccc-EWR content-encoding br content-type text/html; charset=utf-8 date Wed, 29 Nov 2023 22:47:51 GMT etag W/"cd842fae8c1f9882c606cee32e038f63" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0Rbq%2Bl21ASLvNOpr%2B4yPOoEa2lO%2BFV3wXmN0lv5dcDtZodgf7ZJWSPX8VIcWwVO%2FEosxNO26bUttQkUTupHaaUAMQyGB7TFqy4BXAxj2%2FAcicOfq%2FIqHVeZoB0WhrtqJ5FdHKkLt0LQredUwTpGHZRL6IWEp7Y%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H2	200	all.js Show response use.fontawesome.com/releases/v6.3.0/js/	1 MB 494 KB	67ms 35ms	Script application/javascript	2606:4700:e2::ac40:8d0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v6.3.0/js/all.js Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fab2c8187c991c10de6cda9c90e44cc01fbfb9e26ecb646a15c600625863902b Request headers Referer https://embersandepics.pages.dev/ Origin https://embersandepics.pages.dev accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:47:51 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:46:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 83679 etag W/"b250bea6c0b0d73cc1351fa5f8081db0" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnPmNyOKB06WN59LseEeFiSvXw9%2FrGmBzWR0nPnxW%2BZOsNe1MAfEAyrLRhPIRpL7D%2Fh3OnoQlwhv9qeLriTu02thEkX6gVYFI061Psro6lgoI8UBgk410dvTIlx0yg%2BXriyFspV0qf%2BthMQqtOtQqXFy"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 82de65120ec741e1-EWR alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	1 KB 579 B	72ms 25ms	Stylesheet text/css	2607:f8b0:4004:c07::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Varela+Round Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4e8f6c52a5d1d59d3f77c9e5ea4d743304e9ece8760286465f0a1979b2640a7c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 22:47:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 22:39:58 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 22:47:51 GMT
GET H2	200	css fonts.googleapis.com/	23 KB 1 KB	74ms 27ms	Stylesheet text/css	2607:f8b0:4004:c07::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a5c3c3c04840d9efeb580285d01755d09f1e8d1eeaadc5759440396867b8923d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 22:47:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 22:40:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 22:47:51 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 677 B	73ms 26ms	Stylesheet text/css	2607:f8b0:4004:c07::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Playfair Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d9d5b7439f27d8b71cde8909a6ede31a24a7818f4234509ff84b5b308b38e896 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 22:47:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 22:47:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 22:47:51 GMT
GET H2	200	css fonts.googleapis.com/	775 B 801 B	70ms 24ms	Stylesheet text/css	2607:f8b0:4004:c07::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Gilda+Display Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 05e4a126d85201170539ff4dc67ed3c86b6576a6b8f4f06a8214e9c8e0b52cb5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 22:47:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 22:12:12 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 22:47:51 GMT
GET H2	200	styles.css embersandepics.pages.dev/css/	252 KB 33 KB	267ms 265ms	Stylesheet text/css	2606:4700:310c::ac42:2d0c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embersandepics.pages.dev/css/styles.css Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:310c::ac42:2d0c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67df0fbddba1a8e6891d0c1469279e039ca847d9e4431d2b4be97c244ddcf84f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:47:51 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"581adb77a1c80b7f5b41ba68dcf59816" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv56ZmSgSO%2Bt6W0azNG4TMQ42l%2FZZ%2B1km4%2FjEUsMO1rIqoATpEGmPaK4B30nhBAyJ6VZpNPozPyksA9pw32vReXVfoBob7dgn%2FZs3QB7eYazAO0DaeKdUMLj%2FKlduSZzp%2BBwrrKLEyF5Xsx6NIsPyPBD4VGfe4s%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 82de6511daf68ccc-EWR alt-svc h3=":443"; ma=86400
GET H2	200	default-handler.js Show response web.webformscr.com/apps/fc3/build/	19 KB 6 KB	737ms 9ms	Script application/javascript	2a02:6ea0:c400::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://web.webformscr.com/apps/fc3/build/default-handler.js?1700557987608 Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ad7abb0cdc149c088f606641f380e2c173b337e99495a29b39b1e1a0df773864 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-77-pop newyorkUSNY date Wed, 29 Nov 2023 22:47:52 GMT content-encoding gzip x-age-lb 136066 x-77-cache HIT x-accel-date 1701162006 x-77-nzt EgwBnJIkFgHXghMCAAwBnJI73wH37zkGAA x-accel-expires @1701358759 x-77-age 544113 x-cache-lb HIT last-modified Thu, 23 Nov 2023 10:23:06 GMT server CDN77-Turbo etag W/"655f280a-4cf6" x-77-nzt-ray 1e192d0858541e6c98bf676576f7210a vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * x-sp-pr lpr-02 cache-control max-age=604800 expires Thu, 30 Nov 2023 15:39:19 GMT
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/	79 KB 25 KB	38ms 8ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 29 Nov 2023 22:47:51 GMT x-content-type-options nosniff content-encoding br age 11834049 x-jsd-version 5.2.3 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 24659 x-served-by cache-fra-eddf8230056-FRA, cache-lga21979-LGA x-jsd-version-type version etag W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	scripts.js Show response embersandepics.pages.dev/js/	2 KB 1 KB	40ms 39ms	Script application/javascript	2606:4700:310c::ac42:2d0c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embersandepics.pages.dev/js/scripts.js Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:310c::ac42:2d0c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca7889c9264b474e32b88246c8055bfe1f800df1fd6cb8e7585bc29918cdb6b1 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:47:51 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1ac199ee46b4b560fbd9622f10b45072" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lcVazoydwrorplSpKwBKmCILGHCJW2YYUvcXJTjkqPK%2FUNwohvw3W0hj9SxChz6qucOu%2Fyr%2BvdjXaK1o%2BZkJdGEMzMWMn9AD0%2FrLQzkOvTO528UEeT1EiscHS0meN4cyjQJ1XJ7HcETFvvgXHFD60GuZdZ5nZg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 82de6511daf78ccc-EWR alt-svc h3=":443"; ma=86400
GET H2	200	loader.js Show response web.webformscr.com/apps/fc3/build/	1 KB 1 KB	705ms 10ms	Script application/javascript	2a02:6ea0:c400::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://web.webformscr.com/apps/fc3/build/loader.js Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 02cd1afe25bd6950ef39a98a7be2348b7445cba2c979e3b161c01b0b6f14d922 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-77-pop newyorkUSNY date Wed, 29 Nov 2023 22:47:52 GMT content-encoding gzip x-age-lb 562277 x-77-cache HIT x-accel-date 1700735795 x-77-nzt EgwBnJIkFgH3ZZQIAAwBnJI73wH3sgEAAA x-accel-expires @1701340161 x-77-age 562711 x-cache-lb HIT last-modified Mon, 02 May 2022 07:04:42 GMT server CDN77-Turbo etag W/"626f828a-449" x-77-nzt-ray 1e192d0858541e6c98bf676530de310a vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * x-sp-pr lpr-00 cache-control max-age=604800 expires Thu, 30 Nov 2023 10:29:21 GMT
GET H3	200	000001.jpg embersandepics.pages.dev/assets/img/	411 KB 412 KB	267ms 266ms	Image image/jpeg	2606:4700:310c::ac42:2d0c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://embersandepics.pages.dev/assets/img/000001.jpg Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2d0c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b61c98746f8a95f1da38c83233511435dcb71a5645037979b9e1f2a54f13568 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:47:51 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "610bc52f1a52af1ec38824ca133f8669" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xc6sMNvQmzrUqbPWOXf27dvj%2F6oA0GppQvzwun69rO2WbuiKOSYEUg4UK4MN%2FHQtwvfvw2MhVp6B1h6bo%2Fh%2BoRkB73vcR2GY86sBayph5TgDbzEOGeN6saUrumeuWNFECodTmk8HQgk3A44gPwF7QY35FXnJoA%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 82de6513ac6819bb-EWR alt-svc h3=":443"; ma=86400 content-length 420564
GET H3	200	book-lot2.jpg embersandepics.pages.dev/assets/img/	644 KB 645 KB	1038ms 1037ms	Image image/jpeg	2606:4700:310c::ac42:2d0c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://embersandepics.pages.dev/assets/img/book-lot2.jpg Requested by Host: embersandepics.pages.dev URL: https://embersandepics.pages.dev/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:310c::ac42:2d0c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88d8435f374073013deeeee0a58d24c3ed431360aa37dfc1e0772c774c585ceb Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:47:51 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "ee10fee23b1a8728a0e0efb2a5ba2802" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhHqjxwZKhEtPWNRsV1NIZKnRnP2CJ3Bk%2B2fqamn25e%2BX9pJZ7eWjC4NSuIUvCxy9Wsl1WtxkI9aVX8uv%2FJZFlTTOh2pOeorSn40jjp5WUPo2jLYSPrFGegBVFS0ux8xPZHuXIOt0v2WRAHMNDKwOJI1%2F8UOUvA%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 82de6513ac6c19bb-EWR alt-svc h3=":443"; ma=86400 content-length 659192
GET H2	200	t5tmIRoYMoaYG0WEOh7HwMeR3T7Prw.woff2 fonts.gstatic.com/s/gildadisplay/v18/	20 KB 20 KB	47ms 15ms	Font font/woff2	2607:f8b0:4004:c1d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/gildadisplay/v18/t5tmIRoYMoaYG0WEOh7HwMeR3T7Prw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Gilda+Display Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b58cb822e6503b7fd7c776dc96379e2a26c2e6fc44af829ff35dad3cf5408a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://embersandepics.pages.dev accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:45:31 GMT x-content-type-options nosniff age 36140 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20212 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:52:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 28 Nov 2024 12:45:31 GMT
GET H2	200	edf7f4b4ec2df2c0ac54a24855af27f1c928c7ef603d2cab6f5529f23e6cc3a1.js Show response web.webformscr.com/formstore/	4 KB 3 KB	9ms 9ms	Script application/javascript	2a02:6ea0:c400::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://web.webformscr.com/formstore/edf7f4b4ec2df2c0ac54a24855af27f1c928c7ef603d2cab6f5529f23e6cc3a1.js Requested by Host: web.webformscr.com URL: https://web.webformscr.com/apps/fc3/build/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 0e336b536e1879eb4567b16cdead15d1072ab334ae5da306d3ee12dd9d547435 Security Headers Name Value Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self'; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-77-pop newyorkUSNY date Wed, 29 Nov 2023 22:47:56 GMT content-security-policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self'; x-content-type-options nosniff content-encoding gzip x-77-cache HIT x-accel-date 1701290793 x-xss-protection 1; mode=block x-77-nzt EggBnJIkFgFBDAGckjviAfdzHAAA x-accel-expires @1701377193 x-77-age 7283 x-cache-lb MISS x-sp-ma sp-ma-2 last-modified Wed, 29 Nov 2023 09:49:59 GMT server CDN77-Turbo etag W/"1071-60b477559bd98" x-77-nzt-ray 1e192d0858541e6c9cbf6765dfd1960a vary Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent content-type application/javascript access-control-allow-origin * x-sp-pr lpr-02
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.1.1/	85 KB 30 KB	756ms 16ms	Script text/javascript	2607:f8b0:4004:c09::5f
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Requested by Host: web.webformscr.com URL: https://web.webformscr.com/apps/fc3/build/default-handler.js?1700557987608 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f -, , ASN (), Reverse DNS Software sffe / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 26 Nov 2023 23:22:50 GMT content-encoding gzip x-content-type-options nosniff age 257106 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30244 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 25 Nov 2024 23:22:50 GMT
GET H2	200	default-handler.js Show response web.webformscr.com/apps/fc3/build/	19 KB 6 KB	9ms 9ms	Script application/javascript	2a02:6ea0:c400::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://web.webformscr.com/apps/fc3/build/default-handler.js Requested by Host: web.webformscr.com URL: https://web.webformscr.com/apps/fc3/build/loader.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ad7abb0cdc149c088f606641f380e2c173b337e99495a29b39b1e1a0df773864 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-77-pop newyorkUSNY date Wed, 29 Nov 2023 22:47:56 GMT content-encoding gzip x-age-lb 562015 x-77-cache HIT x-accel-date 1700736061 x-77-nzt EgwBnJIkFgH3X5MIAAwBnJI73wH3ugIAAA x-accel-expires @1701340163 x-77-age 562713 x-cache-lb HIT last-modified Thu, 23 Nov 2023 10:23:07 GMT server CDN77-Turbo etag W/"655f280b-4cf6" x-77-nzt-ray 1e192d0858541e6c9cbf67659840a536 vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * x-sp-pr lpr-00 cache-control max-age=604800 expires Thu, 30 Nov 2023 10:29:23 GMT
GET H2	200	mobile-detect.min.js Show response cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/	37 KB 14 KB	39ms 16ms	Script application/javascript	2606:4700::6811:190e
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/mobile-detect.min.js Requested by Host: web.webformscr.com URL: https://web.webformscr.com/apps/fc3/build/default-handler.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e -, , ASN (), Reverse DNS Software cloudflare / Resource Hash fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:47:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 135534 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 13328 last-modified Mon, 04 May 2020 16:13:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f25-9341" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwudozFWWE5gWTWO%2F%2BeKUlHoftOD5sp%2Fj%2FN%2BavXC5HqvTmz1UZGx2XdcvHQWvUiAkgUExODHswAObVi2H0uFFqQ0bHzMkTvtuF34TELzZ6YOsXGapiw7LapIE%2FsbzEEKwbJT57cz7a2c0kbcaVWTuXn9"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82de65352aaf1a1b-EWR expires Mon, 18 Nov 2024 22:47:56 GMT
GET H2	200	form-defaults.css web.webformscr.com/apps/fc3/build/	58 KB 22 KB	11ms 11ms	Stylesheet text/css	2a02:6ea0:c400::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://web.webformscr.com/apps/fc3/build/form-defaults.css?1700557987608 Requested by Host: web.webformscr.com URL: https://web.webformscr.com/apps/fc3/build/default-handler.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 458783686e8a35426c80e1a74cb5be70b488f81597910c2d934328ed856df6d5 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-77-pop newyorkUSNY date Wed, 29 Nov 2023 22:47:56 GMT content-encoding gzip x-age-lb 562389 x-77-cache HIT x-accel-date 1700735687 x-77-nzt EgwBnJIkFgH31ZQIAAwBnJI73wH3ZAEAAA x-accel-expires @1701340131 x-77-age 562745 x-cache-lb HIT last-modified Wed, 30 Nov 2022 11:08:14 GMT server CDN77-Turbo etag W/"6387399e-e75a" x-77-nzt-ray 1e192d0858541e6c9cbf676582cf4d39 vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * x-sp-pr lpr-00 cache-control max-age=604800 expires Thu, 30 Nov 2023 10:28:51 GMT
GET H2	200	/ Show response gp.webformscr.com/	317 B 450 B	424ms 89ms	Script application/json	3.126.148.16
General Check archive.org Show headers Download Go to Full URL https://gp.webformscr.com/?callback=jQuery311028447582521222103_1701298076956&_=1701298076957 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.148.16 -, , ASN (), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3a39a03dba79dae55d3f482f86e0ef29fa8b5536c807ebaefdfcd07f7bb2dbf0 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers access-control-allow-origin * date Wed, 29 Nov 2023 22:47:57 GMT cache-control no-cache server nginx/1.18.0 (Ubuntu) content-length 317 content-type application/json; charset=utf-8
GET H2	200	/ Show response gp.webformscr.com/	317 B 449 B	421ms 90ms	Script application/json	3.126.148.16
General Check archive.org Show headers Download Go to Full URL https://gp.webformscr.com/?callback=jQuery311028447582521222103_1701298076958&_=1701298076959 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.148.16 -, , ASN (), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e8428670d05d5bd2cb58756fc9d09f275b9a67fa47ab6d248cf308ce73aaeb57 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers access-control-allow-origin * date Wed, 29 Nov 2023 22:47:57 GMT cache-control no-cache server nginx/1.18.0 (Ubuntu) content-length 317 content-type application/json; charset=utf-8
GET H2	200	/ Show response gp.webformscr.com/	317 B 449 B	418ms 90ms	Script application/json	3.126.148.16
General Check archive.org Show headers Download Go to Full URL https://gp.webformscr.com/?callback=jQuery311028447582521222103_1701298076960&_=1701298076961 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.148.16 -, , ASN (), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 554fbcd990e776ecc695480b5861755011902632d7ff57d7d85fa90368b837c2 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers access-control-allow-origin * date Wed, 29 Nov 2023 22:47:57 GMT cache-control no-cache server nginx/1.18.0 (Ubuntu) content-length 317 content-type application/json; charset=utf-8
GET H2	200	/ Show response gp.webformscr.com/	317 B 449 B	418ms 91ms	Script application/json	3.126.148.16
General Check archive.org Show headers Download Go to Full URL https://gp.webformscr.com/?callback=jQuery311028447582521222103_1701298076962&_=1701298076963 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.148.16 -, , ASN (), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash b1e4b3c08068fee36ae01d953a07581ea94a5b140cd355bd45bedb84b92bbad4 Request headers accept-language en-US,en;q=0.9 Referer https://embersandepics.pages.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers access-control-allow-origin * date Wed, 29 Nov 2023 22:47:57 GMT cache-control no-cache server nginx/1.18.0 (Ubuntu) content-length 317 content-type application/json; charset=utf-8
GET		icon.svg fooolghllnmhmmndgjiamiiodkpenpbb/assets/manifestIcons/	0 0
GET DATA	200 OK	truncated /	534 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d593c66c999feb41ee25bc5b411c41b1d799ccedce548892209761890b5a7852 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fooolghllnmhmmndgjiamiiodkpenpbb

URL

chrome-extension://fooolghllnmhmmndgjiamiiodkpenpbb/assets/manifestIcons/icon.svg

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome number| uidEvent object| bootstrap boolean| spFormLoaderAdded function| ResourceLoader function| SPForm function| SPHistory function| SPStatAgent function| SPURLFilter function| _typeof function| spFormBootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://fooolghllnmhmmndgjiamiiodkpenpbb/assets/manifestIcons/icon.svg Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
embersandepics.pages.dev
fonts.googleapis.com
fonts.gstatic.com
fooolghllnmhmmndgjiamiiodkpenpbb
gp.webformscr.com
use.fontawesome.com
web.webformscr.com
fooolghllnmhmmndgjiamiiodkpenpbb
2606:4700:310c::ac42:2d0c
2606:4700::6811:190e
2606:4700:e2::ac40:8d0d
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1d::5e
2a02:6ea0:c400::11
2a04:4e42::485
3.126.148.16
02cd1afe25bd6950ef39a98a7be2348b7445cba2c979e3b161c01b0b6f14d922
05e4a126d85201170539ff4dc67ed3c86b6576a6b8f4f06a8214e9c8e0b52cb5
0e336b536e1879eb4567b16cdead15d1072ab334ae5da306d3ee12dd9d547435
3a39a03dba79dae55d3f482f86e0ef29fa8b5536c807ebaefdfcd07f7bb2dbf0
3b58cb822e6503b7fd7c776dc96379e2a26c2e6fc44af829ff35dad3cf5408a9
458783686e8a35426c80e1a74cb5be70b488f81597910c2d934328ed856df6d5
4e8f6c52a5d1d59d3f77c9e5ea4d743304e9ece8760286465f0a1979b2640a7c
554fbcd990e776ecc695480b5861755011902632d7ff57d7d85fa90368b837c2
5b61c98746f8a95f1da38c83233511435dcb71a5645037979b9e1f2a54f13568
67df0fbddba1a8e6891d0c1469279e039ca847d9e4431d2b4be97c244ddcf84f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
88d8435f374073013deeeee0a58d24c3ed431360aa37dfc1e0772c774c585ceb
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
a5c3c3c04840d9efeb580285d01755d09f1e8d1eeaadc5759440396867b8923d
ad7abb0cdc149c088f606641f380e2c173b337e99495a29b39b1e1a0df773864
b1e4b3c08068fee36ae01d953a07581ea94a5b140cd355bd45bedb84b92bbad4
ca7889c9264b474e32b88246c8055bfe1f800df1fd6cb8e7585bc29918cdb6b1
d593c66c999feb41ee25bc5b411c41b1d799ccedce548892209761890b5a7852
d9d5b7439f27d8b71cde8909a6ede31a24a7818f4234509ff84b5b308b38e896
e8428670d05d5bd2cb58756fc9d09f275b9a67fa47ab6d248cf308ce73aaeb57
f81de78bb173a6dcdd0487d4b07424ecefbc1941e8143702b2bf3a0bc6b33ea8
fab2c8187c991c10de6cda9c90e44cc01fbfb9e26ecb646a15c600625863902b
fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8