urlscan.io logo urlscan.io
SecurityTrails logo

login.elfsquad.io Open in urlscan Pro
20.71.11.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.configurator.vredo.com/
Effective URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Submission: On February 06 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 46 HTTP transactions. The main IP is 20.71.11.206, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.elfsquad.io.
TLS certificate: Issued by R3 on January 31st 2023. Valid for: 3 months.
This is the only time login.elfsquad.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 37.97.185.178 20857 (TRANSIP-A...)
2 7 20.71.11.206 8075 (MICROSOFT...)
9 40.118.40.109 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:211... 16509 (AMAZON-02)
4 2620:1ec:4f:1... 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 20.209.11.33 8075 (MICROSOFT...)
1 2 151.139.128.10 20446 (STACKPATH...)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
1 40.76.174.66 8075 (MICROSOFT...)
1 2600:9000:206... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
46 23
1    37.97.185.178 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: hs102.youricthosting.nl
login.configurator.vredo.com
7    20.71.11.206 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.elfsquad.io
status.elfsquad.io
9    40.118.40.109 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ems.elfsquad.io
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2600:9000:211e:fe00:1c:f7a9:7980:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.zapier.com
4    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    20.209.11.33 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
elfskotcdn.blob.core.windows.net
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.mouseflow.com
1    2600:9000:223f:4e00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
d.clarity.ms
1    2600:9000:206f:e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
16 elfsquad.io
login.elfsquad.io
ems.elfsquad.io
status.elfsquad.io
1 MB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1200
d.clarity.ms — Cisco Umbrella Rank: 8348 Failed
c.clarity.ms — Cisco Umbrella Rank: 1691
49 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
www.linkedin.com — Cisco Umbrella Rank: 575
px4.ads.linkedin.com — Cisco Umbrella Rank: 6074
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
region1.google-analytics.com — Cisco Umbrella Rank: 2456
20 KB
3 gstatic.com
fonts.gstatic.com
53 KB
3 zapier.com
cdn.zapier.com — Cisco Umbrella Rank: 82124
9 KB
2 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 6343
56 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
153 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 777
13 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
554 B
1 google.nl
www.google.nl — Cisco Umbrella Rank: 9204
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
350 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814
376 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 707
5 KB
1 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 20956
1 windows.net
elfskotcdn.blob.core.windows.net
26 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 742
20 KB
1 vredo.com
login.configurator.vredo.com
152 B
46 20
Domain Requested by
9 ems.elfsquad.io ems.elfsquad.io
6 login.elfsquad.io 2 redirects ems.elfsquad.io
login.elfsquad.io
4 www.clarity.ms ems.elfsquad.io
www.clarity.ms
login.elfsquad.io
3 fonts.gstatic.com ems.elfsquad.io
fonts.googleapis.com
3 cdn.zapier.com ems.elfsquad.io
2 c.clarity.ms 1 redirects
2 px.ads.linkedin.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.mouseflow.com 1 redirects login.elfsquad.io
2 www.googletagmanager.com login.elfsquad.io
www.googletagmanager.com
2 fonts.googleapis.com cdn.zapier.com
login.elfsquad.io
2 unpkg.com 1 redirects ems.elfsquad.io
1 c.bing.com 1 redirects
1 www.google.nl login.elfsquad.io
1 www.google.com login.elfsquad.io
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com login.elfsquad.io
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 region1.google-analytics.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 cdn.matomo.cloud ems.elfsquad.io
1 elfskotcdn.blob.core.windows.net login.elfsquad.io
1 d.clarity.ms ems.elfsquad.io
www.clarity.ms
1 status.elfsquad.io ems.elfsquad.io
1 maxcdn.bootstrapcdn.com ems.elfsquad.io
1 login.configurator.vredo.com 1 redirects
46 27

This site contains links to these domains. Also see Links.

Domain
elfsquad.io
api.elfsquad.io
Subject Issuer Validity Valid
ems.elfsquad.io
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-02 -
2023-07-02		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
zapier.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
login.elfsquad.io
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
status.elfsquad.io
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 01		 2023-01-26 -
2024-01-21		 a year crt.sh
cdn.matomo.cloud
Amazon		 2022-11-27 -
2023-12-25		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Frame ID: A91132AF9B4F575408829EB8B970D1F9
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Elfsquad CPQ

Page URL History Show full URLs

  1. https://login.configurator.vredo.com/ HTTP 301
    https://login.elfsquad.io/?tenantId=5e60991b-5a78-4d11-8354-08d4ad9fc589 HTTP 302
    https://ems.elfsquad.io/ Page URL
  2. https://login.elfsquad.io/oauth2/auth?redirect_uri=https%3A%2F%2Fems.elfsquad.io&client_id=ems-code&re... HTTP 302
    https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Page Statistics

46
Requests

87 %
HTTPS

68 %
IPv6

20
Domains

27
Subdomains

23
IPs

5
Countries

1587 kB
Transfer

4694 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.configurator.vredo.com/ HTTP 301
    https://login.elfsquad.io/?tenantId=5e60991b-5a78-4d11-8354-08d4ad9fc589 HTTP 302
    https://ems.elfsquad.io/ Page URL
  2. https://login.elfsquad.io/oauth2/auth?redirect_uri=https%3A%2F%2Fems.elfsquad.io&client_id=ems-code&response_type=code&state=aFPW8kSAX5&scope=Elfskot.Api%20offline_access%20openid%20profile&access_type=offline&response_mode=fragment&code_challenge=fAjhn6yPfwXbl-69OLrv0OGy5GpkV1gIz--O0iuJI-M&code_challenge_method=S256 HTTP 302
    https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://login.configurator.vredo.com/ HTTP 301
  • https://login.elfsquad.io/?tenantId=5e60991b-5a78-4d11-8354-08d4ad9fc589 HTTP 302
  • https://ems.elfsquad.io/
Request Chain 2
  • https://unpkg.com/grapesjs/dist/css/grapes.min.css HTTP 302
  • https://unpkg.com/grapesjs@0.20.4/dist/css/grapes.min.css
Request Chain 31
  • https://cdn.mouseflow.com/projects/9ad4e64b-e450-446a-8831-5b60f980e4e3.js HTTP 301
  • https://cdn.mouseflow.com/projects/9ad4e64b-e450-446a-8831-5b60f980e4e3_eu.js
Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1713785&time=1675701868310&url=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1713785%26time%3D1675701868310%26url%3Dhttps%253A%252F%252Flogin.elfsquad.io%252F%253Flogin_challenge%253D2caee1518c1b4d5893c78440666b1b50%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1713785&time=1675701868310&url=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1713785&time=1675701868310&url=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50&liSync=true&e_ipv6=AQKDBCcsj_sheAAAAYYnnVilQ2i0V4DjFq6dpgjoAbS5KpV1CUMJa_OvCBVihlsHwi6v8A
Request Chain 44
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=FB62449EEC6E44F48BE08905316012D8&RedC=c.clarity.ms&MXFR=3D51702A2D976509319A629A29976B0C HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=FB62449EEC6E44F48BE08905316012D8&MUID=1319750D8B316D12080967BD8A926C69

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ems.elfsquad.io/
Redirect Chain
  • https://login.configurator.vredo.com/
  • https://login.elfsquad.io/?tenantId=5e60991b-5a78-4d11-8354-08d4ad9fc589
  • https://ems.elfsquad.io/
12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90c883dd892858c5a13fb76cbdbebd3c35649ace3d70ea988b0cb976eed69490
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Mon, 06 Feb 2023 16:44:25 GMT
etag
"20531735"
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
frame-ancestors *.officeapps.live.com *.sharepoint.com *.elfsquad.io;
date
Mon, 06 Feb 2023 16:44:26 GMT
location
https://ems.elfsquad.io
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
879
age
8939663
cdn-cachedat
05/24/2022 22:40:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
39f2e4c2528da027d8843658e96b5f53
timing-allow-origin
*
cdn-requestcountrycode
NL
cdn-status
200
cf-ray
795559bbfd3d0ba6-AMS
cdn-requestpullsuccess
True
grapes.min.css
unpkg.com/grapesjs@0.20.4/dist/css/
Redirect Chain
  • https://unpkg.com/grapesjs/dist/css/grapes.min.css
  • https://unpkg.com/grapesjs@0.20.4/dist/css/grapes.min.css
56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/grapesjs@0.20.4/dist/css/grapes.min.css
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4a69e2979200c3d920f6ea199f8b4699964b5ee3d6894812fa10d9d4aec7a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
360304
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR926WK0G34YK4ZT1ZWPYJWE-ams
server
cloudflare
etag
W/"e144-DfDpcVrMrRyxImQr6Oyb3CQ9py8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
795559bbf9f71c7a-AMS

Redirect headers

date
Mon, 06 Feb 2023 16:44:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01GRKSTMAPB9CJE3XPNXK5J0Y5-ams
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/grapesjs@0.20.4/dist/css/grapes.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
795559bba9691c7a-AMS
postmessage.js
ems.elfsquad.io/assets/ 		3 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ems.elfsquad.io/assets/postmessage.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
099a34d658455358b279fb466b6800e64fda0b20d2a101cf5b79fa9aa9dfd9ae
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ems.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
date
Mon, 06 Feb 2023 16:44:25 GMT
etag
"20531735"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
zapier-elements.esm.js
cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/zapier-elements.esm.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:fe00:1c:f7a9:7980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37db44fb101190abf98ff5e5943597972f02a5269ba6dca134edec6f3ea7919b

Request headers

Referer
Origin
https://ems.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
L2fAiB3iWvWQpZ8JQvqTfYbxDzKRfBLa
content-encoding
gzip
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
date
Sun, 05 Feb 2023 18:15:17 GMT
x-amz-cf-pop
FRA56-C2
age
80950
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 24 Jan 2023 18:33:16 GMT
server
AmazonS3
etag
W/"1b9b5174650c93fe224ac1dbfb391bcb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
zvbqlypaHsXTwQCvV17DIbhmB7mxDB_zJotPR81Tx7B4N4TlIreeNw==
zapier-elements.css
cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/zapier-elements.css
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:fe00:1c:f7a9:7980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5817c8207b79d3cc9f04b7f6d28a5b964407bb3e098e34d95a698064632829c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
ZPHBbgz2l.VVTHatYSB94P1E.8qsrY8u
content-encoding
gzip
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
date
Mon, 06 Feb 2023 08:04:07 GMT
x-amz-cf-pop
FRA56-C2
age
31246
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 24 Jan 2023 18:33:16 GMT
server
AmazonS3
etag
W/"510c7da6ef2e7700d770f12566dbf132"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
fhq6wKdDWRJyOTKkQoTB5f3YmjGVKFPgBsGtF1uKVdsTtWbLozwEYA==
elfsquad_loader.gif
ems.elfsquad.io/assets/images/ 		352 KB
353 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ems.elfsquad.io/assets/images/elfsquad_loader.gif
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7ee9e319f051e9b3e42261ce4d69ea8c35a3b82def3a925d182b36835034e897
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ems.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 06 Feb 2023 16:44:26 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
etag
"20531735"
x-dns-prefetch-control
off
content-type
image/gif
cache-control
public, must-revalidate, max-age=30
content-length
360943
x-xss-protection
1; mode=block
runtime.b023559b63491b2c.js
ems.elfsquad.io/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ems.elfsquad.io/runtime.b023559b63491b2c.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b491cca15b2cda71b44374029750d3aca78e9d1e6c88eefc646e114cb5903d50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ems.elfsquad.io/
Origin
https://ems.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
date
Mon, 06 Feb 2023 16:44:26 GMT
etag
"20531735"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
polyfills.9429b08e0d60da2d.js
ems.elfsquad.io/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ems.elfsquad.io/polyfills.9429b08e0d60da2d.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c51f0b24e1ecbdef8f607b1fd6c24cf3b6c0a2a7535cb6701abde017932a8072
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ems.elfsquad.io/
Origin
https://ems.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
date
Mon, 06 Feb 2023 16:44:26 GMT
etag
"20531735"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
scripts.91db90026cb28906.js
ems.elfsquad.io/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ems.elfsquad.io/scripts.91db90026cb28906.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8fb7169bb2445a1e01843ba76e112d036fd1ddbd461054ac35b592384d53772c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ems.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
date
Mon, 06 Feb 2023 16:44:26 GMT
etag
"20531735"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
main.6e1b1b5b2628f994.js
ems.elfsquad.io/ 		3 MB
761 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ems.elfsquad.io/main.6e1b1b5b2628f994.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1629338e390dda8a6f5fd0faa91c1103df6cec1731fdae6994c2e1477179a344
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ems.elfsquad.io/
Origin
https://ems.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
date
Mon, 06 Feb 2023 16:44:26 GMT
etag
"20531735"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
dkynmvxh9n
www.clarity.ms/tag/ 		672 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/dkynmvxh9n
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date
Mon, 06 Feb 2023 16:44:27 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
20230206T164427Z-w0hdd0psfp7m58255t77m17zyc00000005hg00000000w0xc
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap
Requested by
Host: cdn.zapier.com
URL: https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/zapier-elements.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4eeaef467b911cd6c99aa2880ce9df5410fb7795403f01e75b89e8aa8112f3f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Feb 2023 16:44:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 15:45:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Feb 2023 16:44:27 GMT
styles.73a41b20e0f22157.css
ems.elfsquad.io/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ems.elfsquad.io/styles.73a41b20e0f22157.css
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
262eb3dd2632577c6858ef9a84c30f5f7f31b82d43d4f94d1e04bcb284390fc9
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ems.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
date
Mon, 06 Feb 2023 16:44:26 GMT
etag
"20531735"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
p-fecbc8c0.js
cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-fecbc8c0.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:fe00:1c:f7a9:7980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bab9c6c87ca17002d798caf58c894b46b6a1bf72f48485c88e4b97d2fefd73f

Request headers

Referer
https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/zapier-elements.esm.js
Origin
https://ems.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
zDgD6o9wcNDm1s7n_YqQRVBHgG8psVRv
content-encoding
gzip
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
date
Mon, 06 Feb 2023 08:53:38 GMT
x-amz-cf-pop
FRA56-C2
age
28294
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 24 Jan 2023 18:33:16 GMT
server
AmazonS3
etag
W/"20d47c4d53580fe0364836a55981d6d2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
8vreK24anw79Wfgjkdn3YNqOy4D3nsgW_U0D0mROTxkIvRBAShVhlQ==
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ems.elfsquad.io/
Origin
https://ems.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 15:21:35 GMT
x-content-type-options
nosniff
age
523372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:21:35 GMT
openid-configuration
login.elfsquad.io/.well-known/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.elfsquad.io/.well-known/openid-configuration
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/polyfills.9429b08e0d60da2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.71.11.206 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
access-control-allow-credentials
true
content-length
1436
active
status.elfsquad.io/api/incidents/ 		2 B
148 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://status.elfsquad.io/api/incidents/active
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/polyfills.9429b08e0d60da2d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.71.11.206 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Feb 2023 16:44:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json; charset=utf-8
457.8f856a38505ea71c.js
ems.elfsquad.io/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ems.elfsquad.io/457.8f856a38505ea71c.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/runtime.b023559b63491b2c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ems.elfsquad.io/
Origin
https://ems.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 16:06:48 GMT
date
Mon, 06 Feb 2023 16:44:26 GMT
etag
"20531735"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
clarity.js
www.clarity.ms/eus/s/0.7.1/ 		55 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus/s/0.7.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dkynmvxh9n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:27 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
etag
W/"1d936557825629e"
vary
Accept-Encoding
x-azure-ref
20230206T164427Z-w0hdd0psfp7m58255t77m17zyc00000005hg00000000w113
content-type
application/javascript;charset=utf-8
x-cache
TCP_HIT
cache-control
public, max-age=86400
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Primary Request /
login.elfsquad.io/
Redirect Chain
  • https://login.elfsquad.io/oauth2/auth?redirect_uri=https%3A%2F%2Fems.elfsquad.io&client_id=ems-code&response_type=code&state=aFPW8kSAX5&scope=Elfskot.Api%20offline_access%20openid%20profile&access_...
  • https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/main.6e1b1b5b2628f994.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.71.11.206 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b1001d0a6e337b7aa036baa8a3f1c914906084f937d03372636583657a522d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.officeapps.live.com *.sharepoint.com *.elfsquad.io;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ems.elfsquad.io/home
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store
content-security-policy
frame-ancestors *.officeapps.live.com *.sharepoint.com *.elfsquad.io;
content-type
text/html; charset=utf-8
date
Mon, 06 Feb 2023 16:44:27 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-frame-options
SAMEORIGIN

Redirect headers

content-length
98
content-type
text/html; charset=utf-8
date
Mon, 06 Feb 2023 16:44:27 GMT
location
https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
strict-transport-security
max-age=15724800; includeSubDomains
collect
d.clarity.ms/ 		0
0
collect
d.clarity.ms/ 		0
0
site.css
login.elfsquad.io/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.elfsquad.io/css/site.css?v=VVdlgVUZmAf05k9qmBa80zxPlKtttaTVfg1gW7bv8eg
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.71.11.206 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5557658155199807f4e64f6a9816bcd33c4f94ab6db5a4d57e0d605bb6eff1e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.officeapps.live.com *.sharepoint.com *.elfsquad.io;
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:27 GMT
content-security-policy
frame-ancestors *.officeapps.live.com *.sharepoint.com *.elfsquad.io;
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 02 Feb 2023 15:53:00 GMT
etag
"1d9371e6cea98d4"
content-type
text/css
accept-ranges
bytes
content-length
3796
Elfsquad.Login.styles.css
login.elfsquad.io/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.elfsquad.io/Elfsquad.Login.styles.css
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.71.11.206 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
25db6e19d6caaa8fe595c93ba7f8973b0f23b0522c2e1278dd470e3156b04c7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.officeapps.live.com *.sharepoint.com *.elfsquad.io;
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:27 GMT
content-security-policy
frame-ancestors *.officeapps.live.com *.sharepoint.com *.elfsquad.io;
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 02 Feb 2023 15:55:08 GMT
etag
"1d9371eb935f782"
content-type
text/css
accept-ranges
bytes
content-length
8578
css2
fonts.googleapis.com/ 		3 KB
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@200;400;700&display=swap
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
615d70a07eca047e48df886c0617ad09ce4d94cbeac5e0b079eb2aca2952b49c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Feb 2023 16:44:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 15:56:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Feb 2023 16:44:27 GMT
gtm.js
www.googletagmanager.com/ 		207 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJLT3Z8
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7893f5334601e56fe59b30e652181d7869e39014b1f125148b26e658a95ae72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76120
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Feb 2023 16:44:27 GMT
dkynmvxh9n
www.clarity.ms/tag/ 		672 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/dkynmvxh9n
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d41abc5f16cdf2ccb5730d4b12649d0357df236fec016871d120d3e5eabd1d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date
Mon, 06 Feb 2023 16:44:28 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
20230206T164427Z-w0hdd0psfp7m58255t77m17zyc00000005hg00000000w146
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
a8e4710a-12ca-41ec-a2e2-8b1a1b3cdc78.png
elfskotcdn.blob.core.windows.net/5e60991b-5a78-4d11-8354-08d4ad9fc589/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfskotcdn.blob.core.windows.net/5e60991b-5a78-4d11-8354-08d4ad9fc589/a8e4710a-12ca-41ec-a2e2-8b1a1b3cdc78.png
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.11.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6906a01e32112cb1838155ab3ddd0c9ad4add6561aa98aa007a4fc4574e7f4c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 06 Feb 2023 16:44:28 GMT
Last-Modified
Wed, 04 Aug 2021 12:33:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
iyQf54AH0jDXsc6o7AJghw==
ETag
0x8D9574413C3BB06
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
ad3d94c6-101e-005f-1e4a-3a4aeb000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
25908
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@200;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 15:21:47 GMT
x-content-type-options
nosniff
age
523360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21724
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:29:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:21:47 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@200;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.elfsquad.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 02:31:03 GMT
x-content-type-options
nosniff
age
224004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 02:31:03 GMT
clarity.js
www.clarity.ms/eus/s/0.7.1/ 		55 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus/s/0.7.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dkynmvxh9n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:28 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
etag
W/"1d936557825629e"
vary
Accept-Encoding
x-azure-ref
20230206T164428Z-w0hdd0psfp7m58255t77m17zyc00000005hg00000000w169
content-type
application/javascript;charset=utf-8
x-cache
TCP_HIT
cache-control
public, max-age=86400
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
9ad4e64b-e450-446a-8831-5b60f980e4e3_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/9ad4e64b-e450-446a-8831-5b60f980e4e3.js
  • https://cdn.mouseflow.com/projects/9ad4e64b-e450-446a-8831-5b60f980e4e3_eu.js
189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/9ad4e64b-e450-446a-8831-5b60f980e4e3_eu.js
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
bb287d08705c40a404cf20e29f65b3691211c35c84360d8979014044bd139194

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:28 GMT
content-encoding
gzip
x-sp-metadata
HS256.CPz4hJ8GEokBCiQzMDA0ZjUyZC05NzI4LTQzNjktOGJiYi0xOGU1ZmJjZDliY2IQ2O+z5ZrL+gIaBgjs3ISfBiIOMzEuMjA0LjE1Mi4xOTYooIUCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRkMmViYzJjNy05Njc5LTRiN2EtYmFiNy1mMDYyNzZlMzMyNzcYgbYDIhgIAhIUY2RzMTM1LmFtNS5od2Nkbi5uZXQ=.FyuU/OCsDPAwkRigRpARhQbFTA4vGhHh5R/4oGQGzkY=
last-modified
Sun, 05 Feb 2023 07:00:26 GMT
server
etag
"7a8d9e862f39d91:0"
x-hw
1675701868.cds008.am5.hn,1675701868.cds135.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
56065

Redirect headers

date
Mon, 06 Feb 2023 16:44:28 GMT
x-sp-metadata
HS256.CPz4hJ8GEokBCiRlZWExNDYzOS0wZjFhLTQ0ODMtYjM3OC1hNjU1NDhjNDE4ZjYQ2O+z5ZrL+gIaBgjs3ISfBiIOMzEuMjA0LjE1Mi4xOTYooIUCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKAgBEiQ0MjgyYjM1Yy03ZTljLTRhZTItODgzZS1lYmZiMWU4Y2E1MDAiGAgCEhRjZHMzMDMuYW01Lmh3Y2RuLm5ldA==.BfWAk4gdb3889l9drnLgk1L2igTgIq+wLee+bKjlw6Q=
x-hw
1675701868.cds008.am5.hn,1675701868.cds303.am5.c
location
https://cdn.mouseflow.com/projects/9ad4e64b-e450-446a-8831-5b60f980e4e3_eu.js
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-hw-loc
https://cdn.mouseflow.com/projects/9ad4e64b-e450-446a-8831-5b60f980e4e3.js
content-length
0
matomo.js
cdn.matomo.cloud/elfsquad.matomo.cloud/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/elfsquad.matomo.cloud/matomo.js
Requested by
Host: ems.elfsquad.io
URL: https://ems.elfsquad.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		225 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WPZVCLWSY7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJLT3Z8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ac484884f47844af3f1d284f1bc4b7f218d543def79d3cd7b39ee4cfa8520b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79754
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Feb 2023 16:44:28 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJLT3Z8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Feb 2023 14:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6578
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 06 Feb 2023 16:54:50 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJLT3Z8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=52030
accept-ranges
bytes
content-length
4777
collect
region1.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WPZVCLWSY7&gtm=45je3210&_p=401367439&cid=1986998236.1675701868&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675701868&sct=1&seg=0&dl=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50&dt=Login%20-%20Elfsquad%20CPQ&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WPZVCLWSY7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 16:44:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.elfsquad.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
d.clarity.ms/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://login.elfsquad.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
https://login.elfsquad.io
date
Mon, 06 Feb 2023 16:44:28 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=401367439&t=pageview&_s=1&dl=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50&ul=en-us&de=UTF-8&dt=Login%20-%20Elfsquad%20CPQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=251114635&gjid=904679118&cid=1986998236.1675701868&tid=UA-149675056-1&_gid=1449783782.1675701868&_r=1&_slc=1&gtm=45He3210n81MJLT3Z8&z=835632715
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.elfsquad.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 16:44:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.elfsquad.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/1713785/domain/login.elfsquad.io/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1713785/domain/login.elfsquad.io/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://login.elfsquad.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:24:12 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1215
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
d4H7MDXdigNhfbBktXpb86caSKqFLyzesgLkKJlU9qpjAUPSu-gpoQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1713785&time=1675701868310&url=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1713785%26time%3D1675701868310%26url%3Dhttps%253A%252F%252Flogin.elfsquad.io%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1713785&time=1675701868310&url=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1713785&time=1675701868310&url=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50&liSync=true&e_ipv6=AQKDBCc...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1713785&time=1675701868310&url=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50&liSync=true&e_ipv6=AQKDBCcsj_sheAAAAYYnnVilQ2i0V4DjFq6dpgjoAbS5KpV1CUMJa_OvCBVihlsHwi6v8A
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:44:28 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: BA5591093F93496685B211AAD613CD7B Ref B: DUS30EDGE0716 Ref C: 2023-02-06T16:44:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX0Cr6lOBgh1LIdmqK8pw==

Redirect headers

date
Mon, 06 Feb 2023 16:44:28 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D6D207867CA84A38A510A36EB3753470 Ref B: DUS30EDGE0709 Ref C: 2023-02-06T16:44:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1713785&time=1675701868310&url=https%3A%2F%2Flogin.elfsquad.io%2F%3Flogin_challenge%3D2caee1518c1b4d5893c78440666b1b50&liSync=true&e_ipv6=AQKDBCcsj_sheAAAAYYnnVilQ2i0V4DjFq6dpgjoAbS5KpV1CUMJa_OvCBVihlsHwi6v8A
x-li-proto
http/2
content-length
0
x-li-uuid
AAX0Cr6iJn2tXNceRHI7Dg==
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-149675056-1&cid=1986998236.1675701868&jid=251114635&gjid=904679118&_gid=1449783782.1675701868&_u=YADAAEAAAAAAACAAI~&z=1218067686
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.elfsquad.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 06 Feb 2023 16:44:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.elfsquad.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149675056-1&cid=1986998236.1675701868&jid=251114635&_u=YADAAEAAAAAAACAAI~&z=1207478133
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 16:44:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-149675056-1&cid=1986998236.1675701868&jid=251114635&_u=YADAAEAAAAAAACAAI~&z=1207478133
Requested by
Host: login.elfsquad.io
URL: https://login.elfsquad.io/?login_challenge=2caee1518c1b4d5893c78440666b1b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 16:44:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=FB62449EEC6E44F48BE08905316012D8&RedC=c.clarity.ms&MXFR=3D51702A2D976509319A629A29976B0C
  • https://c.clarity.ms/c.gif?CtsSyncId=FB62449EEC6E44F48BE08905316012D8&MUID=1319750D8B316D12080967BD8A926C69
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=FB62449EEC6E44F48BE08905316012D8&MUID=1319750D8B316D12080967BD8A926C69
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://login.elfsquad.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Feb 2023 16:44:28 GMT
last-modified
Tue, 17 Jan 2023 20:36:49 GMT
server
Microsoft-IIS/10.0
etag
"b1c8df6cb32ad91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 06 Feb 2023 16:44:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A133F41C0356450E9FF3EDA38075B0C0 Ref B: AMS04EDGE1712 Ref C: 2023-02-06T16:44:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=FB62449EEC6E44F48BE08905316012D8&MUID=1319750D8B316D12080967BD8A926C69
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d.clarity.ms
URL
https://d.clarity.ms/collect
Domain
d.clarity.ms
URL
https://d.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dataLayer function| clarity object| google_tag_manager object| google_tag_data object| _paq string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData boolean| mouseflowDisableKeyLogging object| _mfq object| mouseflowHeatmap object| mouseflow function| lintrk boolean| _already_called_lintrk

23 Cookies

Domain/Path Name / Value
login.elfsquad.io/ Name: ELFSKOT_TENANT
Value: 5e60991b-5a78-4d11-8354-08d4ad9fc589
www.clarity.ms/ Name: CLID
Value: aea418a7dc604b85a64966f02e116086.20230206.20240206
.elfsquad.io/ Name: _clck
Value: dodg3e|1|f8w|0
login.elfsquad.io/ Name: oauth2_authentication_csrf
Value: MTY3NTcwMTg2N3xEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJRFZtWW1NNE4yVTBaakkyTlRRNFptSmhPR1kxTURKa1l6RmlNelZsTlRNeHwkEkVs3tDv-AbLMNc_if7OZAjg6Ec5HoPylkCaxjnZ0w==
login.elfsquad.io/ Name: .AspNetCore.Antiforgery.VyLW6ORzMgk
Value: CfDJ8AJ2jP1r73VKlReLeu0zEOtyuyYTMrYyeAaQ5iWozghgrBB39QDZNDTRfkYl1F2SSyVFzCpeXNkwRTyg1EMWryWhs06fI070QunwhUoGZA594o-6NXWJQEUkMYii1KJtFwsPbLazLfUkkNynlkdLu3s
.elfsquad.io/ Name: _ga_WPZVCLWSY7
Value: GS1.1.1675701868.1.0.1675701868.0.0.0
.elfsquad.io/ Name: _ga
Value: GA1.2.1986998236.1675701868
.elfsquad.io/ Name: _gid
Value: GA1.2.1449783782.1675701868
.elfsquad.io/ Name: _gat_UA-149675056-1
Value: 1
.elfsquad.io/ Name: _clsk
Value: l8f7oz|1675701868391|1|1|d.clarity.ms/collect
login.elfsquad.io/ Name: ln_or
Value: eyIxNzEzNzg1IjoiZCJ9
.linkedin.com/ Name: UserMatchHistory
Value: AQK1T1gbnJK_DAAAAYYnnVeiWIDL_jKmv1P7kuKQ4qp7Oki6boq2EcxncUX7YuWBI64ZweECpu98pg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKv6b9w3NaH-wAAAYYnnVeiaZdQXE2nlrUbKR_Wtz3Va9seRZcaqHYuK_y-4qmS_q-wkBxbh0QpfsRO5mBx1A
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&495e4adc-deb5-4110-8741-9f3aea71edd3"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2498:u=1:x=1:i=1675701868:t=1675788268:v=2:sig=AQGBJBaZTBuIkn44wHT-teRZhGhBVhzd"
.linkedin.com/ Name: lang
Value: v=2&lang=nl-nl
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023020616442871e0dd20-ff02-479e-8948-e124e023732bAQFMN8BzLvqYgMTIIDS2Ptgk0WS2bDFH"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzU3MDE4Njg7MjswMjHm3cThbwylDSHk7S2Ri7rxahY+Q7gfhbE2chVuMQyvGw==
.c.bing.com/ Name: SRM_B
Value: 1319750D8B316D12080967BD8A926C69
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1319750D8B316D12080967BD8A926C69
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.matomo.cloud/elfsquad.matomo.cloud/matomo.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
cdn.matomo.cloud
cdn.mouseflow.com
cdn.zapier.com
d.clarity.ms
elfskotcdn.blob.core.windows.net
ems.elfsquad.io
fonts.googleapis.com
fonts.gstatic.com
login.configurator.vredo.com
login.elfsquad.io
maxcdn.bootstrapcdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
stats.g.doubleclick.net
status.elfsquad.io
unpkg.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.linkedin.com
d.clarity.ms
13.107.42.14
151.139.128.10
20.209.11.33
20.234.93.27
20.71.11.206
2001:4860:4802:32::36
2600:9000:206f:e00:2:53b2:240:93a1
2600:9000:211e:fe00:1c:f7a9:7980:93a1
2600:9000:223f:4e00:c:7d55:b3c0:93a1
2606:4700::6810:7daf
2606:4700::6812:bcf
2620:1ec:21::14
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:828::200e
2a00:1450:400c:c07::9b
2a00:1450:400d:802::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80d::2008
2a02:26f0:3500:16::215:149b
37.97.185.178
40.118.40.109
40.76.174.66
099a34d658455358b279fb466b6800e64fda0b20d2a101cf5b79fa9aa9dfd9ae
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1629338e390dda8a6f5fd0faa91c1103df6cec1731fdae6994c2e1477179a344
1b1001d0a6e337b7aa036baa8a3f1c914906084f937d03372636583657a522d8
1bab9c6c87ca17002d798caf58c894b46b6a1bf72f48485c88e4b97d2fefd73f
25db6e19d6caaa8fe595c93ba7f8973b0f23b0522c2e1278dd470e3156b04c7c
262eb3dd2632577c6858ef9a84c30f5f7f31b82d43d4f94d1e04bcb284390fc9
37db44fb101190abf98ff5e5943597972f02a5269ba6dca134edec6f3ea7919b
3d41abc5f16cdf2ccb5730d4b12649d0357df236fec016871d120d3e5eabd1d9
4eeaef467b911cd6c99aa2880ce9df5410fb7795403f01e75b89e8aa8112f3f8
5557658155199807f4e64f6a9816bcd33c4f94ab6db5a4d57e0d605bb6eff1e8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
615d70a07eca047e48df886c0617ad09ce4d94cbeac5e0b079eb2aca2952b49c
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6906a01e32112cb1838155ab3ddd0c9ad4add6561aa98aa007a4fc4574e7f4c1
7893f5334601e56fe59b30e652181d7869e39014b1f125148b26e658a95ae72d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7ee9e319f051e9b3e42261ce4d69ea8c35a3b82def3a925d182b36835034e897
8ac484884f47844af3f1d284f1bc4b7f218d543def79d3cd7b39ee4cfa8520b6
8fb7169bb2445a1e01843ba76e112d036fd1ddbd461054ac35b592384d53772c
90c883dd892858c5a13fb76cbdbebd3c35649ace3d70ea988b0cb976eed69490
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a5817c8207b79d3cc9f04b7f6d28a5b964407bb3e098e34d95a698064632829c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b491cca15b2cda71b44374029750d3aca78e9d1e6c88eefc646e114cb5903d50
bb287d08705c40a404cf20e29f65b3691211c35c84360d8979014044bd139194
c51f0b24e1ecbdef8f607b1fd6c24cf3b6c0a2a7535cb6701abde017932a8072
ca4a69e2979200c3d920f6ea199f8b4699964b5ee3d6894812fa10d9d4aec7a2
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c