ground-violet-e1ad.jackreedy.workers.dev Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://f.nativeforms.com/U0dWxUMC1jZmQ0cJNHNC1Db Page URL
2. https://ground-violet-e1ad.jackreedy.workers.dev/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	U0dWxUMC1jZmQ0cJNHNC1Db Show response f.nativeforms.com/	5 KB 937 B	75ms 38ms	Document text/html	199.36.158.100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.nativeforms.com/U0dWxUMC1jZmQ0cJNHNC1Db Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.36.158.100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 849e184c433d233ae1593e07699852dfde87f6ea2ad4660bd7f6883641abf1a8 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 586 content-type text/html; charset=utf-8 date Wed, 29 Nov 2023 22:04:25 GMT etag "3286cdb3c3cb9636a92a239eb3b762f7f93135d4deed5c0e5541cd64c3c03fd7-br" last-modified Mon, 23 Oct 2023 18:14:34 GMT strict-transport-security max-age=31556926 vary x-fh-requested-host, accept-encoding x-cache MISS x-cache-hits 0 x-served-by cache-fra-eddf8230044-FRA x-timer S1701295465.138201,VS0,VE29
GET H2	200	main.f79dc211.js Show response f.nativeforms.com/static/js/	231 KB 55 KB	11ms 10ms	Script text/javascript	199.36.158.100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.nativeforms.com/static/js/main.f79dc211.js Requested by Host: f.nativeforms.com URL: https://f.nativeforms.com/U0dWxUMC1jZmQ0cJNHNC1Db Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.36.158.100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9fa28641dafef34de53d434707447039dca29b0c252275527206bf8ea7f54767 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers accept-language de-DE,de;q=0.9 Referer https://f.nativeforms.com/U0dWxUMC1jZmQ0cJNHNC1Db User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-served-by cache-fra-eddf8230044-FRA strict-transport-security max-age=31556926 content-encoding br date Wed, 29 Nov 2023 22:04:25 GMT last-modified Mon, 23 Oct 2023 18:14:34 GMT x-timer S1701295465.179715,VS0,VE2 etag "6d8878782e4462fe7a55a5574ef7cf40fba610ffa6b04bb3b3bd6a63afbfa0a5-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 55932 x-cache-hits 1
OPTIONS H2	204	opened us-central1-nativeforms-prod.cloudfunctions.net/backend/form-inbox/	0 0	192ms 121ms	Preflight text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-nativeforms-prod.cloudfunctions.net/backend/form-inbox/opened Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-security-policy,content-type Access-Control-Request-Method POST Origin https://f.nativeforms.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers access-control-allow-headers content-security-policy,content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Wed, 29 Nov 2023 22:04:25 GMT function-execution-id ns3hvmgta37u server Google Frontend vary Access-Control-Request-Headers x-cloud-trace-context 7d92d1a32ce2aad91d05febfe86db35e x-powered-by Express
POST H2	200	opened Show response us-central1-nativeforms-prod.cloudfunctions.net/backend/form-inbox/	1 KB 635 B	177ms 176ms	Fetch application/json	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-nativeforms-prod.cloudfunctions.net/backend/form-inbox/opened Requested by Host: f.nativeforms.com URL: https://f.nativeforms.com/static/js/main.f79dc211.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash 2eec670a057dab49963d478e00aac7c764a6a8573cfe4145d4e5293e7c6135b6 Request headers Content-Security-Policy connect-src 'self' https://us-central1-nativeforms-prod.cloudfunctions.net Referer https://f.nativeforms.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/json Response headers date Wed, 29 Nov 2023 22:04:25 GMT content-encoding gzip server Google Frontend x-powered-by Express etag W/"5a0-3Oru2QZz4aw8kdHlvuGOycleo/c" content-type application/json; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 3499dde911943a8f214b12329c77b5c2 cache-control private function-execution-id ns3hafmbhdf0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 469
GET H2	200	Primary Request / Show response ground-violet-e1ad.jackreedy.workers.dev/	2 MB 841 KB	487ms 180ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ground-violet-e1ad.jackreedy.workers.dev/ Requested by Host: f.nativeforms.com URL: https://f.nativeforms.com/U0dWxUMC1jZmQ0cJNHNC1Db Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89f0a079418a1961f69bb950bb7f671f493f460a3678d9d51d9249726541d14f Request headers Referer https://f.nativeforms.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-ray 82de2575fae81e56-FRA content-encoding br content-type text/html;charset=UTF-8 date Wed, 29 Nov 2023 22:04:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FS%2F3Ycdhgv3yUIOBtuBvnbRpqeXomzaVfnF6QAbad%2F66WkHnKnn0xL6MRkluVtVvPzr8RFQXezLJjoFAQI01Fr74qmUgwTd9pj9g%2B%2BGKn5SBt18RhDH1xXzv6tNlC1CshmOvguRnNTBsPkms3TMrxGuCVfco5q0dwpDpM8E9gztlfQWLQ1Qq"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	1Ptvg83HX_SGhgqk3wotYKNnBQ.woff2 fonts.gstatic.com/s/mulish/v12/	27 KB 27 KB	56ms 14ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wotYKNnBQ.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://f.nativeforms.com/ Origin https://f.nativeforms.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 25 Nov 2023 08:04:00 GMT x-content-type-options nosniff age 396025 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27400 x-xss-protection 0 last-modified Mon, 11 Jul 2022 19:04:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 08:04:00 GMT
GET H2	200	jquery-3.4.1.min.js code.jquery.com/	86 KB 30 KB	60ms 8ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: ground-violet-e1ad.jackreedy.workers.dev URL: https://ground-violet-e1ad.jackreedy.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://ground-violet-e1ad.jackreedy.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 22:04:26 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 6493266 x-cache HIT, HIT content-length 30638 x-served-by cache-lga21965-LGA, cache-fra-eddf8230047-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1701295466.174048,VS0,VE0 etag W/"28feccc0-15851" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 454, 1213432
GET BLOB	200 OK	7767daf6-b780-45fe-8933-e77a57647f6c Show response https://ground-violet-e1ad.jackreedy.workers.dev/	2 MB 0		Document text/html
General Check archive.org Show headers Download Go to Full URL blob:https://ground-violet-e1ad.jackreedy.workers.dev/7767daf6-b780-45fe-8933-e77a57647f6c Requested by Host: ground-violet-e1ad.jackreedy.workers.dev URL: https://ground-violet-e1ad.jackreedy.workers.dev/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 0abc0ae55fd7dfddc0c46f7afbc9bf0fb7d2baf9272ab24125a7f8dfe3cf9e0b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 1692403 Content-Type text/html
GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/2.2.4/	0 0
GET		jquery-3.1.1.min.js code.jquery.com/	0 0
GET		adobe-document-cloud-adobe_document_cloud_icon.jpg images.sftcdn.net/images/t_app-icon-m/p/1c15b909-815a-41d4-96ec-4b5e49df2bf5/1368911181/	0 0
GET		images encrypted-tbn0.gstatic.com/	0 0
GET		images encrypted-tbn0.gstatic.com/	0 0
GET		email-marketing-icon-vector-graphics-vector-id1257404830 media.istockphoto.com/vectors/	0 0
GET		images encrypted-tbn0.gstatic.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ajax.googleapis.com

URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Domain

code.jquery.com

URL

https://code.jquery.com/jquery-3.1.1.min.js

Domain

images.sftcdn.net

URL

https://images.sftcdn.net/images/t_app-icon-m/p/1c15b909-815a-41d4-96ec-4b5e49df2bf5/1368911181/adobe-document-cloud-adobe_document_cloud_icon.jpg

Domain

encrypted-tbn0.gstatic.com

URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSji3uKkCIRNa58VvKNMk1J-nCZF2gpyVTw8h6jbk5Z3PKiV7Lxt0ZVOCJGcEs8a6gRfkY&usqp=CAU

Domain

encrypted-tbn0.gstatic.com

URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT_nWscHt0NMdQ4G2yJql7JkGXaouoS5bKezYi3ioReBoW1VJo5gpINKDkf8ShxbjobVfs&usqp=CAU

Domain

media.istockphoto.com

URL

https://media.istockphoto.com/vectors/email-marketing-icon-vector-graphics-vector-id1257404830?k=20&m=1257404830&s=612x612&w=0&h=LOwm34ubd_vUzqIi5k3rxflh04NbZTZEnSTYSVmX2Jk=

Domain

encrypted-tbn0.gstatic.com

URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSYoaTYJflBPn6wW0hkuPHtzLBmsq-IrqYUjjJb-3CkzQahkDGOQgjvktbm8falSL3Pxy8&usqp=CAU

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _0x12db function| _0x110d function| _0x58d468 function| _0xdfce83 function| _0xcaca function| _0x4afd function| _0x1189 function| _0x5578f7 function| _0x6511 string| s string| m function| _0x36c9 function| _0xfd71 function| IiiI6Y4Ca56Nc1o2nfu6se6iiii function| lllLL6Y4cA56nc1o2nfu6se6llll string| qxsQon object| aKqpiHi function| RjXEfG object| HeVzJS number| khs3CEb object| lsFFXCH string| ivbfTY string| hRdtVJ string| Slw_Cdr string| gnsDrL string| aoZNSTM string| EinEb5W string| nEDdYJ string| VEksmT string| c9pQrfm string| Q4qSBG3 string| lv88fc6 string| C2vmURq string| lBhm6qL string| KCXxxo string| kcs9Rt4 string| DdOODm string| XPOnp5L string| lvDosp string| wklnG7_ string| Ow_OBL string| Uv8KUG4 string| UPPg7UH string| Ceo2ij string| qvmG_V string| GZOv45 string| CHnpJqR string| dtKYfz string| Tq4lwNL string| nG4okm string| MY_59x string| VtkQBuS string| lvplwR string| q51LUMG string| Mh7zAm string| TOlja_ string| VT3LX6 object| k7HXhLQ object| JcoOae object| ahCCfg object| GxmzLfr function| wEG1WXm function| lbBA_b function| liii6y4ca56nc1o2nfu6se6iiii number| KDgKeP string| tH843r1 string| WYigMkz number| FY68MeQ function| Ch31Gz string| uFNTLT string| Ql3Luar string| idkCD1G number| Y87yve function| lF3yi2 function| iiii6y4ca56nc1o2nfu6se6iiii function| lllll6y4ca56nc1o2nfu6se6llll function| aMcF0L function| ZNAgDU function| IS1Tvn function| hgZuXW function| Yq16kg function| TusYl4 function| hVTbifP function| llll6y4ca56nc1o2nfu6se6iii

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
encrypted-tbn0.gstatic.com
f.nativeforms.com
fonts.gstatic.com
ground-violet-e1ad.jackreedy.workers.dev
images.sftcdn.net
media.istockphoto.com
us-central1-nativeforms-prod.cloudfunctions.net
ajax.googleapis.com
code.jquery.com
encrypted-tbn0.gstatic.com
images.sftcdn.net
media.istockphoto.com

199.36.158.100
2001:4860:4802:36::36
2a00:1450:4001:806::2003
2a04:4e42:200::649
2a06:98c1:3121::3
0abc0ae55fd7dfddc0c46f7afbc9bf0fb7d2baf9272ab24125a7f8dfe3cf9e0b
2eec670a057dab49963d478e00aac7c764a6a8573cfe4145d4e5293e7c6135b6
849e184c433d233ae1593e07699852dfde87f6ea2ad4660bd7f6883641abf1a8
89f0a079418a1961f69bb950bb7f671f493f460a3678d9d51d9249726541d14f
9fa28641dafef34de53d434707447039dca29b0c252275527206bf8ea7f54767