internal-tool1.dev.ebs.one Open in urlscan Pro
187.8.136.242  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response internal-tool1.dev.ebs.one/	887 B 1 KB	1535ms 236ms	Document text/html	187.8.136.242 TELEFONICA BRASIL...
General Check archive.org Show headers Download Go to Full URL https://internal-tool1.dev.ebs.one/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 187.8.136.242 Manaus, Brazil, ASN10429 (TELEFONICA BRASIL S.A, BR), Reverse DNS 187-8-136-242.customer.tdatabrasil.net.br Software nginx / Express PleskLin Resource Hash bf4c022bcce0336b7b9b658e0cefe734e345f47c1e43fd7ed6dbdb60b4c1d584 Security Headers Name Value Content-Security-Policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control public, max-age=0 content-encoding br content-security-policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' content-type text/html; charset=UTF-8 date Wed, 28 Jun 2023 16:32:41 GMT etag W/"377-18857a61c74" last-modified Fri, 26 May 2023 10:41:24 GMT server nginx vary Accept-Encoding x-powered-by Express PleskLin
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	39ms 16ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500&display=swap Requested by Host: internal-tool1.dev.ebs.one URL: https://internal-tool1.dev.ebs.one/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d264548caacccea2efe197440c3781b08e97e5c2d86e164c9920d60a1f51932e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 28 Jun 2023 16:32:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 28 Jun 2023 15:47:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 28 Jun 2023 16:32:41 GMT
GET H2	200	css2 fonts.googleapis.com/	3 KB 806 B	39ms 17ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Source+Code+Pro:wght@400&display=swap Requested by Host: internal-tool1.dev.ebs.one URL: https://internal-tool1.dev.ebs.one/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 93a07fd5d6d15d0ed454c1face2c53ae806fb3aca83bbd55c822919f05e94805 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 28 Jun 2023 16:32:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 28 Jun 2023 15:55:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 28 Jun 2023 16:32:41 GMT
GET H2	200	pyodide.js Show response cdn.jsdelivr.net/pyodide/dev/full/	16 KB 7 KB	38ms 11ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/pyodide/dev/full/pyodide.js Requested by Host: internal-tool1.dev.ebs.one URL: https://internal-tool1.dev.ebs.one/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 63bcc53bd8cb4af9f911bce7fae75bbfeeecbeaf62330b5a52856d0bd6594070 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Wed, 28 Jun 2023 16:32:41 GMT age 2745 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 6759 x-served-by cache-fra-eddf8230068-FRA last-modified Tue, 27 Jun 2023 16:18:16 GMT etag "035dc444fe1414f8ba252441d217fef6" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=3600 accept-ranges bytes timing-allow-origin *
GET H2	200	runtime.js Show response internal-tool1.dev.ebs.one/	2 KB 2 KB	246ms 245ms	Script application/javascript	187.8.136.242 TELEFONICA BRASIL...
General Check archive.org Show headers Download Go to Full URL https://internal-tool1.dev.ebs.one/runtime.js Requested by Host: internal-tool1.dev.ebs.one URL: https://internal-tool1.dev.ebs.one/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 187.8.136.242 Manaus, Brazil, ASN10429 (TELEFONICA BRASIL S.A, BR), Reverse DNS 187-8-136-242.customer.tdatabrasil.net.br Software nginx / Express, PleskLin Resource Hash 417ae88d96996aac3d4d92da5e48391482a36be64feaa14e4d376ad390f8fc52 Security Headers Name Value Content-Security-Policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 28 Jun 2023 16:32:41 GMT content-security-policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' content-encoding gzip last-modified Fri, 26 May 2023 10:41:24 GMT server nginx x-powered-by Express, PleskLin etag W/"8c4-18857a61c74" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes
GET H2	200	vendor.js Show response internal-tool1.dev.ebs.one/	9 MB 2 MB	254ms 254ms	Script application/javascript	187.8.136.242 TELEFONICA BRASIL...
General Check archive.org Show headers Download Go to Full URL https://internal-tool1.dev.ebs.one/vendor.js Requested by Host: internal-tool1.dev.ebs.one URL: https://internal-tool1.dev.ebs.one/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 187.8.136.242 Manaus, Brazil, ASN10429 (TELEFONICA BRASIL S.A, BR), Reverse DNS 187-8-136-242.customer.tdatabrasil.net.br Software nginx / Express, PleskLin Resource Hash 4855f089cff8651f79199818dd76e6aaec4953ea82a8197c920546a09a3a44e2 Security Headers Name Value Content-Security-Policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 28 Jun 2023 16:32:41 GMT content-security-policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' content-encoding gzip last-modified Fri, 28 Oct 2022 08:36:15 GMT server nginx x-powered-by Express, PleskLin etag W/"966ef7-1841dbc1018" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes
GET H2	200	main.js Show response internal-tool1.dev.ebs.one/	2 MB 342 KB	468ms 467ms	Script application/javascript	187.8.136.242 TELEFONICA BRASIL...
General Check archive.org Show headers Download Go to Full URL https://internal-tool1.dev.ebs.one/main.js Requested by Host: internal-tool1.dev.ebs.one URL: https://internal-tool1.dev.ebs.one/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 187.8.136.242 Manaus, Brazil, ASN10429 (TELEFONICA BRASIL S.A, BR), Reverse DNS 187-8-136-242.customer.tdatabrasil.net.br Software nginx / Express, PleskLin Resource Hash 14ee6e6d6b312b40d2099b4da701daa0e15c7e8a83deb90fd03515873103e531 Security Headers Name Value Content-Security-Policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 28 Jun 2023 16:32:41 GMT content-security-policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' content-encoding gzip last-modified Fri, 26 May 2023 10:41:24 GMT server nginx x-powered-by Express, PleskLin etag W/"191ab6-18857a61d9c" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes
GET H2	200	css2 fonts.googleapis.com/	11 KB 859 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7b5d6a17829ac00d843f0527e4c030450401fcb2596976a7a941913ed59894be Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 28 Jun 2023 16:32:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 28 Jun 2023 15:33:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 28 Jun 2023 16:32:52 GMT
GET H2	200	config Show response internal-tool1.dev.ebs.one/api/	213 B 856 B	257ms 257ms	Fetch application/json	187.8.136.242 TELEFONICA BRASIL...
General Check archive.org Show headers Download Go to Full URL https://internal-tool1.dev.ebs.one/api/config Requested by Host: internal-tool1.dev.ebs.one URL: https://internal-tool1.dev.ebs.one/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 187.8.136.242 Manaus, Brazil, ASN10429 (TELEFONICA BRASIL S.A, BR), Reverse DNS 187-8-136-242.customer.tdatabrasil.net.br Software nginx / Express, PleskLin Resource Hash 9890f61a9b45cbb98af89c66f5a51741bb6fd24a791253b4c98348239d4b70c5 Security Headers Name Value Content-Security-Policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Request headers Referer https://internal-tool1.dev.ebs.one/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers date Wed, 28 Jun 2023 16:32:52 GMT content-security-policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' content-encoding br server nginx x-powered-by Express, PleskLin etag W/"d5-qj+nzzl2wksOzlByVUf1fJEWeKI" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin *
GET H2	200	en.json Show response internal-tool1.dev.ebs.one/assets/translations/	37 KB 10 KB	239ms 239ms	Fetch application/json	187.8.136.242 TELEFONICA BRASIL...
General Check archive.org Show headers Download Go to Full URL https://internal-tool1.dev.ebs.one/assets/translations/en.json Requested by Host: internal-tool1.dev.ebs.one URL: https://internal-tool1.dev.ebs.one/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 187.8.136.242 Manaus, Brazil, ASN10429 (TELEFONICA BRASIL S.A, BR), Reverse DNS 187-8-136-242.customer.tdatabrasil.net.br Software nginx / Express, PleskLin Resource Hash 1495ffd70b080dbf382fb4b1d8fafc368e41a679d2c8206f3b0be3c40dbb274c Security Headers Name Value Content-Security-Policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/login?redirectTo=/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 28 Jun 2023 16:32:52 GMT content-security-policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' content-encoding gzip last-modified Fri, 28 Oct 2022 08:23:20 GMT server nginx x-powered-by Express, PleskLin etag W/"9369-1841db03cc0" vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes
GET H2	200	logo-color.svg internal-tool1.dev.ebs.one/assets/images/	8 KB 4 KB	235ms 235ms	Image image/svg+xml	187.8.136.242 TELEFONICA BRASIL...
General Check archive.org Show headers Download Go to Show image Full URL https://internal-tool1.dev.ebs.one/assets/images/logo-color.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 187.8.136.242 Manaus, Brazil, ASN10429 (TELEFONICA BRASIL S.A, BR), Reverse DNS 187-8-136-242.customer.tdatabrasil.net.br Software nginx / Express, PleskLin Resource Hash 51de987786affcfea5a1b1957c02ee35677c1b07e242de39a3f9f3f6e28028fe Security Headers Name Value Content-Security-Policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Request headers accept-language de-DE,de;q=0.9 Referer https://internal-tool1.dev.ebs.one/login?redirectTo=/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 28 Jun 2023 16:32:52 GMT content-security-policy img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' content-encoding gzip last-modified Fri, 28 Oct 2022 08:23:20 GMT server nginx x-powered-by Express, PleskLin etag W/"1e03-1841db03cc0" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	33ms 10ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://internal-tool1.dev.ebs.one accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 01:50:32 GMT x-content-type-options nosniff age 398540 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 01:50:32 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	31ms 7ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://internal-tool1.dev.ebs.one accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 03:30:27 GMT x-content-type-options nosniff age 392545 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 03:30:27 GMT

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| loadPyodide object| webpackChunkfrontend object| __SENTRY__ object| regeneratorRuntime object| __core-js_shared__ object| core function| _ function| setImmediate function| clearImmediate object| PolyBool boolean| _pdfjsCompatibilityChecked function| hotkeys boolean| __ $YJS$ __ object| public_config

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

img-src * data: blob:;script-src maps.googleapis.com apis.google.com accounts.google.com 'self' 'unsafe-inline' 'unsafe-eval' blob: https://unpkg.com/@babel/standalone@7.17.9/babel.min.js https://unpkg.com/react@16.7.0/umd/react.production.min.js https://unpkg.com/react-dom@16.7.0/umd/react-dom.production.min.js cdn.skypack.dev cdn.jsdelivr.net;default-src maps.googleapis.com apis.google.com accounts.google.com *.sentry.io 'self' blob:;connect-src ws://internal-tool1.dev.ebs.one 'self' *;frame-ancestors *;frame-src *;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
internal-tool1.dev.ebs.one
187.8.136.242
2a00:1450:4001:80e::2003
2a00:1450:4001:828::200a
2a04:4e42:400::485
1495ffd70b080dbf382fb4b1d8fafc368e41a679d2c8206f3b0be3c40dbb274c
14ee6e6d6b312b40d2099b4da701daa0e15c7e8a83deb90fd03515873103e531
417ae88d96996aac3d4d92da5e48391482a36be64feaa14e4d376ad390f8fc52
4855f089cff8651f79199818dd76e6aaec4953ea82a8197c920546a09a3a44e2
51de987786affcfea5a1b1957c02ee35677c1b07e242de39a3f9f3f6e28028fe
63bcc53bd8cb4af9f911bce7fae75bbfeeecbeaf62330b5a52856d0bd6594070
7b5d6a17829ac00d843f0527e4c030450401fcb2596976a7a941913ed59894be
93a07fd5d6d15d0ed454c1face2c53ae806fb3aca83bbd55c822919f05e94805
9890f61a9b45cbb98af89c66f5a51741bb6fd24a791253b4c98348239d4b70c5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bf4c022bcce0336b7b9b658e0cefe734e345f47c1e43fd7ed6dbdb60b4c1d584
d264548caacccea2efe197440c3781b08e97e5c2d86e164c9920d60a1f51932e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615