client.breakthroughwitheleni.com Open in urlscan Pro
128.140.41.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://client.breakthroughwitheleni.com/
Effective URL:
https://client.breakthroughwitheleni.com/auth/login
Submission: On March 20 via api (March 20th 2024, 3:15:40 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 128.140.41.110, located in Germany and belongs to HETZNER-AS, DE. The main domain is client.breakthroughwitheleni.com.
TLS certificate: Issued by R3 on March 18th 2024. Valid for: 3 months.

This is the only time client.breakthroughwitheleni.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 8	128.140.41.110 128.140.41.110	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 _) (CDN77 _)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:109b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.219.169.246 52.219.169.246	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:119b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	7

8 128.140.41.110 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nbg-proxy.quenza.com

client.breakthroughwitheleni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 _, GB)

cdn.headwayapp.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:109b (United States)

ASN13335 (CLOUDFLARENET, US)

js.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.169.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com

quenza-production-public.s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:119b (United States)

ASN13335 (CLOUDFLARENET, US)

find.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	breakthroughwitheleni.com 2 redirects client.breakthroughwitheleni.com	1 MB
3	userpilot.io js.userpilot.io — Cisco Umbrella Rank: 40013 find.userpilot.io — Cisco Umbrella Rank: 50607	243 KB
2	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3546 ekr.zdassets.com — Cisco Umbrella Rank: 4262	6 KB
1	amazonaws.com quenza-production-public.s3.eu-central-1.amazonaws.com	16 KB
1	headwayapp.co cdn.headwayapp.co — Cisco Umbrella Rank: 56582	7 KB
13	5

	Domain	Requested by
8	client.breakthroughwitheleni.com	2 redirects client.breakthroughwitheleni.com
2	js.userpilot.io	client.breakthroughwitheleni.com js.userpilot.io
1	find.userpilot.io	js.userpilot.io
1	quenza-production-public.s3.eu-central-1.amazonaws.com	client.breakthroughwitheleni.com
1	ekr.zdassets.com	static.zdassets.com
1	static.zdassets.com	client.breakthroughwitheleni.com
1	cdn.headwayapp.co	client.breakthroughwitheleni.com
13	7

This site contains no links.

Subject Issuer	Validity	Valid
client.breakthroughwitheleni.com R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
1529036741.rsc.cdn77.org R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
userpilot.io GTS CA 1P5	`2024-03-19` - `2024-06-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://client.breakthroughwitheleni.com/auth/login
Frame ID: CC5B7DC7B783D29D82736529595980E6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quenza

Page URL History Show full URLs

https://client.breakthroughwitheleni.com/ HTTP 302
https://client.breakthroughwitheleni.com/auth/login Page URL

Page Statistics

13
Requests

92 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

1723 kB
Transfer

6172 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://client.breakthroughwitheleni.com/ HTTP 302
https://client.breakthroughwitheleni.com/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://client.breakthroughwitheleni.com/organization/public/organization/9313/logo/lg?id=741956&signature=b68bedffaf38816292299322bb7889521ff2c03892700c454d3f9e99579c177c HTTP 302
https://quenza-production-public.s3.eu-central-1.amazonaws.com/741956/conversions/bf6168ab-fab3-4c2c-bc7c-73ce482cc0f1-lg.png?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASHVJTTUDTKEBKIUD%2F20240320%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20240320T151535Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=847ea50ecbe45d1ddf2a09bb31b41a4820fe6b0dd35033162615d7f81f8d1641

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
client.breakthroughwitheleni.com/auth/
Redirect Chain

https://client.breakthroughwitheleni.com/
https://client.breakthroughwitheleni.com/auth/login

5 KB
2 KB

238ms
236ms

Document
text/html

128.140.41.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://client.breakthroughwitheleni.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

128.140.41.110 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nbg-proxy.quenza.com

Software

Caddy nginx /

Resource Hash

c84f62a993506d7d7707d8a599a673bfb888927f6056c5791c949d4d4d1ecffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 15:15:33 GMT
server: Caddy nginx
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-quenza-session: 90d623143f37c2bdd093ceba71f1fd67
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Wed, 20 Mar 2024 15:15:32 GMT
location: https://client.breakthroughwitheleni.com/auth/login
server: Caddy nginx
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 widget.js Show response
cdn.headwayapp.co/ 27 KB
7 KB 513ms
72ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.headwayapp.co/widget.js
Requested by: Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/auth/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b1ea3a8ce92164144245a653b4a25553311a12d31d1e55a29be20b6bbb0ea430

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.breakthroughwitheleni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Wed, 20 Mar 2024 15:15:33 GMT
via: 1.1 0f37773e2cce4ff7a5301ebabb04538a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: EWR53-C2
x-77-cache: HIT
x-cache: HIT
x-hello: headway
x-age: 30
x-accel-date: 1710947703
x-77-nzt: EgwBWbuxDwH3HgAAAAgBnJI76AGB
x-accel-expires: @1710947763
x-77-age: 30
last-modified: Sun, 28 Jan 2024 06:22:50 GMT
server: CDN77-Turbo
etag: W/"b1ea3a8ce92164144245a653b4a25553"
x-77-nzt-ray: 49be1408d718e0d295fdfa65cb598b29
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
x-amz-cf-id: TR7l4E4QOLHRmnAvxxSOQ5JXp-ztNwfaLN_ZjPdJ9Slj094kVnAiMA==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 179ms
55ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=0e09b493-0eda-44a9-a34e-f6a7095c8201

Requested by

Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.breakthroughwitheleni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:33 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ATPJN2BBRNAVEP8C
age: 2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yZSnXp5joC1jEUcdstI6JJxXe+57NDQVrgC8bP2Gtlxd0OKsnfmbb0FPfdOCVjDBGs07rFDX82g=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3B3ZY8VDkhPmufQw5IGvXpJI0Ltx%2BEDGyJ%2B8k9h0Ze9MncxMmq6zk1277cOMFkacjJ5xtpQfNsg33gyLa%2FlwHCcxyV%2FMKMNuZ1hIdF%2F1LniKuKjCPkpSzPhKt3%2Ba2RCpP5cI4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 8676a88588e931d1-MIA
access-control-allow-headers: *

GET
H3 200 main.e27e7666.css
client.breakthroughwitheleni.com/build/assets/ 317 KB
59 KB 312ms
297ms Stylesheet
text/css 128.140.41.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://client.breakthroughwitheleni.com/build/assets/main.e27e7666.css

Requested by

Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

128.140.41.110 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nbg-proxy.quenza.com

Software

Caddy, nginx /

Resource Hash

e27e76666b733828c96683437d867276ef7df4668e0001531406746badcab7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.breakthroughwitheleni.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2024 09:39:38 GMT
server: Caddy, nginx
etag: W/"65f80bda-4f4ba"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H3 200 main.d4f209d6.js Show response
client.breakthroughwitheleni.com/build/assets/ 4 MB
1 MB 165ms
150ms Script
application/javascript 128.140.41.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://client.breakthroughwitheleni.com/build/assets/main.d4f209d6.js

Requested by

Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

128.140.41.110 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nbg-proxy.quenza.com

Software

Caddy, nginx /

Resource Hash

33eb33150ef84c7e280c60c4e6a9011a7220995ce42a33f0f7ce0c6b10b0053c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.breakthroughwitheleni.com/auth/login
Origin: https://client.breakthroughwitheleni.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2024 09:39:38 GMT
server: Caddy, nginx
etag: W/"65f80bda-4575ce"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 0e09b493-0eda-44a9-a34e-f6a7095c8201 Show response
ekr.zdassets.com/compose/ 15 B
878 B 359ms
229ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/0e09b493-0eda-44a9-a34e-f6a7095c8201

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=0e09b493-0eda-44a9-a34e-f6a7095c8201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86d8b086af0fc30d06856e218fcfdb6b803f91b45f50b1b753d8deac627fc054

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.breakthroughwitheleni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:33 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 86758fd2bbdba1da-SEA, 86758fd2bbdba1da-SEA
x-runtime: 0.003216
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"86d8b086af0fc30d06856e218fcfdb6b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGbknu0LVaqIPjqfS%2Be50XDpORS1baacCr7N02HL7f1eALarh%2FGFmP%2BKQQUZD8vJg6vWdo%2B6TTA8hvTGCjlvHRviG54m%2FefA75ENayD6%2FpNOkqrAzrpf%2BXKKlxgzkMcYHlI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8676a886cc615c82-MIA

GET
H3 200 Mulish-Bold.ttf
client.breakthroughwitheleni.com/static/fonts/ 87 KB
87 KB 154ms
152ms Font
application/octet-stream 128.140.41.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://client.breakthroughwitheleni.com/static/fonts/Mulish-Bold.ttf

Requested by

Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/build/assets/main.e27e7666.css

Protocol

Security

QUIC, , AES_128_GCM

Server

128.140.41.110 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nbg-proxy.quenza.com

Software

Caddy, nginx /

Resource Hash

499c5b939b037bc5a01668352e3376ef872a2787e7c4414fcac359f7f151677a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.breakthroughwitheleni.com/build/assets/main.e27e7666.css
Origin: https://client.breakthroughwitheleni.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2024 09:40:37 GMT
server: Caddy, nginx
etag: "65f80c15-15cb4"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 89268
x-xss-protection: 1; mode=block

GET
H3 200 Mulish-Regular.ttf
client.breakthroughwitheleni.com/static/fonts/ 87 KB
87 KB 154ms
152ms Font
application/octet-stream 128.140.41.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://client.breakthroughwitheleni.com/static/fonts/Mulish-Regular.ttf

Requested by

Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/build/assets/main.e27e7666.css

Protocol

Security

QUIC, , AES_128_GCM

Server

128.140.41.110 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nbg-proxy.quenza.com

Software

Caddy, nginx /

Resource Hash

eb364c7f2d591189ec69cd14387bc8b3419bf5bf467bba354151ec26d014e857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.breakthroughwitheleni.com/build/assets/main.e27e7666.css
Origin: https://client.breakthroughwitheleni.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2024 09:40:37 GMT
server: Caddy, nginx
etag: "65f80c15-15c9c"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 89244
x-xss-protection: 1; mode=block

GET
H3 200 icomoon.5a1641b7.ttf
client.breakthroughwitheleni.com/build/assets/ 111 KB
111 KB 149ms
147ms Font
application/octet-stream 128.140.41.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://client.breakthroughwitheleni.com/build/assets/icomoon.5a1641b7.ttf

Requested by

Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/build/assets/main.e27e7666.css

Protocol

Security

QUIC, , AES_128_GCM

Server

128.140.41.110 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nbg-proxy.quenza.com

Software

Caddy, nginx /

Resource Hash

5a1641b7c7cb95ecf55841109ce25e19bb37ccd4a9801b2b54f5073cedc9493a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client.breakthroughwitheleni.com/build/assets/main.e27e7666.css
Origin: https://client.breakthroughwitheleni.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2024 09:39:38 GMT
server: Caddy, nginx
etag: "65f80bda-1bc3c"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 113724
x-xss-protection: 1; mode=block

GET
H2 200 latest.js Show response
js.userpilot.io/sdk/ 3 KB
1 KB 216ms
45ms Script
text/javascript 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/latest.js

Requested by

Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/build/assets/main.d4f209d6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12bf3483aff813c1ef9e4c2b8cafd7a31f2b85f5acbb4ee3f8e6fe6aac52763a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.breakthroughwitheleni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: 4M1A0PZQWTHJPK58
age: 6
x-amz-server-side-encryption: AES256
x-amz-id-2: 5ZisQzRMz07s4W6knRys2n+qDdVduUrLEGI18m0qAAWW6RjzzN4LAAXFK8ESlQvaJYQlv4DHWyJcXQqZjjGczw==
cf-bgj: minify
last-modified: Mon, 18 Mar 2024 10:51:00 GMT
server: cloudflare
etag: W/"efafb5a361fe1722bf61a64592b78a92"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=120
cf-ray: 8676a891dfc44962-MIA

GET
H/1.1

200
OK

bf6168ab-fab3-4c2c-bc7c-73ce482cc0f1-lg.png
quenza-production-public.s3.eu-central-1.amazonaws.com/741956/conversions/
Redirect Chain

https://client.breakthroughwitheleni.com/organization/public/organization/9313/logo/lg?id=741956&signature=b68bedffaf38816292299322bb7889521ff2c03892700c454d3f9e99579c177c
https://quenza-production-public.s3.eu-central-1.amazonaws.com/741956/conversions/bf6168ab-fab3-4c2c-bc7c-73ce482cc0f1-lg.png?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&...

15 KB
16 KB

596ms
229ms

Image
image/png

52.219.169.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quenza-production-public.s3.eu-central-1.amazonaws.com/741956/conversions/bf6168ab-fab3-4c2c-bc7c-73ce482cc0f1-lg.png?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASHVJTTUDTKEBKIUD%2F20240320%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20240320T151535Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=847ea50ecbe45d1ddf2a09bb31b41a4820fe6b0dd35033162615d7f81f8d1641
Requested by: Host: client.breakthroughwitheleni.com
URL: https://client.breakthroughwitheleni.com/auth/login
Protocol: HTTP/1.1
Server: 52.219.169.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 65b08a31e405c2349f46bc6b7207de6e93c300cc8a0daca1f7a39fb94161cde6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.breakthroughwitheleni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 15:15:36 GMT
x-amz-version-id: 1f.4EDolXj3tk9gWp0zci2HFUWR1yRNU
Last-Modified: Tue, 19 Dec 2023 13:10:53 GMT
Server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:153900784903:key/feb32ad0-736a-474c-b41b-e924097c06dc
x-amz-request-id: ZWVN5EW5GK82FXQ7
ETag: "56672656982f2664875d89f68dbf7843"
x-amz-server-side-encryption: aws:kms
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 15729
x-amz-id-2: vTfY8fVAfCOU+t+1c7xosfOp1AprmzfXlS2w3/hJcMzTAauniwE7FZaVNZNNi6c5zR5XGdlYLGw=

Redirect headers

date: Wed, 20 Mar 2024 15:15:35 GMT
x-content-type-options: nosniff
server: Caddy, nginx
vary: Origin
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://quenza-production-public.s3.eu-central-1.amazonaws.com/741956/conversions/bf6168ab-fab3-4c2c-bc7c-73ce482cc0f1-lg.png?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIASHVJTTUDTKEBKIUD%2F20240320%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20240320T151535Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Signature=847ea50ecbe45d1ddf2a09bb31b41a4820fe6b0dd35033162615d7f81f8d1641
cache-control: no-cache, private
x-xss-protection: 1; mode=block
x-quenza-session: 90d623143f37c2bdd093ceba71f1fd67

GET
H2 200 app.js Show response
js.userpilot.io/sdk/version/v0/ 1 MB
241 KB 96ms
44ms Script
text/javascript 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/version/v0/app.js

Requested by

Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a6939aea6670c3c936e7122a2ba506169a49ea345d4f883c0755b23d78dedf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.breakthroughwitheleni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: K6PH69K3TT6CBPV5
age: 15866
x-amz-server-side-encryption: AES256
x-amz-id-2: pZlIKJDd0My9UwAVSyvo0zKo6kPnvRKas0WqK64mWensJBvmzI8a4jw62udhBGwgrS19Rcj871Q=
cf-bgj: minify
last-modified: Mon, 18 Mar 2024 10:50:59 GMT
server: cloudflare
etag: W/"dd2f897ab08ec3887632efedb26e25c4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
cf-ray: 8676a892d8f74962-MIA

GET
H2 200 NX-ae66735d Show response
find.userpilot.io/v1/lookups/ 62 B
517 B 621ms
491ms XHR
application/json 2606:4700::6812:119b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://find.userpilot.io/v1/lookups/NX-ae66735d

Requested by

Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/version/v0/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:119b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://client.breakthroughwitheleni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:15:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-cache: Hit from findex
x-request-id: F76B5qs6gzxp7bgBoQkB
last-modified: Wed, 20 Mar 2024 15:15:36 GMT
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 59999
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-apo-via: origin,host
x-ratelimit-limit: 60000
x-ratelimit-reset: 1710947760000
cf-ray: 8676a894fa9b7494-MIA

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
client.breakthroughwitheleni.com/	1969-12-31 23:59:59	Name: production_2_session Value: dwFcNzul9XJ0qy3SczS0TUoWdqG5y4tmWleVVR3Y
client.breakthroughwitheleni.com/	1970-01-21 04:51:47	Name: production_2_branding Value: eyJpdiI6InN0NnR5YkM2T0FMbXRjUUU1OVZ0K2c9PSIsInZhbHVlIjoiM1BBNU1TS2Q4b1d4c3pDamdzZ0lYTENUUTA5NzNrZWtxdjBVTm9nUlozQ1dlRWxLNnBWU0xGQWxTM1Y4LzY3UyIsIm1hYyI6IjdkMzI1NmZhYTA1MjNhYjk5NGVmODM0MDNhNmJjMDUyZjEyM2IwMWEwZDc2ZTUzZDE1NjIxNTc4NTA5ZWQ3YjAiLCJ0YWciOiIifQ%3D%3D
client.breakthroughwitheleni.com/	1970-01-20 19:15:49	Name: XSRF-TOKEN Value: eyJpdiI6IlVQL0Jha3N1UlJiRWUvWno5YWtnV0E9PSIsInZhbHVlIjoiODhMRHNhSkNURGRSM2hVKzdqeHhnbjB6ZjVJYm1jYS83blBWdXQxdFJ3L2FVZU1IS3FUMElEKzY0cDVCM1hpc1lxS0lpbVdWb2Q4d1g3azlOcmZBcnZxQWFpOUpNQnN1Ymt4OGRLak5vS0dsTTgzRHVKdjFhN1pya2prS1NPVm0iLCJtYWMiOiJjZDc3YzViNTNmZjdhZTQ3YTBmNTQ1M2Y3Mjg4MGRhNTQ3ODBmNTNhZjY1ZTc5ZDJjMjZkN2U5NjEyNmNjNzQ1IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.headwayapp.co
client.breakthroughwitheleni.com
ekr.zdassets.com
find.userpilot.io
js.userpilot.io
quenza-production-public.s3.eu-central-1.amazonaws.com
static.zdassets.com
104.18.70.113
104.18.72.113
128.140.41.110
2606:4700::6812:109b
2606:4700::6812:119b
2a02:6ea0:c400::12
52.219.169.246
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
12bf3483aff813c1ef9e4c2b8cafd7a31f2b85f5acbb4ee3f8e6fe6aac52763a
2a6939aea6670c3c936e7122a2ba506169a49ea345d4f883c0755b23d78dedf2
33eb33150ef84c7e280c60c4e6a9011a7220995ce42a33f0f7ce0c6b10b0053c
499c5b939b037bc5a01668352e3376ef872a2787e7c4414fcac359f7f151677a
5a1641b7c7cb95ecf55841109ce25e19bb37ccd4a9801b2b54f5073cedc9493a
65b08a31e405c2349f46bc6b7207de6e93c300cc8a0daca1f7a39fb94161cde6
86d8b086af0fc30d06856e218fcfdb6b803f91b45f50b1b753d8deac627fc054
b1ea3a8ce92164144245a653b4a25553311a12d31d1e55a29be20b6bbb0ea430
c84f62a993506d7d7707d8a599a673bfb888927f6056c5791c949d4d4d1ecffe
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
e27e76666b733828c96683437d867276ef7df4668e0001531406746badcab7b2
eb364c7f2d591189ec69cd14387bc8b3419bf5bf467bba354151ec26d014e857

client.breakthroughwitheleni.com Open in urlscan Pro 128.140.41.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

92 %HTTPS

43 %IPv6

5 Domains

7 Subdomains

7 IPs

3 Countries

1723 kBTransfer

6172 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

client.breakthroughwitheleni.com Open in urlscan Pro
128.140.41.110 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

1723 kB
Transfer

6172 kB
Size

3
Cookies

13 HTTP transactions
0 data transactions