urlscan.io logo urlscan.io
SecurityTrails logo

xhduuid.web.app Open in urlscan Pro
2620:0:890::100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xhduuid.firebaseapp.com/
Effective URL: https://xhduuid.web.app/linkedin.com/login/
Submission: On June 14 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is xhduuid.web.app.
TLS certificate: Issued by GTS CA 1D4 on May 10th 2023. Valid for: 3 months.
This is the only time xhduuid.web.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2620:0:890::100 54113 (FASTLY)
1 2600:140b:1a0... 20940 (AKAMAI-ASN1)
1 23.2.131.196 16625 (AKAMAI-AS)
1 2600:140b:2:9... 20940 (AKAMAI-ASN1)
19 5
Apex Domain
Subdomains		 Transfer
15 web.app
xhduuid.web.app
328 KB
2 go-mpulse.net
s2.go-mpulse.net — Cisco Umbrella Rank: 5653
c.go-mpulse.net — Cisco Umbrella Rank: 573
50 KB
1 emacontent.com
emacontent.com — Cisco Umbrella Rank: 76179
76 KB
1 firebaseapp.com
xhduuid.firebaseapp.com
448 B
19 4
Domain Requested by
15 xhduuid.web.app 1 redirects xhduuid.web.app
1 c.go-mpulse.net s2.go-mpulse.net
1 emacontent.com xhduuid.web.app
1 s2.go-mpulse.net xhduuid.web.app
1 xhduuid.firebaseapp.com
19 5

This site contains no links.

Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1D4		 2023-05-10 -
2023-08-08		 3 months crt.sh
web.app
GTS CA 1D4		 2023-05-10 -
2023-08-08		 3 months crt.sh
s2.go-mpulse.net
R3		 2023-05-09 -
2023-08-07		 3 months crt.sh
emacontent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-05		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://xhduuid.web.app/linkedin.com/login/
Frame ID: 2A206AB32088995D7ED04E67B43E5723
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Linkedin Update 2023

Page URL History Show full URLs

  1. https://xhduuid.firebaseapp.com/ Page URL
  2. https://xhduuid.web.app/linkedin.com/login HTTP 301
    https://xhduuid.web.app/linkedin.com/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

19
Requests

95 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

454 kB
Transfer

1492 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xhduuid.firebaseapp.com/ Page URL
  2. https://xhduuid.web.app/linkedin.com/login HTTP 301
    https://xhduuid.web.app/linkedin.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xhduuid.firebaseapp.com/ 		142 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xhduuid.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f93066d2c3b13a49ee9531069c4dc472843a85faa164a6178039575c5e620e88
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
86
content-type
text/html; charset=utf-8
date
Wed, 14 Jun 2023 15:20:33 GMT
etag
"fbeaa5fa01f3548d64ab76c8cd353e0103f897c6fac0eeff3132f4d0b3aac9dc-br"
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-tyo11970-TYO
x-timer
S1686756034.681612,VS0,VE1
Primary Request /
xhduuid.web.app/linkedin.com/login/
Redirect Chain
  • https://xhduuid.web.app/linkedin.com/login
  • https://xhduuid.web.app/linkedin.com/login/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/linkedin.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90473bfbc39dd9287cc379f0cdc1e16af161431d14637b0aa8e00eec7d3e282d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://xhduuid.firebaseapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
3381
content-type
text/html; charset=utf-8
date
Wed, 14 Jun 2023 15:20:33 GMT
etag
"827f8aa3f67399dc4220ad1202246bfcdc18656da3e73d537609954a7dd0b448-br"
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-tyo11926-TYO
x-timer
S1686756034.742914,VS0,VE2

Redirect headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
35
content-type
text/plain; charset=utf-8
date
Wed, 14 Jun 2023 15:20:33 GMT
location
/linkedin.com/login/
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-tyo11926-TYO
x-timer
S1686756034.739817,VS0,VE1
ema.min.css
xhduuid.web.app/emacontent.com/bootstrap/8.4.0/css/ 		241 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/emacontent.com/bootstrap/8.4.0/css/ema.min.css
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ee1985c20099e33b5c47af6ef801274007e1a19e81b721f1cc8812af5ff06c5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11926-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.749434,VS0,VE5
etag
"c87173d21bed840760b805062d10dfc3cbebd94d26b9cb5d10b6176c1e0be305-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33026
x-cache-hits
1
Areas-SignIn-Content4d4e.css
xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/css/Areas-SignIn-Content4d4e.css?v=8aa7d4d13e
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a8500a84c72a381003511727a223ac1b8eddb57254784da8170ae64c9c62d84
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11926-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.749576,VS0,VE1
etag
"6c35ec7027d6804813a086947c8e42522156cef11b3f11be218d592dcfca021b-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1768
x-cache-hits
1
global-error-logger56f4.js
xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/scripts/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/scripts/global-error-logger56f4.js?v=3fce45f111
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
78ed54ff84f29002ee4f0be0dd7f9fc56c40676b13ba9012ba4900066341b4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11926-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.749594,VS0,VE1
etag
"0cd2e976f7e8500c5493e55e4d0e70dbd5f0b2b4e3ecb8abddc2fdd50ac0e920-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10960
x-cache-hits
1
microsoft.png
xhduuid.web.app/partner/default/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhduuid.web.app/partner/default/microsoft.png
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9a4feefdd3dda145582a9872847385bc2b7c9a35d1bbce23a57a697b4d40db1e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.774795,VS0,VE4
etag
"d73f556321f9a05886ee604f8ac53f06fa31d13134b2a1c289bf5d5843d2098f-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11791
x-cache-hits
1
ema.js
xhduuid.web.app/emacontent.com/bundles/1.7.1/ 		142 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/emacontent.com/bundles/1.7.1/ema.js
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90e5b187273c232efffaee1a1955df7ad4061a7c6b7e88796a6c94443a0ad3f0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.766336,VS0,VE8
etag
"cbc1f2c58234bf87506d0160346b6d55d3fbaa39fcbc6af7f93528bf70e56e1d-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40617
x-cache-hits
1
ema.validation.js
xhduuid.web.app/emacontent.com/bundles/1.7.3/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/emacontent.com/bundles/1.7.3/ema.validation.js
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f308e34f8fcc25b5aad1f0617e9f3ce773745a9a44f38d57869423dba7432564
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.767018,VS0,VE5
etag
"9c5490c3bf6f973d0f501655d5f55ac438caf986bcb7c283a657312bde96251a-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8200
x-cache-hits
1
emx-eMoneyClientcc9f.js
xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/scripts/emx-eMoneyClientcc9f.js?v=ec2e995c30
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9fba1d2c76feff7922782a07c7179bb5da8d8ec03ea8182add241c1f92a20cd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.774024,VS0,VE1
etag
"8bdc0e57b62cc137bc9f6113c0c3951623749e0345ba7e19ec616a295b475d83-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1133
x-cache-hits
1
Areas-SignIn-Scripts-rsa09da.js
xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/scripts/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/scripts/Areas-SignIn-Scripts-rsa09da.js?v=321ccb6be5
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9510774d762d22d25851096f99730d52c3a75f6aa07add2c21d5c413f69c0aef
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.774031,VS0,VE7
etag
"7cd159781b6aada37cd962305edb06d3bab4e32cfca64de41c60837b727ff4c5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12597
x-cache-hits
1
Areas-SignIn-Scriptsed88.js
xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/scripts/ 		420 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/scripts/Areas-SignIn-Scriptsed88.js?v=226114c39a
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cff8521da307e8b31a46d387bfe9bce0772885f9ab615d7ec032cc7dd409b98e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.774823,VS0,VE11
etag
"56c397b8e449af3ba3630d541dcf28491e0c6c500e0806230c533ac11dbcd4b9-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
75405
x-cache-hits
1
imagecss
xhduuid.web.app/wealth.emaplan.com/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xhduuid.web.app/wealth.emaplan.com/imagecss
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f37396500663b3e2d053ae3dfd76d81b4a3dfac1238da8d76a41f220a54f8a25
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/linkedin.com/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.774830,VS0,VE4
etag
"543049c9030227d03ade53e6fc9a40d16e09408e9ef974f7c239db9a005cb84b-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
64959
x-cache-hits
1
DASML-QSKNT-6X5KT-8N8KT-H5CMM
s2.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.go-mpulse.net/boomerang/DASML-QSKNT-6X5KT-8N8KT-H5CMM
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/linkedin.com/login/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:3a9::2682 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 15:20:33 GMT
content-encoding
br
last-modified
Tue, 23 May 2023 12:39:22 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
background.png
xhduuid.web.app/wealth.emaplan.com/ema/Areas/SignIn/Content/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhduuid.web.app/wealth.emaplan.com/ema/Areas/SignIn/Content/Images/background.png
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/css/Areas-SignIn-Content4d4e.css?v=8aa7d4d13e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90b832d9fdd1c93679f32563c3738e847b2e65bd57f9d0d6674bb16eb63e561d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/css/Areas-SignIn-Content4d4e.css?v=8aa7d4d13e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.780599,VS0,VE2
etag
"eaff43e7f2d16f175fd88b157ebe576bfc362539040ca1b9546e1cfd59a466ef"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2923
x-cache-hits
1
radialgradient.png
xhduuid.web.app/wealth.emaplan.com/ema/Areas/SignIn/Content/Images/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhduuid.web.app/wealth.emaplan.com/ema/Areas/SignIn/Content/Images/radialgradient.png
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/css/Areas-SignIn-Content4d4e.css?v=8aa7d4d13e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fc6b97523dbe5982b12e24a76069a9dfeabf88efa2e18c83ecce1f24a79f620
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/css/Areas-SignIn-Content4d4e.css?v=8aa7d4d13e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.780603,VS0,VE3
etag
"b7f26ea2c4fc32b1d08ef0e435230118713182ae7162d4a5c4077811f5a5415a-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
61880
x-cache-hits
1
footer.png
xhduuid.web.app/wealth.emaplan.com/ema/Areas/SignIn/Content/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xhduuid.web.app/wealth.emaplan.com/ema/Areas/SignIn/Content/Images/footer.png
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/css/Areas-SignIn-Content4d4e.css?v=8aa7d4d13e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37aa969640813a828f1deba38b846cff2134a44bb1fbab6e50adbf0233b4697e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/wealth.emaplan.com/ema/wwwroot/css/Areas-SignIn-Content4d4e.css?v=8aa7d4d13e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-tyo11947-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Wed, 07 Jun 2023 14:11:21 GMT
x-timer
S1686756034.780960,VS0,VE8
etag
"95c71ede74fd661b75021c410f51e164038a19dc38792e288fa754e6003d5602"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2991
x-cache-hits
1
fontawesome-webfont.woff2
emacontent.com/bootstrap/8.4.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emacontent.com/bootstrap/8.4.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: xhduuid.web.app
URL: https://xhduuid.web.app/emacontent.com/bootstrap/8.4.0/css/ema.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.131.196 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-131-196.deploy.static.akamaitechnologies.com
Software
/ ASP.NET
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://xhduuid.web.app/
Origin
https://xhduuid.web.app
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 15:20:33 GMT
last-modified
Mon, 11 Mar 2019 18:50:00 GMT
etag
"0fcb13a3bd8d41:0"
x-powered-by
ASP.NET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=206235
accept-ranges
bytes
content-length
77160
expires
Sat, 17 Jun 2023 00:37:48 GMT
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=DASML-QSKNT-6X5KT-8N8KT-H5CMM&d=xhduuid.web.app&t=5622520&v=1.720.0&sl=0&si=3f1ca8c6-7323-4dfa-ad2e-efc833101849-rw91aa&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=499516
Requested by
Host: s2.go-mpulse.net
URL: https://s2.go-mpulse.net/boomerang/DASML-QSKNT-6X5KT-8N8KT-H5CMM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:140b:2:980::11a6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4a66cea2093bd24172746dc738083d0bc33f893b1211097c6662b250d5b1989

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xhduuid.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Jun 2023 15:20:34 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| __core-js_shared__ object| core object| BOOMR_config string| BOOMR_API_key object| BOOMR function| Modal function| Popover function| $ function| jQuery object| EMA function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| genRandomNumber function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| RSAUIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq function| countryForE164Number function| formatNumberForMobileDialing function| isValidNumber function| formatE164 function| formatInternational function| formatLocal function| exampleLandlineNumber function| exampleMobileNumber function| cleanPhone function| countryCodeToName boolean| COMPILED object| goog object| i18n function| Fingerprint object| PasswordReset function| updateBrowserFingerprint object| _cf object| bmak string| _sdTrace number| BOOMR_onload object| plugin string| t number| BOOMR_configt

1 Cookies

Domain/Path Name / Value
.xhduuid.web.app/ Name: RT
Value: "z=1&dm=xhduuid.web.app&si=3f1ca8c6-7323-4dfa-ad2e-efc833101849&ss=livuzpaa&sl=1&tt=3g&rl=1&ld=a4"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.go-mpulse.net
emacontent.com
s2.go-mpulse.net
xhduuid.firebaseapp.com
xhduuid.web.app
23.2.131.196
2600:140b:1a00:3a9::2682
2600:140b:2:980::11a6
2620:0:890::100
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
1a8500a84c72a381003511727a223ac1b8eddb57254784da8170ae64c9c62d84
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
37aa969640813a828f1deba38b846cff2134a44bb1fbab6e50adbf0233b4697e
4ee1985c20099e33b5c47af6ef801274007e1a19e81b721f1cc8812af5ff06c5
78ed54ff84f29002ee4f0be0dd7f9fc56c40676b13ba9012ba4900066341b4c7
90473bfbc39dd9287cc379f0cdc1e16af161431d14637b0aa8e00eec7d3e282d
90b832d9fdd1c93679f32563c3738e847b2e65bd57f9d0d6674bb16eb63e561d
90e5b187273c232efffaee1a1955df7ad4061a7c6b7e88796a6c94443a0ad3f0
9510774d762d22d25851096f99730d52c3a75f6aa07add2c21d5c413f69c0aef
9a4feefdd3dda145582a9872847385bc2b7c9a35d1bbce23a57a697b4d40db1e
9fc6b97523dbe5982b12e24a76069a9dfeabf88efa2e18c83ecce1f24a79f620
b4a66cea2093bd24172746dc738083d0bc33f893b1211097c6662b250d5b1989
cff8521da307e8b31a46d387bfe9bce0772885f9ab615d7ec032cc7dd409b98e
f308e34f8fcc25b5aad1f0617e9f3ce773745a9a44f38d57869423dba7432564
f37396500663b3e2d053ae3dfd76d81b4a3dfac1238da8d76a41f220a54f8a25
f93066d2c3b13a49ee9531069c4dc472843a85faa164a6178039575c5e620e88
f9fba1d2c76feff7922782a07c7179bb5da8d8ec03ea8182add241c1f92a20cd