Submitted URL: http://welfarestage.laborability.com/
Effective URL: https://welfarestage.laborability.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 13 via api from IT — Scanned from IT

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 172.66.0.96, located in United States and belongs to CLOUDFLARENET, US. The main domain is welfarestage.laborability.com.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.
This is the only time welfarestage.laborability.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 172.66.0.96 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.181.227 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2600:1901:0:4... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 4.227.249.197 8075 (MICROSOFT...)
22 12
Apex Domain
Subdomains
Transfer
7 laborability.com
welfarestage.laborability.com
auth.laborability.com
688 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 722
c.clarity.ms — Cisco Umbrella Rank: 1468
u.clarity.ms — Cisco Umbrella Rank: 8987
29 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4941
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5488
35 KB
2 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 5306
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
196 KB
2 gstatic.com
fonts.gstatic.com
35 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 214
772 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2944
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
31 KB
22 9
Domain Requested by
6 welfarestage.laborability.com welfarestage.laborability.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms welfarestage.laborability.com
www.clarity.ms
2 cdn.mxpnl.com www.googletagmanager.com
cdn.mxpnl.com
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 www.googletagmanager.com welfarestage.laborability.com
www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
1 u.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
1 consentcdn.cookiebot.com consent.cookiebot.com
1 region1.google-analytics.com www.googletagmanager.com
1 auth.laborability.com welfarestage.laborability.com
1 fonts.googleapis.com welfarestage.laborability.com
22 13

This site contains no links.

Subject Issuer Validity Valid
welfarestage.laborability.com
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
auth.laborability.com
WE1
2024-10-22 -
2025-01-20
3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-28 -
2025-02-27
a year crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1
2024-07-15 -
2025-07-29
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2025-02-26
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 3 frames:

Primary Page: https://welfarestage.laborability.com/
Frame ID: D068D5973B663ABF04AFA1877E6C0D22
Requests: 20 HTTP requests in this frame

Frame: https://auth.laborability.com/realms/welfarestage/protocol/openid-connect/3p-cookies/step1.html
Frame ID: 392D4C240FBC35F7FF2B761798BD718E
Requests: 3 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: F9C7EE15AA0C5D4574CA141DE4617627
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Laborability - FE APP

Page URL History Show full URLs

  1. http://welfarestage.laborability.com/ HTTP 307
    https://welfarestage.laborability.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

95 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

1034 kB
Transfer

2991 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://welfarestage.laborability.com/ HTTP 307
    https://welfarestage.laborability.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=495D16A40EFD495A82140EB76426F1D2&RedC=c.clarity.ms&MXFR=2BCE506DF29E63E31E7D455BF69E6D32 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=495D16A40EFD495A82140EB76426F1D2&MUID=2D89250CA6BB662600B6303AA7CC6722

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
welfarestage.laborability.com/
Redirect Chain
  • http://welfarestage.laborability.com/
  • https://welfarestage.laborability.com/
775 B
852 B
Document
General
Full URL
https://welfarestage.laborability.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9607a4fd11702ac089abc66db81154fd0db07993f3e7ce6fb9d4ac8bd920caa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
MISS
cf-ray
8e20e7a78baf65c9-FRA
content-encoding
br
content-type
text/html
date
Wed, 13 Nov 2024 18:43:00 GMT
last-modified
Tue, 12 Nov 2024 11:07:54 GMT
server
cloudflare
vary
Accept-Encoding
x-do-app-origin
70a76f24-653d-4908-a7b1-6c967d1636d1
x-do-orig-status
200

Redirect headers

Location
https://welfarestage.laborability.com/
Non-Authoritative-Reason
HttpsUpgrades
main.809ba627.js
welfarestage.laborability.com/static/js/
2 MB
636 KB
Script
General
Full URL
https://welfarestage.laborability.com/static/js/main.809ba627.js
Requested by
Host: welfarestage.laborability.com
URL: https://welfarestage.laborability.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f609c61ef0829b2c5536ac698c4af0d1e6faa4c8a18c1f3d5a546d2c1318d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

cache-control
private
content-encoding
br
cf-cache-status
MISS
etag
W/"6733370a-1e25c8"
x-do-app-origin
70a76f24-653d-4908-a7b1-6c967d1636d1
cf-ray
8e20e7a7fc3a65c9-FRA
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 18:43:00 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 11:07:54 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
main.3c8d8eff.css
welfarestage.laborability.com/static/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://welfarestage.laborability.com/static/css/main.3c8d8eff.css
Requested by
Host: welfarestage.laborability.com
URL: https://welfarestage.laborability.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba46847e62a36a6dd21a0cc8d0bcb87d7b47def1f7ae8d11bd84745881a6d51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

cache-control
private
content-encoding
br
cf-cache-status
MISS
etag
W/"6733370a-18b3"
x-do-app-origin
70a76f24-653d-4908-a7b1-6c967d1636d1
cf-ray
8e20e7a7fc3b65c9-FRA
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 18:43:00 GMT
content-type
text/css
last-modified
Tue, 12 Nov 2024 11:07:54 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
css2
fonts.googleapis.com/
115 KB
31 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Dela+Gothic+One&family=Space+Grotesk:wght@300..700&display=swap
Requested by
Host: welfarestage.laborability.com
URL: https://welfarestage.laborability.com/static/css/main.3c8d8eff.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
034f4ab0b85a428476162bd05e62f37f9f36c3089111f0a8efaa4306427757ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 18:43:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 18:43:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 13 Nov 2024 18:43:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
hESp6XxvMDRA-2eD0lXpDa6QkBA2QkEI.woff2
fonts.gstatic.com/s/delagothicone/v16/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/delagothicone/v16/hESp6XxvMDRA-2eD0lXpDa6QkBA2QkEI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Dela+Gothic+One&family=Space+Grotesk:wght@300..700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
ac4fadf62bcdaf71e5d51ac15286e07162323daec993b646ee8a25cd6be36bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://welfarestage.laborability.com
Referer
https://fonts.googleapis.com/

Response headers

age
44973
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 06:13:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 06:13:27 GMT
last-modified
Tue, 06 Aug 2024 21:42:51 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13844
x-xss-protection
0
server
sffe
V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
fonts.gstatic.com/s/spacegrotesk/v16/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/spacegrotesk/v16/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Dela+Gothic+One&family=Space+Grotesk:wght@300..700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://welfarestage.laborability.com
Referer
https://fonts.googleapis.com/

Response headers

age
11911
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:24:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:24:29 GMT
last-modified
Wed, 13 Sep 2023 22:44:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22284
x-xss-protection
0
server
sffe
SourceSansPro-Regular.7a228bcfffbb706a8227.woff
welfarestage.laborability.com/static/media/
22 KB
23 KB
Font
General
Full URL
https://welfarestage.laborability.com/static/media/SourceSansPro-Regular.7a228bcfffbb706a8227.woff
Requested by
Host: welfarestage.laborability.com
URL: https://welfarestage.laborability.com/static/css/main.3c8d8eff.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae362246497f8509ae6299f38501779a2d3386a50b5c5568b8b604f8ff2e7f9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://welfarestage.laborability.com
Referer
https://welfarestage.laborability.com/static/css/main.3c8d8eff.css

Response headers

cache-control
private
cf-cache-status
MISS
etag
"6733370a-591c"
x-do-app-origin
70a76f24-653d-4908-a7b1-6c967d1636d1
cf-ray
8e20e7aa9f0f65c9-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
22812
date
Wed, 13 Nov 2024 18:43:00 GMT
content-type
font/woff
last-modified
Tue, 12 Nov 2024 11:07:54 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
SourceSansPro-Bold.190e9e69a0f2292802c5.woff
welfarestage.laborability.com/static/media/
22 KB
22 KB
Font
General
Full URL
https://welfarestage.laborability.com/static/media/SourceSansPro-Bold.190e9e69a0f2292802c5.woff
Requested by
Host: welfarestage.laborability.com
URL: https://welfarestage.laborability.com/static/css/main.3c8d8eff.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7397d2eebad1447a3d0323d2b889bc088d42dc9aa8e683d7cfdc1f2a173541

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://welfarestage.laborability.com
Referer
https://welfarestage.laborability.com/static/css/main.3c8d8eff.css

Response headers

cache-control
private
cf-cache-status
MISS
etag
"6733370a-5880"
x-do-app-origin
70a76f24-653d-4908-a7b1-6c967d1636d1
cf-ray
8e20e7aa9f1265c9-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
22656
date
Wed, 13 Nov 2024 18:43:01 GMT
content-type
font/woff
last-modified
Tue, 12 Nov 2024 11:07:54 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
gtm.js
www.googletagmanager.com/
254 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5D9XC6SP&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: welfarestage.laborability.com
URL: https://welfarestage.laborability.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
093eac89ead79c1d2cdac31d6ba748284384f74c21bca3fbd222217df429c1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 13 Nov 2024 18:43:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 18:43:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87644
x-xss-protection
0
server
Google Tag Manager
step1.html
auth.laborability.com/realms/welfarestage/protocol/openid-connect/3p-cookies/ Frame 392D
0
0
Document
General
Full URL
https://auth.laborability.com/realms/welfarestage/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: welfarestage.laborability.com
URL: https://welfarestage.laborability.com/static/js/main.809ba627.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://welfarestage.laborability.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
MISS
cf-ray
8e20e7ab390edbde-FRA
content-encoding
br
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Wed, 13 Nov 2024 18:43:01 GMT
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-do-app-origin
bd09c7bb-7372-4f97-8319-0dc43eb19b27
x-do-orig-status
404
x-frame-options
SAMEORIGIN
x-robots-tag
none
x-xss-protection
1; mode=block
favicon.ico
welfarestage.laborability.com/
32 KB
4 KB
Other
General
Full URL
https://welfarestage.laborability.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
179eaa0275e11f138b3e83e204b943c43522a8239743d21807afcba3f5c32d9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

cache-control
private
content-encoding
br
cf-cache-status
MISS
etag
W/"6733370a-8066"
x-do-app-origin
70a76f24-653d-4908-a7b1-6c967d1636d1
cf-ray
8e20e7aabf2a65c9-FRA
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 18:43:00 GMT
content-type
image/x-icon
last-modified
Tue, 12 Nov 2024 11:07:54 GMT
vary
Accept-Encoding
server
cloudflare
x-do-orig-status
200
truncated
/ Frame 392D
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 392D
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
uc.js
consent.cookiebot.com/
110 KB
34 KB
Script
General
Full URL
https://consent.cookiebot.com/uc.js?cbid=84fafea8-846c-42ef-bbce-9f497617d80f
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D9XC6SP&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=203
content-encoding
gzip
etag
"42d4c62e8219db1:0"
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires
Wed, 13 Nov 2024 18:46:24 GMT
accept-ranges
bytes
content-length
34533
date
Wed, 13 Nov 2024 18:43:01 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 13:01:25 GMT
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
332 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FDG7BH19Q0&l=dataLayer&cx=c&gtm=45He4b70v9182856144za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D9XC6SP&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f306ef2d349691d1db5353b2abf7e25f7c669929cf97bd0276dd88e2dde34400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 18:43:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 18:43:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111943
x-xss-protection
0
server
Google Tag Manager
mixpanel-js-wrapper.min.js
cdn.mxpnl.com/libs/
3 KB
2 KB
Script
General
Full URL
https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5D9XC6SP&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
400134c32d48dd42109880a1d2ba3f9e3f094d93193179f241a96103457eb8cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

x-goog-metageneration
2
content-encoding
gzip
x-goog-hash
crc32c=U54G5g==, md5=DMh/WWZuI1Z3Hm6EN2RyFw==
etag
"0cc87f59666e2356771e6e8437647217"
age
26
x-goog-stored-content-encoding
gzip
expires
Wed, 13 Nov 2024 18:52:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1239
date
Wed, 13 Nov 2024 18:42:35 GMT
last-modified
Tue, 05 Nov 2024 17:21:46 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0lf8PHc-dL1RfaNM1uiTKmkYNLSYmepLAADUvt26RmZHTAf5CpqOAb5GLmrc3VLyq-GEz5ppuaXQ
cache-control
public,max-age=600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730827306138254
content-length
1239
server
UploadServer
n0m0c4e7zs
www.clarity.ms/tag/
689 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/n0m0c4e7zs
Requested by
Host: welfarestage.laborability.com
URL: https://welfarestage.laborability.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
125955d6925bfb728b6704d8bd8ce03c218aa2059516751667c7400e70a7e1e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Wed, 13 Nov 2024 18:43:01 GMT
content-type
application/x-javascript
x-azure-ref
20241113T184301Z-17b78558cc5669jvhC1MILrnec000000070g00000001dmtq
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/
55 KB
19 KB
Script
General
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bc94ac4cf8c40825ad44690336b1de510a0b5dd6428a5759b0cc5284dcdc7e08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=Awfd4g==, md5=94g9eoI2/luNwM5SGIfwSw==
etag
"f7883d7a8236fe5b8dc0ce521887f04b"
age
125
x-goog-stored-content-encoding
gzip
expires
Wed, 13 Nov 2024 18:50:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
19120
date
Wed, 13 Nov 2024 18:40:56 GMT
last-modified
Tue, 05 Nov 2024 17:21:22 GMT
content-type
text/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0uVo3qlRCydssdMRg-7ua7vfGQMh7JZIfSuYINXdPVXRR071YisLooANvJdO3VkL5bSWaHdmqAfQ
cache-control
public,max-age=600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730827282841656
content-length
19120
server
UploadServer
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FDG7BH19Q0&gtm=45je4b70v9184972804z89182856144za200zb9182856144&_p=1731523380880&gcs=G101&gcd=13p3t3l2l7l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&cid=1732833435.1731523381&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ngs=1&_s=1&sid=1731523381&sct=1&seg=0&dl=https%3A%2F%2Fwelfarestage.laborability.com%2F&dt=Laborability%20-%20FE%20APP&en=page_view&_fv=1&_nsi=1&_ss=1&ep.consent_mode=%7B%22analytics_storage%22%3A%22granted%22%7D&tfd=1017
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FDG7BH19Q0&l=dataLayer&cx=c&gtm=45He4b70v9182856144za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://welfarestage.laborability.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 18:43:01 GMT
content-type
text/plain
server
Golfe2
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame F9C7
0
0
Document
General
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=84fafea8-846c-42ef-bbce-9f497617d80f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://welfarestage.laborability.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 18:43:01 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Thu, 13 Nov 2025 18:43:01 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1731523381447_388276618_61877055_21_759_34_37_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/84fafea8-846c-42ef-bbce-9f497617d80f/
385 B
610 B
Script
General
Full URL
https://consent.cookiebot.com/84fafea8-846c-42ef-bbce-9f497617d80f/cc.js?renew=false&referer=welfarestage.laborability.com&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=84fafea8-846c-42ef-bbce-9f497617d80f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5dce728680c3197795841a70a3fde6927bd0753a96ffef8ed1e422593b0e57e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

cache-control
private, max-age=60
access-control-expose-headers
Request-Context
content-encoding
gzip
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length
373
date
Wed, 13 Nov 2024 18:43:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
clarity.js
www.clarity.ms/s/0.7.49/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/n0m0c4e7zs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

x-azure-ref
20241113T184301Z-17b78558cc5669jvhC1MILrnec000000070g00000001dmu7
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
1789ecf8-001e-0079-6678-2fd2ff000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 13 Nov 2024 18:43:01 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=495D16A40EFD495A82140EB76426F1D2&RedC=c.clarity.ms&MXFR=2BCE506DF29E63E31E7D455BF69E6D32
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=495D16A40EFD495A82140EB76426F1D2&MUID=2D89250CA6BB662600B6303AA7CC6722
42 B
465 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=495D16A40EFD495A82140EB76426F1D2&MUID=2D89250CA6BB662600B6303AA7CC6722
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://welfarestage.laborability.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"b116c54f951fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Wed, 13 Nov 2024 18:43:02 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 06:33:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=495D16A40EFD495A82140EB76426F1D2&MUID=2D89250CA6BB662600B6303AA7CC6722
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E75F748CED5445FEA3DBB04DE3624CBE Ref B: MIL30EDGE0909 Ref C: 2024-11-13T18:43:02Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Wed, 13 Nov 2024 18:43:01 GMT
x-powered-by
ASP.NET
collect
u.clarity.ms/
0
293 B
XHR
General
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://welfarestage.laborability.com/

Response headers

Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin
https://welfarestage.laborability.com
Date
Wed, 13 Nov 2024 18:43:02 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer object| webpackChunk_laborability_app_fe function| Hammer string| __reactRouterVersion object| google_tag_manager object| google_tag_data function| clarity object| mixpanel function| _mixpanel function| onYouTubeIframeAPIReady object| gaGlobal object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent function| CookiebotCallback_OnAccept string| cookiedomainwarning

15 Cookies

Domain/Path Name / Value
.welfarestage.laborability.com/ Name: __cf_bm
Value: Oh1Wd0YjDtbEj.UO5FGOOX6CmHw.Fo.6SHT2I4LLYSw-1731523380-1.0.1.1-KVx3aTzZF4YbnhA4H_KI5uOyzSDek8wBynUJ7tNtHv9GJJ9B261.tHyERxW9pindpkK7.txgm2J.eqeV7t7e2Q
.auth.laborability.com/ Name: __cf_bm
Value: 4.Iu6qVeioBJewtsh7aM_bS0lHropmbOmNDM8s3YExs-1731523381-1.0.1.1-IX6e2QtbVQ9MvkqGcapG_FP8CS6afXbpladLLyg_J_T893TT7NXybzQHt92noYtgsEeGTd5grcI5Wwtgrl.5aA
.laborability.com/ Name: _ga
Value: GA1.1.1732833435.1731523381
.laborability.com/ Name: _ga_FDG7BH19Q0
Value: GS1.1.1731523381.1.0.1731523381.0.0.0
.laborability.com/ Name: mp_8ec5916c1eee2371d843bdc1b0d9246c_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A19326d6084d40e-0a421227aa0c0b-17462c6e-1d4c00-19326d6084d40e%22%2C%22%24device_id%22%3A%20%2219326d6084d40e-0a421227aa0c0b-17462c6e-1d4c00-19326d6084d40e%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
www.clarity.ms/ Name: CLID
Value: aeffc7fc1447450fa6591f25cfd8a3dd.20241113.20251113
.laborability.com/ Name: _clck
Value: 1iubhs7%7C2%7Cfqu%7C0%7C1778
.bing.com/ Name: MUID
Value: 2D89250CA6BB662600B6303AA7CC6722
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2D89250CA6BB662600B6303AA7CC6722
.laborability.com/ Name: _clsk
Value: 1msc0i4%7C1731523382148%7C1%7C1%7Cu.clarity.ms%2Fcollect
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2D89250CA6BB662600B6303AA7CC6722
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

2 Console Messages

Source Level URL
Text
security error
Message:
Refused to frame 'https://auth.laborability.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.laborability.com
c.bing.com
c.clarity.ms
cdn.mxpnl.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
u.clarity.ms
welfarestage.laborability.com
www.clarity.ms
www.googletagmanager.com
13.74.129.1
142.250.181.227
172.66.0.96
2001:4860:4802:34::36
2600:1901:0:498c::
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:803::200a
2a00:1450:4001:82f::2008
2a02:26f0:3500:18::1724:a29f
2a02:26f0:3500:887::f09
4.227.249.197
034f4ab0b85a428476162bd05e62f37f9f36c3089111f0a8efaa4306427757ef
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
093eac89ead79c1d2cdac31d6ba748284384f74c21bca3fbd222217df429c1de
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
125955d6925bfb728b6704d8bd8ce03c218aa2059516751667c7400e70a7e1e9
179eaa0275e11f138b3e83e204b943c43522a8239743d21807afcba3f5c32d9b
22f609c61ef0829b2c5536ac698c4af0d1e6faa4c8a18c1f3d5a546d2c1318d9
400134c32d48dd42109880a1d2ba3f9e3f094d93193179f241a96103457eb8cb
5dce728680c3197795841a70a3fde6927bd0753a96ffef8ed1e422593b0e57e3
6f7397d2eebad1447a3d0323d2b889bc088d42dc9aa8e683d7cfdc1f2a173541
7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aba46847e62a36a6dd21a0cc8d0bcb87d7b47def1f7ae8d11bd84745881a6d51
ac4fadf62bcdaf71e5d51ac15286e07162323daec993b646ee8a25cd6be36bc2
ae362246497f8509ae6299f38501779a2d3386a50b5c5568b8b604f8ff2e7f9f
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5
bc94ac4cf8c40825ad44690336b1de510a0b5dd6428a5759b0cc5284dcdc7e08
d9607a4fd11702ac089abc66db81154fd0db07993f3e7ce6fb9d4ac8bd920caa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
f306ef2d349691d1db5353b2abf7e25f7c669929cf97bd0276dd88e2dde34400