social media network

technology software

documentation technical

social_media

English

Domain 'linn4jace-dev.pages.dev' uses the developer-focused generic top-level domain (.dev) with subdomain 'linn4jace-dev'. The second-level label 'pages' is 5 characters long holding two vowels versus three consonants. Word splitting yields one word: pages. No strong language cues emerged from the frequency lists.

username

password

html/5c/7f/5c7f9170-5fcd-4b13-8733-1cdc3728bc7b.html.gz

require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes

acc7e41455a80765b5fd9c7ee1b8078a6d160bbbca455aeae854de65c947d59e

3af878d39fae222e371f0977447058563ab9f645d558a9941897107b3b1863d6

6e7dbaeec5f121c496b41a2f990264de05dc83c7faf0a4e3d7363e9c49ca449b

a2a9d7337778bc91c07fd15f716513485b95a351b4bd786bdddb1c747ea526d5

f25c0e8540c3d18a98df6f1a12f6f51bf40f911554bc400d09a2a35d40dd77d1

7e1b8b151250333e88811b074815dd51407d355acee58298285a1a3b15f97e57

6400762aa231005eae9a52c13a7f95b40710a269701852484020ee8f1de92270

237a12fe485fa6ee0667af3e777ba04c720c70e7e813edd9eef8a119359fffcf

19137597cc1ee4b6c90eb9f75a849be0d30cc3657c5583f89610b8b58723fb86

4887e4a8ca755ae655ceee334958edd6f3961476547cdfe02b3482cefae8da73

be1918d80f136a4c6c48f6885ca8f13ccbd65c84a8721fbc29a9330700a61165

f71e4f0a0f81412327cb1834f7a50a367f2b9a6e97ba9c9cf6b7a1479f0e7eba

width=device-width, initial-scale=1, viewport-fit=cover

viewport

theme-color

color-scheme

supported-color-schemes

apple-mobile-web-app-capable

apple-mobile-web-app-status-bar-style

apple-mobile-web-app-title

Abuse Team

CloudFlare, Inc.

pages.dev

Abuse

Google LLC

GOOGLE


// ══════════════════════════════════════════════════════════════════════════
// GLOBAL 401 HANDLER
// ══════════════════════════════════════════════════════════════════════════
// When the server's signing key gets rotated (e.g. another device changed the password, or someone
// hit "Log out of all devices"), every cookie issued before the rotation becomes invalid. The auth
// middleware catches that and returns 401. Without this wrapper the frontend would silently fail
// every API call (chat saves, state pulls, etc.) while the UI looks fine — confusing. Now: any 401
// from a middleware-gated /api/* endpoint clears local UI state and reloads, which lands the user
// on the login overlay via the boot script's /api/me probe.
//
// We exclude /api/login, /api/change-password, /api/change-username because THOSE endpoints return
// 401 for "wrong password" / "wrong current password" — that's an expected, in-flow error message,
// not a session-expired signal, so we shouldn't auto-logout on it.
(function(){
  if(!window.fetch||window._l4j401WrapInstalled)return;
  window._l4j401WrapInstalled=true;
  var origFetch=window.fetch.bind(window);
  var IS_API=/(?:^|\/)api\//;
  var CRED_CHECK=/(?:^|\/)api\/(login|change-password|change-username)(?:\/|$|\?)/;
  var loggedOut=false; // guard against multiple parallel 401s racing to reload
  window.fetch=function(input,init){
    var url=typeof input==='string'?input:(input&&input.url)||'';
    return origFetch(input,init).then(function(r){
      if(!loggedOut&&r.status===401&&IS_API.test(url)&&!CRED_CHECK.test(url)){
        loggedOut=true;
        // Same wipe as the manual Logout button — so we land on welcome (not Settings) after
        // re-login instead of on the page where the 401 happened.
        try{
          sessionStorage.removeItem('l4j.settingsState');
          sessionStorage.removeItem('l4j.activeChat');
          sessionStorage.removeItem('l4j.chatScroll');
        }catch(_){}
        // Brief delay so any code that queued additional fetches in this tick can finish before
        // the reload; they'll fail with 401 too but at least their handlers can run.
        setTimeout(function(){location.reload()},80);
      }
      return r;
    });
  };
})();



// _attachPwToggle(input) — wraps a password <input> with a "show/hide" eye button.
// _scanPwInputs(scope) — finds every input[type=password] inside scope (defaults to document)
// and attaches the toggle if it doesn't already have one. Idempotent via a data-pw-attached flag.
(function(){
  var EYE_OPEN='<svg viewBox="0 0 24 24"><path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"/><circle cx="12" cy="12" r="3"/></svg>';
  var EYE_OFF='<svg viewBox="0 0 24 24"><path d="M17.94 17.94A10.07 10.07 0 0 1 12 20c-7 0-11-8-11-8a18.45 18.45 0 0 1 5.06-5.94M9.9 4.24A9.12 9.12 0 0 1 12 4c7 0 11 8 11 8a18.5 18.5 0 0 1-2.16 3.19m-6.72-1.07a3 3 0 1 1-4.24-4.24"/><line x1="1" y1="1" x2="23" y2="23"/></svg>';
  window._attachPwToggle=function(input){
    if(!input||input.dataset.pwAttached==='1')return;
    input.dataset.pwAttached='1';
    var wrap=document.createElement('span');
    wrap.className='pw-wrap';
    // Preserve any inline width set on the input by copying it to the wrap, then
    // making the input fill the wrap. Without this, a settings input with style="width:60%"
    // would lose its sizing once we drop it inside the inline-block wrap.
    var inlineW=input.style.width;
    if(inlineW){wrap.style.width=inlineW;input.style.width='100%'}
    else{wrap.style.width='100%'}
    input.parentNode.insertBefore(wrap,input);
    wrap.appendChild(input);
    var btn=document.createElement('button');
    btn.type='button';
    btn.className='pw-toggle';
    btn.title='Show password';
    btn.setAttribute('aria-label','Show password');
    btn.innerHTML=EYE_OPEN;
    btn.addEventListener('click',function(){
      if(input.type==='password'){
        input.type='text';
        btn.title='Hide password';btn.setAttribute('aria-label','Hide password');
        btn.innerHTML=EYE_OFF;
      }else{
        input.type='password';
        btn.title='Show password';btn.setAttribute('aria-label','Show password');
        btn.innerHTML=EYE_OPEN;
      }
    });
    wrap.appendChild(btn);
  };
  window._scanPwInputs=function(scope){
    (scope||document).querySelectorAll('input[type=password]').forEach(window._attachPwToggle);
  };
})();



// ══════════════════════════════════════════════════════════════════════════
// PILLS-IN-TEXTAREA (#5)
// ══════════════════════════════════════════════════════════════════════════
// Discord-style highlighting for @mentions, /commands, and {template tags} inside textareas.
// We can't put real HTML inside <textarea>, so the trick is: leave the textarea as the input
// surface (caret, selection, keystrokes) but render its text transparent, and float a positioned
// <div class="pill-overlay"> above it that mirrors the same text with HTML pills. The overlay is
// pointer-events:none so the textarea still receives all clicks.
//
// Two public functions:
//   window._pillsRender(text, opts)     → returns escaped HTML with pill spans
//   window._attachPillRenderer(ta, opts) → wraps the textarea + installs the input/scroll listeners
//
// opts = { mentions: bool, slashes: bool, tags: bool }
// Composer textarea uses {mentions:true, slashes:true}; System Core Prompt uses {tags:true}.
(function(){
  var TAG_RE=/\{(user name|AI name|AI platform)\}/g;
  var SLASH_RE=/^\/(\w+)/; // only at the very start of the textarea (matches existing autocomplete)
  var SLASH_VALID={imagine:1,memory:1,debug:1};
  var MENTION_RE=/@(\w+)/g;
  function escH(s){return String(s).replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;')}
  window._pillsRender=function(text,opts){
    opts=opts||{};
    var h=escH(text||'');
    if(opts.tags){
      h=h.replace(TAG_RE,function(m){return '<span class="pill pill-tag">'+m+'</span>'});
    }
    if(opts.slashes){
      h=h.replace(SLASH_RE,function(m,cmd){
        return SLASH_VALID[cmd]?'<span class="pill pill-slash">'+m+'</span>':m;
      });
    }
    if(opts.mentions){
      // Only highlight @mentions of personas who are ACTUALLY in the current chat — same rule
      // the autocomplete (updateAC) uses. Manually typing @SomeoneNotInThisChat leaves the text
      // plain. _getActiveChatMembers returns the active chat's member id list (or null if no
      // active chat / no chat yet). When we have a member list, validNames is restricted to those
      // members; @everyone is only valid in multi-AI chats (mirrors updateAC's `aiPs.length > 1`).
      var personas=(window._f&&window._f.cfg&&window._f.cfg.personas)||[];
      var memberIds=(window._f&&window._f._getActiveChatMembers)?window._f._getActiveChatMembers():null;
      var validNames={};
      var allowed;
      if(memberIds){
        var memberSet={};for(var i=0;i<memberIds.length;i++)memberSet[memberIds[i]]=1;
        allowed=personas.filter(function(p){return memberSet[p.id]&&p.align!=='right'});
      }else{
        // No active chat (welcome state) — fall back to all AI personas so the pill renderer
        // doesn't go silent. In practice the composer is hidden in the welcome state anyway.
        allowed=personas.filter(function(p){return p.align!=='right'});
      }
      for(var j=0;j<allowed.length;j++)validNames[String(allowed[j].name||'').toLowerCase()]=1;
      // @everyone only makes sense when there are 2+ AIs to address.
      if(allowed.length>1)validNames.everyone=1;
      h=h.replace(MENTION_RE,function(m,name){
        return validNames[name.toLowerCase()]?'<span class="pill pill-mention">'+m+'</span>':m;
      });
    }
    return h;
  };
  // Sync the typography / box metrics from the textarea onto the overlay so they line up to the
  // pixel. Called once on attach + on window resize. Theme switches don't change these, so we don't
  // re-sync on theme change (yet — if pills look misaligned after a theme swap, hook this in there).
  function _syncStyles(ta,ov){
    var cs=window.getComputedStyle(ta);
    var props=['fontFamily','fontSize','fontWeight','fontStyle','fontVariant','lineHeight','letterSpacing','wordSpacing','textIndent','textAlign','paddingTop','paddingRight','paddingBottom','paddingLeft','borderTopWidth','borderRightWidth','borderBottomWidth','borderLeftWidth','borderTopStyle','borderRightStyle','borderBottomStyle','borderLeftStyle','borderRadius','boxSizing','tabSize','wordBreak','overflowWrap'];
    for(var i=0;i<props.length;i++){ov.style[props[i]]=cs[props[i]]}
    ov.style.borderColor='transparent'; // borders shouldn't paint on the overlay
    ov.style.whiteSpace='pre-wrap';
  }
  window._attachPillRenderer=function(ta,opts){
    if(!ta||ta.dataset.pillsAttached==='1')return;
    ta.dataset.pillsAttached='1';
    // Wrap the textarea in a .pill-wrap if it's not already inside one. Move (don't clone) the
    // textarea so existing event listeners + the IDL-input value all carry over unchanged.
    var wrap=ta.parentNode;
    if(!wrap||!wrap.classList||!wrap.classList.contains('pill-wrap')){
      wrap=document.createElement('span');
      wrap.className='pill-wrap';
      ta.parentNode.insertBefore(wrap,ta);
      wrap.appendChild(ta);
    }
    var overlay=wrap.querySelector('.pill-overlay');
    if(!overlay){
      overlay=document.createElement('div');
      overlay.className='pill-overlay';
      overlay.setAttribute('aria-hidden','true');
      wrap.insertBefore(overlay,ta);
    }
    function _update(){
      overlay.innerHTML=window._pillsRender(ta.value||'',opts);
      overlay.scrollTop=ta.scrollTop;
    }
    _syncStyles(ta,overlay);
    ta.addEventListener('input',_update);
    ta.addEventListener('scroll',function(){overlay.scrollTop=ta.scrollTop});
    window.addEventListener('resize',function(){_syncStyles(ta,overlay)});
    // Existing code does a lot of `input.value = ''` after sending a message, plus programmatic
    // formatting inserts (bold/italic, @ shortcut, slash shortcut). Native textareas don't fire
    // 'input' for those — only for real user keystrokes — so the overlay would go stale. Override
    // the .value setter on this specific instance to also dispatch an 'input' event whenever code
    // writes to it. This also incidentally fixes the auto-resize listener firing on clears (so the
    // textarea snaps back to single-line height immediately after send instead of on next keypress).
    try{
      var proto=Object.getPrototypeOf(ta);
      var orig=Object.getOwnPropertyDescriptor(proto,'value');
      if(orig&&orig.set){
        Object.defineProperty(ta,'value',{
          configurable:true,
          get:function(){return orig.get.call(this)},
          set:function(v){orig.set.call(this,v);this.dispatchEvent(new Event('input',{bubbles:true}))}
        });
      }
    }catch(_){}
    _update();
    // Expose a re-render hook so external code can refresh explicitly if it ever bypasses .value.
    ta._pillsRefresh=_update;
  };
})();



// Show the boot splash only when launched as a PWA (display-mode: standalone). When the site
// is opened in a regular browser tab, the OS-splash transition isn't relevant — hide ours
// immediately so it doesn't briefly cover the page on every reload.
(function(){
  try{
    if(!window.matchMedia||!matchMedia('(display-mode: standalone)').matches){
      var _s=document.getElementById('l4jBootSplash');
      if(_s)_s.style.display='none';
    }
  }catch(e){}
})();



(function(){
// Phase 6: skip the entire forge layer when the user isn't authenticated yet — the login overlay
// covers the whole UI and we don't want stale localStorage state to leak through.
if(wi


(function(){
// Phase 6: skip the messenger layer when login is required (the boot script set this flag).
if(window._l4jNeedsLogin)return;

// ══════════════════════════════════════
// CHAT STORAGE: 


// PWA service worker registration — registers /sw.js after the page has loaded so
// it doesn't compete with critical bootstrapping. The SW handles offline shell caching;
// it never intercepts /api/* (auth + live state always reach the network).
if('serviceWorker' in navigator){
  window.addEventListener('load',function(){
    navigator.serviceWorker.register('/sw.js').catch(function(err){console.error('SW registration failed:',err)});
  });
}


PasswordField

Linn4Jace

✅ Low Risk - http://linn4jace-dev.pages.dev/

Requests	IP Address	Location	AS Autonomous System
7	104.16.175.226	United States	AS13335Cloudflare, Inc.
4	172.66.47.3	United States	AS13335Cloudflare, Inc.
4	142.251.127.95	United States	AS15169Google LLC
4	142.251.110.94	United States	AS15169Google LLC
19	4	-	-

Security Scan Report: linn4jace-dev.pages.dev

Summary

AI Security Verdict

Moderate Risk

Risk Factors

Safety Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History