app.es-labs.dev.elphasecure.io Open in urlscan Pro
34.148.235.98  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app.es-labs.dev.elphasecure.io/	2 KB 2 KB	614ms 194ms	Document text/html	34.148.235.98 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.235.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 98.235.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 1a55ee3a30646971cd224d1b7de8a3c29f5e055652bfb9154d0560fdf179d10f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers accept-ranges bytes content-length 2331 content-type text/html date Thu, 27 Jul 2023 17:52:57 GMT etag "647f94b0-91b" last-modified Tue, 06 Jun 2023 20:18:56 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-envoy-upstream-service-time 2
GET H2	200	env-config.js Show response app.es-labs.dev.elphasecure.io/	446 B 579 B	197ms 196ms	Script application/javascript	34.148.235.98 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.es-labs.dev.elphasecure.io/env-config.js Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.235.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 98.235.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash c014bd1d7977cc9e762a88a6d8518732d6aece876104db5c4d9994802f43d138 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 17:52:57 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 27 Jul 2023 08:18:52 GMT server istio-envoy etag "64c2286c-1be" content-type application/javascript cache-control max-age=1800 x-envoy-upstream-service-time 6 accept-ranges bytes content-length 446 expires Thu, 27 Jul 2023 18:22:57 GMT
GET H2	200	2.c3455e58.chunk.css app.es-labs.dev.elphasecure.io/static/css/	24 KB 24 KB	198ms 197ms	Stylesheet text/css	34.148.235.98 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.es-labs.dev.elphasecure.io/static/css/2.c3455e58.chunk.css Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.235.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 98.235.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 01b4c26ccb5d41555d148a656ff4966ae623bc2f20ad91c3feef49332e042d55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 17:52:57 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 06 Jun 2023 20:18:56 GMT server istio-envoy etag "647f94b0-6182" content-type text/css x-envoy-upstream-service-time 6 accept-ranges bytes content-length 24962
GET H2	200	main.ccf8ad84.chunk.css app.es-labs.dev.elphasecure.io/static/css/	10 KB 10 KB	406ms 406ms	Stylesheet text/css	34.148.235.98 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.es-labs.dev.elphasecure.io/static/css/main.ccf8ad84.chunk.css Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.235.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 98.235.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash c1dcba84ac2820cfa9154f6b14c97c08760deeb2331cca32b0d58202f07201ac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 17:52:57 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 06 Jun 2023 20:18:56 GMT server istio-envoy etag "647f94b0-28dc" content-type text/css x-envoy-upstream-service-time 26 accept-ranges bytes content-length 10460
GET H2	200	2.5d34281d.chunk.js Show response app.es-labs.dev.elphasecure.io/static/js/	2 MB 2 MB	198ms 197ms	Script application/javascript	34.148.235.98 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.es-labs.dev.elphasecure.io/static/js/2.5d34281d.chunk.js Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.235.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 98.235.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 682ef55a6478d23b638a047a98c46d7118de44036080af8b6bee0bc40aaa8864 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 17:52:57 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 06 Jun 2023 20:18:56 GMT server istio-envoy etag "647f94b0-23a409" content-type application/javascript x-envoy-upstream-service-time 6 accept-ranges bytes content-length 2335753
GET H2	200	main.780e5807.chunk.js Show response app.es-labs.dev.elphasecure.io/static/js/	250 KB 250 KB	198ms 198ms	Script application/javascript	34.148.235.98 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app.es-labs.dev.elphasecure.io/static/js/main.780e5807.chunk.js Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.235.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 98.235.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 3b7b6d2c88e50659454f44bf54fe2966650ed00aa537d70f92d332c900bb33ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 17:52:57 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 06 Jun 2023 20:18:56 GMT server istio-envoy etag "647f94b0-3e6a5" content-type application/javascript x-envoy-upstream-service-time 6 accept-ranges bytes content-length 255653
GET H2	200	udl5zjc.css use.typekit.net/	3 KB 943 B	393ms 202ms	Stylesheet text/css	2a02:26f0:3100::1735:28f0 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/udl5zjc.css Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/static/css/main.ccf8ad84.chunk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash c6d85335e19671a31d0ffd45a1b574481c6b0aa56c067eb8e0e8bb2cb751f105 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Thu, 27 Jul 2023 17:52:58 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 720
GET H2	200	p.css p.typekit.net/	5 B 173 B	275ms 62ms	Stylesheet text/css	2a02:26f0:780::210:a469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=udl5zjc&ht=tk&f=24539.24543.24547.24549&a=62226414&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/udl5zjc.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers accept-language es-ES,es;q=0.9 Referer https://use.typekit.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 17:52:59 GMT last-modified Fri, 23 Jun 2023 17:09:47 GMT server nginx etag "6495d1db-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	gtm.js Show response www.googletagmanager.com/	121 KB 47 KB	204ms 76ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TFL85VD&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 648a079eb3d4b4a35e4df2b0b8696c32fbf646aa612a07b2acb9045b2230498f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 17:52:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47365 x-xss-protection 0 last-modified Thu, 27 Jul 2023 17:06:11 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 27 Jul 2023 17:52:59 GMT
GET H2	200	v3 Show response js.stripe.com/	517 KB 128 KB	230ms 74ms	Script text/javascript	108.138.36.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/static/js/2.5d34281d.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-49.muc50.r.cloudfront.net Software Cloudfront / Resource Hash 3fc5aa56d541ecad9c6ac048d097423a221660c31c70dfae3f14e96a9da78bef Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Thu, 27 Jul 2023 17:52:58 GMT via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 age 3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Thu, 27 Jul 2023 17:41:10 GMT server Cloudfront etag W/"01d3345ab0e1e20d6b03e35b69ce8b6e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id Thy9ZXKGjC2Gn4ViO1i4duwP1loDu4w86P9t4iWsTp8-hlIUVEEjJg==
GET H2	200	step1.html Show response dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/3p-cookies/ Frame F141	757 B 1 KB	610ms 191ms	Document text/html	34.139.154.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/3p-cookies/step1.html Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/static/js/2.5d34281d.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.139.154.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.154.139.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1 Security Headers Name Value Content-Security-Policy frame-src 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://app.es-labs.dev.elphasecure.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-length 757 content-security-policy frame-src 'self'; object-src 'none'; content-type text/html;charset=utf-8 date Thu, 27 Jul 2023 17:52:59 GMT p3p CP="This is not a P3P policy!" referrer-policy no-referrer server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-envoy-upstream-service-time 3 x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	step2.html Show response dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/3p-cookies/ Frame F141	442 B 491 B	193ms 192ms	Document text/html	34.139.154.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/3p-cookies/step2.html Requested by Host: dev.auth.elphasecure.io URL: https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/3p-cookies/step1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.139.154.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.154.139.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 7c83d54a3f5b8ebcffc9bb1fbd20a4ca4da6d7eee5987dd621a81dd016f0d557 Security Headers Name Value Content-Security-Policy frame-src 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-length 442 content-security-policy frame-src 'self'; object-src 'none'; content-type text/html;charset=utf-8 date Thu, 27 Jul 2023 17:52:59 GMT p3p CP="This is not a P3P policy!" referrer-policy no-referrer server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-envoy-upstream-service-time 5 x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response js.stripe.com/v3/ Frame B082	200 B 1 KB	66ms 65ms	Document text/html	108.138.36.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-49.muc50.r.cloudfront.net Software Cloudfront / Resource Hash f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app.es-labs.dev.elphasecure.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1315 alt-svc h3=":443"; ma=86400 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 27 Jul 2023 17:31:09 GMT etag "93afeeb17bc37e711759584dbfc50d47" last-modified Wed, 05 Jul 2023 20:15:53 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-amz-cf-id 1Lro0ZQysO5TQP3w-DdfMN2aa75GmAkQr56LLCXQwdW6QmX1jl8sLw== x-amz-cf-pop MUC50-P2 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	login-status-iframe.html Show response dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/ Frame 0D9E	3 KB 3 KB	191ms 190ms	Document text/html	34.139.154.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/static/js/2.5d34281d.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.139.154.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.154.139.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 81d907c82998d426e74c41cc9cf5c13465664e47383daa6a9d12d6e0237752ef Security Headers Name Value Content-Security-Policy frame-src 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://app.es-labs.dev.elphasecure.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-length 3233 content-security-policy frame-src 'self'; object-src 'none'; content-type text/html;charset=utf-8 date Thu, 27 Jul 2023 17:52:59 GMT p3p CP="This is not a P3P policy!" referrer-policy no-referrer server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-envoy-upstream-service-time 2 x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	hegrq81z Show response widget.intercom.io/widget/	7 KB 3 KB	592ms 450ms	Script application/javascript	99.84.88.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/hegrq81z Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/static/js/2.5d34281d.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-30.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash ea22ca0acfbdac1ac0dcf87e22c7ecccf203bf346d2719c62957530d775c3b49 Request headers accept-language es-ES,es;q=0.9 Referer https://app.es-labs.dev.elphasecure.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id _WU33QXhwKoVRe974LXG83dBqq.JH1YN content-encoding gzip via 1.1 940591d2da012baa6779996f50bf5208.cloudfront.net (CloudFront) date Thu, 27 Jul 2023 17:32:39 GMT x-amz-cf-pop MUC50-C1 age 1317 x-amz-server-side-encryption AES256 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 2678 last-modified Thu, 27 Jul 2023 15:45:59 GMT server AmazonS3 etag "eb55491925b507cc2847a593f5aec9cf" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=900, s-maxage=900, public accept-ranges bytes x-amz-cf-id 54POTLRy9AAswd12Kg9Kgvsp45-DUHYToZzAEZIDyi5aJpGc6zYl0Q==
GET H2	200	m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response js.stripe.com/v3/fingerprinted/js/ Frame B082	631 B 1 KB	65ms 65ms	Script text/javascript	108.138.36.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-49.muc50.r.cloudfront.net Software Cloudfront / Resource Hash 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language es-ES,es;q=0.9 Referer https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Thu, 27 Jul 2023 17:43:40 GMT x-content-type-options nosniff via 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P2 age 575 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 631 last-modified Fri, 21 Jul 2023 22:17:58 GMT server Cloudfront etag "f8f6a4584135f737b26927596ce6e0a7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id 7FMWq8PUda966n_LaZlEzgjSJycaRd1AYWoqAqbNyQiZ4AP8HiFlAw==
POST H2	200	csp-report q.stripe.com/ Frame B082	0 718 B	604ms 197ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 27 Jul 2023 17:53:00 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1690480380768030 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1690480380767324 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame B082	0 717 B	604ms 198ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 27 Jul 2023 17:53:00 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1690480380768177 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1690480380767447 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame FA07	930 B 1 KB	131ms 34ms	Document text/html	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers accept-ranges bytes age 106 cache-control max-age=300, public content-encoding br content-length 540 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 27 Jul 2023 17:53:00 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 58 x-content-type-options nosniff x-request-id b1c20aa8-ea71-415e-83b0-7eb15bbc0238 x-served-by cache-mad22057-MAD x-timer S1690480380.382690,VS0,VE0
GET H2	403	init Show response dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html/ Frame 0D9E	0 48 B	189ms 189ms	XHR text/plain	34.139.154.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html/init?client_id=portal-public&origin=https%3A%2F%2Fapp.es-labs.dev.elphasecure.io Requested by Host: dev.auth.elphasecure.io URL: https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.139.154.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.154.139.34.bc.googleusercontent.com Software istio-envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 27 Jul 2023 17:53:00 GMT referrer-policy no-referrer x-content-type-options nosniff server istio-envoy x-envoy-upstream-service-time 2 content-length 0 x-xss-protection 1; mode=block
POST H2	200	csp-report q.stripe.com/ Frame FA07	0 491 B	463ms 200ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: app.es-labs.dev.elphasecure.io URL: https://app.es-labs.dev.elphasecure.io/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 27 Jul 2023 17:53:00 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1690480380768261 x-envoy-upstream-service-time 4 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 1 x-stripe-client-envoy-start-time-us 1690480380767365 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame FA07	87 KB 15 KB	34ms 34ms	Script text/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language es-ES,es;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Thu, 27 Jul 2023 17:53:00 GMT x-content-type-options nosniff content-encoding br via 1.1 varnish age 116 x-cache HIT content-length 15509 x-request-id cc071ab6-6971-4fa6-a0fb-be1a008cb8f0 x-served-by cache-mad22057-MAD server Fastly x-timer S1690480380.425143,VS0,VE0 vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 cache-control max-age=300, public accept-ranges bytes x-cache-hits 59
POST H2	200	6 Show response m.stripe.com/ Frame FA07	156 B 669 B	615ms 202ms	XHR application/json	52.11.243.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.11.243.104 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-11-243-104.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 9e8e041d43e59c14584a1a52ebeb958150472a6f171c31fe62fd26289d6bd20c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Thu, 27 Jul 2023 17:53:01 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1690480381013505 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1690480381012909 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
GET H2	200	frame-modern.dd486284.js Show response js.intercomcdn.com/ Frame 8A66	488 KB 136 KB	217ms 73ms	Script application/javascript	99.84.88.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.dd486284.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/hegrq81z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-100.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 54d77533c7a6d2799851cc86bbd50f131d87f9c2e08f985459a7f623004c1164 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id veyp5CggMfobSCCHU8ZnJiQr7JU_NOS7 content-encoding gzip via 1.1 b90884acab23625db851d03bcf681a26.cloudfront.net (CloudFront) date Thu, 27 Jul 2023 17:46:04 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-C1 age 417 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 138708 last-modified Thu, 27 Jul 2023 15:43:56 GMT server AmazonS3 etag "d52b341c78ca7a8d3450d32a460c59f0" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id jGe5qafrsBg8iCAS-AxLC5H9pQ73BqKLqJWkpbRV_bkwlcb7jnK0eg==
GET H2	200	vendor-modern.1aa7d2b2.js Show response js.intercomcdn.com/ Frame 8A66	249 KB 77 KB	362ms 219ms	Script application/javascript	99.84.88.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.1aa7d2b2.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/hegrq81z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-100.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 0008529923f7a0efd07abd84185238b9d8b846b23b5896fa2ce4f7e27a92cc6d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id IOXQIqqgQj0g0cSVH8iDWuDI3k4HOhcA content-encoding gzip via 1.1 b90884acab23625db851d03bcf681a26.cloudfront.net (CloudFront) date Thu, 27 Jul 2023 16:41:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop MUC50-C1 age 4289 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 78242 last-modified Wed, 26 Jul 2023 14:39:29 GMT server AmazonS3 etag "075f5d390d7a374a029d01a72af67be2" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id jMdyBAvnAnZv8zFfWMXc1yIvVCLrl4O-aiq3n9uJi7bOmFt08AWb8w==

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _env_ object| webpackJsonpelpha-secure-portal function| _ function| Intercom object| dataLayer object| google_tag_manager object| google_tag_data object| webpackChunkStripeJSouter function| noop function| Stripe function| __intercomAssignLocation function| __intercomReloadLocation

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-20 23:10:40	Name: m Value: 82682ab0-fb9d-4c2f-bb39-c46041112286d2145d
			.app.es-labs.dev.elphasecure.io/	1970-01-20 22:20:16	Name: __stripe_mid Value: 4e268a51-86f4-4640-8fc6-25751b4c3e0c413c20
			.app.es-labs.dev.elphasecure.io/	1970-01-20 13:34:42	Name: __stripe_sid Value: 953e26a4-13fb-4a6c-9638-19fd0430441812b194

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html/init?client_id=portal-public&origin=https%3A%2F%2Fapp.es-labs.dev.elphasecure.io Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.es-labs.dev.elphasecure.io
dev.auth.elphasecure.io
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
p.typekit.net
q.stripe.com
use.typekit.net
widget.intercom.io
www.googletagmanager.com
108.138.36.49
151.101.64.176
2a00:1450:4001:81c::2008
2a02:26f0:3100::1735:28f0
2a02:26f0:780::210:a469
34.139.154.101
34.148.235.98
52.11.243.104
54.187.159.182
99.84.88.100
99.84.88.30
0008529923f7a0efd07abd84185238b9d8b846b23b5896fa2ce4f7e27a92cc6d
01b4c26ccb5d41555d148a656ff4966ae623bc2f20ad91c3feef49332e042d55
1a55ee3a30646971cd224d1b7de8a3c29f5e055652bfb9154d0560fdf179d10f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
3b7b6d2c88e50659454f44bf54fe2966650ed00aa537d70f92d332c900bb33ed
3fc5aa56d541ecad9c6ac048d097423a221660c31c70dfae3f14e96a9da78bef
54d77533c7a6d2799851cc86bbd50f131d87f9c2e08f985459a7f623004c1164
648a079eb3d4b4a35e4df2b0b8696c32fbf646aa612a07b2acb9045b2230498f
669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1
682ef55a6478d23b638a047a98c46d7118de44036080af8b6bee0bc40aaa8864
7c83d54a3f5b8ebcffc9bb1fbd20a4ca4da6d7eee5987dd621a81dd016f0d557
81d907c82998d426e74c41cc9cf5c13465664e47383daa6a9d12d6e0237752ef
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9e8e041d43e59c14584a1a52ebeb958150472a6f171c31fe62fd26289d6bd20c
c014bd1d7977cc9e762a88a6d8518732d6aece876104db5c4d9994802f43d138
c1dcba84ac2820cfa9154f6b14c97c08760deeb2331cca32b0d58202f07201ac
c6d85335e19671a31d0ffd45a1b574481c6b0aa56c067eb8e0e8bb2cb751f105
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea22ca0acfbdac1ac0dcf87e22c7ecccf203bf346d2719c62957530d775c3b49
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca