urlscan.io logo urlscan.io
SecurityTrails logo

app.eql.com Open in urlscan Pro
2600:9000:223f:1400:1b:8958:c8c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.eql.com/
Effective URL: https://app.eql.com/
Submission: On December 31 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2600:9000:223f:1400:1b:8958:c8c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.eql.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 3rd 2024. Valid for: a year.
This is the only time app.eql.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2600:9000:223... 16509 (AMAZON-02)
9 2a04:4e42:400... 54113 (FASTLY)
1 2600:9000:276... 16509 (AMAZON-02)
16 3
Apex Domain
Subdomains		 Transfer
9 eql.media
cdn.eql.media — Cisco Umbrella Rank: 638716
369 KB
6 eql.com
app.eql.com
952 KB
1 cloudfront.net
d3a4k4t4rjoe9r.cloudfront.net
2 KB
16 3
Domain Requested by
9 cdn.eql.media app.eql.com
cdn.eql.media
6 app.eql.com app.eql.com
1 d3a4k4t4rjoe9r.cloudfront.net app.eql.com
16 3

This site contains links to these domains. Also see Links.

Domain
portal.eql.com
www.eql.com
Subject Issuer Validity Valid
app.eql.com
Amazon RSA 2048 M02		 2024-04-03 -
2025-05-03		 a year crt.sh
cdn.eql.media
Certainly Intermediate R1		 2024-12-13 -
2025-01-12		 a month crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.eql.com/
Frame ID: 8E42191D3E2F10159C61614E04B0AB9E
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome — EQL

Page URL History Show full URLs

  1. http://app.eql.com/ HTTP 307
    https://app.eql.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1323 kB
Transfer

3559 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.eql.com/ HTTP 307
    https://app.eql.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.eql.com/
Redirect Chain
  • http://app.eql.com/
  • https://app.eql.com/
971 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.eql.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1400:1b:8958:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
None /
Resource Hash
c888e0698f58daa9a8dca84db371f8cdae7850572f2c227723883b3232efaa10
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
10764
content-length
971
content-security-policy
base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
content-type
text/html
date
Tue, 31 Dec 2024 15:56:03 GMT
etag
"3c71e54effd2a907189b363bc00eed9c"
last-modified
Tue, 31 Dec 2024 15:20:32 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(self "https://*.stripe.com" "https://*.adyen.com"),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
server
None
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-id
9frMcCVvtWrDyFQjDLixaTK4jgoNXP5Znci1-jd1INW2xeWflwyQ_w==
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Redirect headers

Location
https://app.eql.com/
Non-Authoritative-Reason
HttpsUpgrades
index-zOF8fJn9.js
app.eql.com/assets/ 		3 MB
868 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.eql.com/assets/index-zOF8fJn9.js
Requested by
Host: app.eql.com
URL: https://app.eql.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1400:1b:8958:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
None /
Resource Hash
8f07f0891a32832086e276a63d103e1b9e4d24373d3eb6a9a4d064ac3481858c
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.eql.com
Referer
https://app.eql.com/

Response headers

content-encoding
br
etag
W/"f510ec826e2a1bd2fe8ea2d3c908f738"
age
10763
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
a0fhtw4NtWbgybxXmH5tc2l4nknnWOHde0ZK5sJDfl-vhJHjiuMj6A==
date
Tue, 31 Dec 2024 15:56:04 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Tue, 31 Dec 2024 15:20:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
referrer-policy
strict-origin-when-cross-origin
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(self "https://*.stripe.com" "https://*.adyen.com"),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
x-amz-cf-pop
FRA56-P5
server
None
x-amz-server-side-encryption
AES256
index-B78aoWBb.css
app.eql.com/assets/ 		194 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.eql.com/assets/index-B78aoWBb.css
Requested by
Host: app.eql.com
URL: https://app.eql.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1400:1b:8958:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
None /
Resource Hash
ae9a1748986d836c4245a54a2135837bbdbc048193ec9267ae2ce352f6829bd5
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.eql.com
Referer
https://app.eql.com/

Response headers

content-encoding
br
etag
W/"85e9f082a9d363458a834e006a473e43"
age
10763
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Fe5kT6ahZqcQaTjsc-j8m-aHoJq9Lyt7qUfsRCeQWuT0ep2GlXClpw==
date
Tue, 31 Dec 2024 18:35:15 GMT
content-type
text/css
vary
accept-encoding
last-modified
Sat, 28 Dec 2024 02:08:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
referrer-policy
strict-origin-when-cross-origin
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(self "https://*.stripe.com" "https://*.adyen.com"),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
x-amz-cf-pop
FRA56-P5
server
None
x-amz-server-side-encryption
AES256
index.css
cdn.eql.media/font/Frequenz/ 		683 B
506 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eql.media/font/Frequenz/index.css
Requested by
Host: app.eql.com
URL: https://app.eql.com/assets/index-B78aoWBb.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a7e09cd7a147bf6b66fa54a0d82e53ede170fc2f00ebeffce15801ba32efc5b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.eql.com/

Response headers

content-encoding
gzip
age
1750367
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Tue, 31 Dec 2024 18:55:26 GMT
last-modified
Wed, 06 Nov 2024 02:38:03 GMT
x-served-by
cache-fra-eddf8230155-FRA, cache-hel1410033-HEL
vary
Accept-Encoding, Accept, User-Agent
content-type
text/css
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
176
server
imgix
x-imgix-id
2ca460aa9c82e6bf2d4185299dd69c568c5ea8bb
index.css
cdn.eql.media/font/LabGrotesque/ 		686 B
347 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eql.media/font/LabGrotesque/index.css
Requested by
Host: app.eql.com
URL: https://app.eql.com/assets/index-B78aoWBb.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
90e69bf0ce52dca276d3fa5f9460bb4c450e8ef9c4a8fb9d957465582d6b11eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.eql.com/

Response headers

content-encoding
gzip
age
1864953
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Tue, 31 Dec 2024 18:55:26 GMT
last-modified
Tue, 05 Nov 2024 13:51:31 GMT
x-served-by
cache-fra-eddf8230083-FRA, cache-hel1410033-HEL
vary
Accept-Encoding, Accept, User-Agent
content-type
text/css
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
209
server
imgix
x-imgix-id
f582e4d9970d4c2a2f766ebdabe5877bee881a54
features.json
d3a4k4t4rjoe9r.cloudfront.net/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3a4k4t4rjoe9r.cloudfront.net/features.json
Requested by
Host: app.eql.com
URL: https://app.eql.com/assets/index-zOF8fJn9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:c400:4:c147:4fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
348bc5c5d7beacd5d5a7896a021047d7169a8a9867ef83d843aa595befa842f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.eql.com/

Response headers

x-amz-version-id
EZ0Wn1ytaHK4wgSZrZ.NYEcP7PRwImB_
etag
"3cebbba8ededa72bb1fa24d757979d45"
age
4685
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
fyZy9cyJLh24YzrraNGKtnsOmUCGoacY5jPeXbFGol6UCt0J1C5wtQ==
date
Tue, 31 Dec 2024 17:42:26 GMT
content-type
application/octet-stream
vary
accept-encoding
last-modified
Wed, 23 Oct 2024 06:28:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0,no-cache,no-store,must-revalidate
via
1.1 8e59b301b68bf6ac4dcacf061926e712.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1379
x-amz-cf-pop
FRA60-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
features-DJeNa8JW.js
app.eql.com/assets/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.eql.com/assets/features-DJeNa8JW.js
Requested by
Host: app.eql.com
URL: https://app.eql.com/assets/index-zOF8fJn9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1400:1b:8958:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
None /
Resource Hash
33a2302771965aec51830e84ce7916074edf25e3deb618d6050e79d59b47bebc
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.eql.com
Referer
https://app.eql.com/assets/index-zOF8fJn9.js

Response headers

content-encoding
br
etag
W/"5d812259b50dab7022612e3c8aa1bba3"
age
10763
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
L7PZhhDKKZ9mxVckR4CwR_GUWCfuBeoij6ZHrb_qFykN0uNo1mKS4Q==
date
Tue, 31 Dec 2024 15:56:05 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Tue, 31 Dec 2024 15:20:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
referrer-policy
strict-origin-when-cross-origin
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(self "https://*.stripe.com" "https://*.adyen.com"),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
x-amz-cf-pop
FRA56-P5
server
None
x-amz-server-side-encryption
AES256
LabGrotesque-Regular.woff2
cdn.eql.media/font/LabGrotesque/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.eql.media/font/LabGrotesque/LabGrotesque-Regular.woff2
Requested by
Host: cdn.eql.media
URL: https://cdn.eql.media/font/LabGrotesque/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
9c2c402f837aa9e3dc96700d142e0ab32adcb4b5fdbff272387df7b85737a217
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.eql.com
Referer
https://cdn.eql.media/font/LabGrotesque/index.css

Response headers

age
669819
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Tue, 31 Dec 2024 18:55:27 GMT
last-modified
Fri, 15 Nov 2024 04:44:54 GMT
x-served-by
cache-fra-etou8220061-FRA, cache-hel1410032-HEL
vary
Accept, User-Agent
content-type
binary/octet-stream
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
49072
server
imgix
x-imgix-id
75e85da05df2ec72caeac9c30815b896f04876a1
handshake-trans.png
cdn.eql.media/profile/illustrations/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.eql.media/profile/illustrations/handshake-trans.png?auto=compress%2Cformat&ixlib=react-9.7.0&w=235&h=90&dpr=1&q=75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
319eb15c4a9f8c7ca079eec2aca75cafaf0396b73328bdf00aa5aa2606521c67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.eql.com/

Response headers

age
515784
x-content-type-options
nosniff
x-cache
HIT, MISS
date
Tue, 31 Dec 2024 18:55:27 GMT
last-modified
Wed, 25 Dec 2024 19:39:03 GMT
x-served-by
cache-fra-eddf8230022-FRA, cache-hel1410033-HEL
vary
Accept, User-Agent
content-type
image/avif
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
6509
server
imgix
x-imgix-id
dfe9eda8b51d406ceac0cb46665e5c3c48ed990d
favicon.ico
app.eql.com/ 		15 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.eql.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1400:1b:8958:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
None /
Resource Hash
fe063e27ea500fa6091416c1d05b12fe1b1ab4260cbb83d905e5f90f46d785b5
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.eql.com/login

Response headers

etag
"ebc5ba8d6f14d255bfeec19aed1e14b3"
age
66779
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
qWvRYzRHWmug7dgC9hGCjXb4E5bSBSs366pUVURx5NwVlnEXD0ZNSQ==
date
Tue, 31 Dec 2024 00:22:29 GMT
content-type
image/vnd.microsoft.icon
vary
accept-encoding
last-modified
Tue, 24 Dec 2024 02:41:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
referrer-policy
strict-origin-when-cross-origin
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(self "https://*.stripe.com" "https://*.adyen.com"),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
accept-ranges
bytes
content-length
15686
x-amz-cf-pop
FRA56-P5
server
None
x-amz-server-side-encryption
AES256
left.png
cdn.eql.media/profile/collage/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.eql.media/profile/collage/left.png?fit=crop&h=1627&w=836&ixlib=react-9.7.0&dpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
0eb714461ef04e82f4c459d8ad5180f336df8f271b561cfa84d1ef6ee6a6e950
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.eql.com/

Response headers

age
1737901
x-content-type-options
nosniff
x-cache
HIT, MISS
date
Tue, 31 Dec 2024 18:55:27 GMT
last-modified
Wed, 11 Dec 2024 16:10:26 GMT
x-served-by
cache-fra-etou8220135-FRA, cache-hel1410033-HEL
vary
Accept, User-Agent
content-type
image/avif
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
63060
server
imgix
x-imgix-id
1dcefda31bfee15fdfa2799c866238135e8c7a72
right.png
cdn.eql.media/profile/collage/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.eql.media/profile/collage/right.png?fit=crop&h=1627&w=837&ixlib=react-9.7.0&dpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
668165d9f4f32e918de6d6b09e80da3cf384ada08df04181a0a2c9df88fb361f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.eql.com/

Response headers

age
515783
x-content-type-options
nosniff
x-cache
HIT, MISS
date
Tue, 31 Dec 2024 18:55:27 GMT
last-modified
Wed, 25 Dec 2024 19:39:03 GMT
x-served-by
cache-fra-etou8220049-FRA, cache-hel1410033-HEL
vary
Accept, User-Agent
content-type
image/avif
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
64237
server
imgix
x-imgix-id
1867433c0d2bcd21246ad2645a2cc629079e8cdb
Frequenz_W-Medium.woff2
cdn.eql.media/font/Frequenz/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.eql.media/font/Frequenz/Frequenz_W-Medium.woff2
Requested by
Host: cdn.eql.media
URL: https://cdn.eql.media/font/Frequenz/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
4945483d358c6f6f01c4a7dba5e41a6e32e4d7f3c70748b3d3c0ed8da708f9ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.eql.com
Referer
https://cdn.eql.media/font/Frequenz/index.css

Response headers

age
62929
x-content-type-options
nosniff
x-cache
HIT, MISS
date
Tue, 31 Dec 2024 18:55:27 GMT
last-modified
Thu, 07 Nov 2024 04:07:52 GMT
x-served-by
cache-fra-etou8220094-FRA, cache-hel1410032-HEL
vary
Accept, User-Agent
content-type
binary/octet-stream
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
75236
server
imgix
x-imgix-id
d9b440a63fd71a37f02b92f2037176215a7cae12
Frequenz_W-Regular.woff2
cdn.eql.media/font/Frequenz/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.eql.media/font/Frequenz/Frequenz_W-Regular.woff2
Requested by
Host: cdn.eql.media
URL: https://cdn.eql.media/font/Frequenz/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5e80f61bfd2fbe87b01736a85101c873561e607faefbe2de7436a9d1f075e291
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.eql.com
Referer
https://cdn.eql.media/font/Frequenz/index.css

Response headers

age
2302672
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Tue, 31 Dec 2024 18:55:27 GMT
last-modified
Wed, 06 Nov 2024 10:18:58 GMT
x-served-by
cache-fra-etou8220090-FRA, cache-hel1410032-HEL
vary
Accept, User-Agent
content-type
binary/octet-stream
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
67308
server
imgix
x-imgix-id
c8c086af9116b2db5ae031f23cf28ffee58677ba
LabGrotesque-Medium.woff2
cdn.eql.media/font/LabGrotesque/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.eql.media/font/LabGrotesque/LabGrotesque-Medium.woff2
Requested by
Host: cdn.eql.media
URL: https://cdn.eql.media/font/LabGrotesque/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
864dedcce7675ee5941f0271ee74dd9fa13657dc23104e21f4a3c7354faf27ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.eql.com
Referer
https://cdn.eql.media/font/LabGrotesque/index.css

Response headers

age
1749501
x-content-type-options
nosniff
x-cache
HIT, MISS
date
Tue, 31 Dec 2024 18:55:27 GMT
last-modified
Wed, 11 Dec 2024 01:18:18 GMT
x-served-by
cache-fra-eddf8230103-FRA, cache-hel1410032-HEL
vary
Accept, User-Agent
content-type
binary/octet-stream
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
50020
server
imgix
x-imgix-id
5c4eccd79a981fe8bc50829126ad73d1a8674f16
favicon.ico
app.eql.com/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.eql.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1400:1b:8958:c8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
None /
Resource Hash
fe063e27ea500fa6091416c1d05b12fe1b1ab4260cbb83d905e5f90f46d785b5
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.eql.com/login

Response headers

etag
"ebc5ba8d6f14d255bfeec19aed1e14b3"
age
66779
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
RHWcrPWe9JucXg5kjinBqjR6Bp5QgTL8EJNGPjCB2-GlLYMEoVC5kw==
date
Tue, 31 Dec 2024 18:55:27 GMT
last-modified
Tue, 24 Dec 2024 02:41:18 GMT
vary
accept-encoding
content-type
image/vnd.microsoft.icon
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
referrer-policy
strict-origin-when-cross-origin
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(),autoplay=(),camera=(),cross-origin-isolated=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),keyboard-map=(),magnetometer=(),microphone=(),midi=(),payment=(self "https://*.stripe.com" "https://*.adyen.com"),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
accept-ranges
bytes
content-length
15686
x-amz-cf-pop
FRA56-P5
server
None
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DD_LOGS object| __REACT_INTL_CONTEXT__ object| tsParticles function| confetti object| DD_RUM object| __APOLLO_CLIENT__

2 Cookies

Domain/Path Name / Value
.eql.com/ Name: mp_6845e301ab0bded246442a2b55facd1d_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A1941e12aa432e7-0b3c12cac61ea5-16462c6e-1d4c00-1941e12aa432e7%22%2C%22%24device_id%22%3A%20%221941e12aa432e7-0b3c12cac61ea5-16462c6e-1d4c00-1941e12aa432e7%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
app.eql.com/ Name: _dd_s
Value: logs=1&id=4a77d5b8-0de7-42d6-bbba-e6eb1d0aaa10&created=1735671327375&expire=1735672227376&rum=0

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';connect-src 'self' d3a4k4t4rjoe9r.cloudfront.net *.browser-intake-datadoghq.com *.eql.com *.eql.xyz *.adyen.com *.authz.cloudentity.io *.avo.app *.mixpanel.com cdn.eql.media tally.so edge.api.flagsmith.com route66-prod-media.s3.us-east-1.amazonaws.com route66-staging-media.s3.us-east-1.amazonaws.com route66-staging.imgix.net;default-src 'none';font-src 'self' fonts.gstatic.com cdn.eql.media data:;form-action *;frame-ancestors 'self';frame-src *.eql.com *.avo.app tally.so *.stripe.com *.adyen.com;img-src 'self' cdn.eql.media route66-prod-media.imgix.net images.prismic.io *.cdn.adyen.com cdn.discordapp.com purecatamphetamine.github.io cdn.jsdelivr.net data:;manifest-src 'self';media-src 'self' cdn.eql.media cdn.eqlizer.com;object-src 'none';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb036eb0ae73c69228c699e7494e53a60&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=mode%3Aproduction%2Cversion%3A2.3%2Csite%3Aprofile;script-src 'self' tally.so *.stripe.com;style-src 'self' fonts.googleapis.com cdn.eql.media 'unsafe-inline';worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff