heffalump-public.dev.elphasecure.io Open in urlscan Pro
34.148.191.42  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response heffalump-public.dev.elphasecure.io/	2 KB 2 KB	497ms 174ms	Document text/html	34.148.191.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heffalump-public.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.191.42 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.191.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 66a5bd1bc7f01f2edc3d729df520e095529bbb1e43376c5b84ded766bef15b71 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-length 2331 content-type text/html date Sun, 07 Jul 2024 21:06:11 GMT etag "66189e5b-91b" last-modified Fri, 12 Apr 2024 02:37:15 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-envoy-upstream-service-time 6
GET H2	200	env-config.js Show response heffalump-public.dev.elphasecure.io/	450 B 581 B	419ms 417ms	Script application/javascript	34.148.191.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heffalump-public.dev.elphasecure.io/env-config.js Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.191.42 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.191.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash d80e83ecd1e9c8f217ec7c12f09b7bf38e11fe6a1038652ed728cbd9e53ba105 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 21:06:12 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Wed, 26 Jun 2024 08:35:39 GMT server istio-envoy etag "667bd2db-1c2" content-type application/javascript cache-control max-age=1800 x-envoy-upstream-service-time 17 accept-ranges bytes content-length 450 expires Sun, 07 Jul 2024 21:36:12 GMT
GET H2	200	2.878be42e.chunk.css heffalump-public.dev.elphasecure.io/static/css/	24 KB 24 KB	315ms 313ms	Stylesheet text/css	34.148.191.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heffalump-public.dev.elphasecure.io/static/css/2.878be42e.chunk.css Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.191.42 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.191.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 6660a69350fe09b653d1de74740115a0409ca214cebc2370ead6c3c070e8073c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 21:06:12 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 12 Apr 2024 02:37:15 GMT server istio-envoy etag "66189e5b-6182" content-type text/css x-envoy-upstream-service-time 12 accept-ranges bytes content-length 24962
GET H2	200	main.797f171b.chunk.css heffalump-public.dev.elphasecure.io/static/css/	2 KB 2 KB	418ms 416ms	Stylesheet text/css	34.148.191.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heffalump-public.dev.elphasecure.io/static/css/main.797f171b.chunk.css Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.191.42 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.191.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 1dbda0cbe7037242015cdb2787e17ebec2c03ddb3b46bc321e4355249e5d91d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 21:06:12 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 12 Apr 2024 02:37:15 GMT server istio-envoy etag "66189e5b-8e7" content-type text/css x-envoy-upstream-service-time 17 accept-ranges bytes content-length 2279
GET H2	200	2.6d115457.chunk.js Show response heffalump-public.dev.elphasecure.io/static/js/	2 MB 2 MB	419ms 417ms	Script application/javascript	34.148.191.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heffalump-public.dev.elphasecure.io/static/js/2.6d115457.chunk.js Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.191.42 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.191.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash b22646b97029b93128cf8369f9e6e404e04cbc0b57b4489aa019df1cdba13d49 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 21:06:12 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 12 Apr 2024 02:37:15 GMT server istio-envoy etag "66189e5b-2144b1" content-type application/javascript x-envoy-upstream-service-time 17 accept-ranges bytes content-length 2180273
GET H2	200	main.c469cde9.chunk.js Show response heffalump-public.dev.elphasecure.io/static/js/	64 KB 64 KB	488ms 486ms	Script application/javascript	34.148.191.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heffalump-public.dev.elphasecure.io/static/js/main.c469cde9.chunk.js Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.191.42 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.191.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash a6c8c5c1d56fb7a5ba685be6509e983ee999666b8963231003892278792f853d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 21:06:12 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 12 Apr 2024 02:37:15 GMT server istio-envoy etag "66189e5b-fe4f" content-type application/javascript x-envoy-upstream-service-time 17 accept-ranges bytes content-length 65103
GET H2	200	udl5zjc.css use.typekit.net/	3 KB 942 B	280ms 57ms	Stylesheet text/css	2a02:26f0:7100::1720:ef50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/udl5zjc.css Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/static/css/main.797f171b.chunk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash c4b3a98c824fc61d3e6651d44b961fce8bdf2e9671cba6c04a8e621943ac2b38 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Sun, 07 Jul 2024 21:06:12 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 720
GET H2	200	p.css p.typekit.net/	5 B 172 B	140ms 36ms	Stylesheet text/css	2a02:26f0:7100::1720:ef43 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=udl5zjc&ht=tk&f=24539.24543.24547.24549&a=62226414&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/udl5zjc.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::1720:ef43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 21:06:12 GMT last-modified Fri, 23 Jun 2023 17:09:47 GMT server nginx etag "6495d1db-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET		gtm.js www.googletagmanager.com/	0 0
GET H2	200	v3 Show response js.stripe.com/	619 KB 171 KB	264ms 50ms	Script text/javascript	108.138.7.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/static/js/2.6d115457.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-100.fra56.r.cloudfront.net Software Cloudfront / Resource Hash ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 21:06:04 GMT content-encoding gzip via 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 14 x-amz-cf-pop FRA56-P6 x-cache Hit from cloudfront last-modified Fri, 05 Jul 2024 17:15:04 GMT server Cloudfront etag W/"16095b208fce1f9394656811fb5b307e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id 3xzxKzt409ni_5Bi1BDjUTBIF7oU-5N203YZKHpSRkt-dd1SfuDMzw==
GET H2	200	step1.html Show response dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/3p-cookies/ Frame 5985	757 B 1 KB	540ms 159ms	Document text/html	34.139.154.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/3p-cookies/step1.html Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/static/js/2.6d115457.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.139.154.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.154.139.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1 Security Headers Name Value Content-Security-Policy frame-src 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://heffalump-public.dev.elphasecure.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-length 757 content-security-policy frame-src 'self'; object-src 'none'; content-type text/html;charset=utf-8 date Sun, 07 Jul 2024 21:06:17 GMT p3p CP="This is not a P3P policy!" referrer-policy no-referrer server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-envoy-upstream-service-time 2 x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html js.stripe.com/v3/ Frame 43C7	0 0	237ms 42ms	Document text/html	108.138.7.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-100.fra56.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://heffalump-public.dev.elphasecure.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 16 cache-control max-age=60, stale-while-revalidate=900 content-length 651 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 07 Jul 2024 21:06:02 GMT etag "6a259ce9c1cfd6bc93b8b95f1a5f50b3" last-modified Fri, 05 Jul 2024 17:11:48 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) x-amz-cf-id SPeU7d-CS0Fr_P61ne0ce37OxobxAQ-lYIm-sI2MrKFhMNbHfAxsYQ== x-amz-cf-pop FRA56-P6 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	login-status-iframe.html Show response dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/ Frame CAAB	3 KB 3 KB	166ms 139ms	Document text/html	34.139.154.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/static/js/2.6d115457.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.139.154.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.154.139.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 81d907c82998d426e74c41cc9cf5c13465664e47383daa6a9d12d6e0237752ef Security Headers Name Value Content-Security-Policy frame-src 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://heffalump-public.dev.elphasecure.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-length 3233 content-security-policy frame-src 'self'; object-src 'none'; content-type text/html;charset=utf-8 date Sun, 07 Jul 2024 21:06:17 GMT p3p CP="This is not a P3P policy!" referrer-policy no-referrer server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-envoy-upstream-service-time 3 x-robots-tag none x-xss-protection 1; mode=block
GET H2	403	init Show response dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html/ Frame CAAB	0 53 B	412ms 411ms	XHR text/plain	34.139.154.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html/init?client_id=portal-public&origin=https%3A%2F%2Fheffalump-public.dev.elphasecure.io Requested by Host: dev.auth.elphasecure.io URL: https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.139.154.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.154.139.34.bc.googleusercontent.com Software istio-envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 07 Jul 2024 21:06:18 GMT referrer-policy no-referrer x-content-type-options nosniff server istio-envoy x-envoy-upstream-service-time 268 content-length 0 x-xss-protection 1; mode=block
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame CF7B	0 0	44ms 44ms	Document text/html	108.138.7.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-100.fra56.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://heffalump-public.dev.elphasecure.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 3083 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 07 Jul 2024 20:14:56 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Wed, 03 Jul 2024 20:04:23 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) x-amz-cf-id _fLoGW3tmypY0LyU2gx3BXNzNPtaeasxdGW_FAj8SeqGq3SpLqmXVw== x-amz-cf-pop FRA56-P6 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	hegrq81z Show response widget.intercom.io/widget/	7 KB 3 KB	655ms 454ms	Script application/javascript	13.224.189.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/hegrq81z Requested by Host: heffalump-public.dev.elphasecure.io URL: https://heffalump-public.dev.elphasecure.io/static/js/2.6d115457.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.35 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-35.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 035d6c44112d2cb3bb5bec7cdf82b0bc4f463e459d949ad67a6eb50b7225dc4d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id eek9KFe81_rdrGEROge.QvlTxJMyiyl_ content-encoding gzip via 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront) date Sun, 07 Jul 2024 21:03:43 GMT x-amz-cf-pop FRA2-C1 age 336 x-amz-server-side-encryption AES256 x-cache Error from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2668 last-modified Thu, 04 Jul 2024 16:21:24 GMT server AmazonS3 etag "a4ad2f4284a0a132d8a05c885ee87f9c" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=300, s-maxage=300, public accept-ranges bytes x-amz-cf-id 56LmxWZJfx4uLkyPzX-vb1llyfucWBm9iqp0v1cQwvRwZnSoL_XF1g==
GET H2	200	frame-modern.b4b6b51d.js Show response js.intercomcdn.com/ Frame B685	458 KB 138 KB	331ms 65ms	Script application/javascript	18.245.46.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.b4b6b51d.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/hegrq81z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-19.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 64351ef7026b06738077bcf9a5be86bf7692a1f3814e638d59ee1a5a8ae17b56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id uvqm.ogeYnvR_AGasCsJz0goDf3XsLuM content-encoding gzip via 1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront) date Sun, 07 Jul 2024 20:21:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P9 age 2692 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 141000 last-modified Thu, 04 Jul 2024 16:18:01 GMT server AmazonS3 etag "f4ae053a1e340c217f12e7f3bb7c8620" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id ChVz-TRtj4KmCi1QUi87TUAzg6ZeBYVfJgriq0xgFLa8aETUHUZbgA==
GET H2	200	vendor-modern.bc52aebd.js Show response js.intercomcdn.com/ Frame B685	455 KB 145 KB	509ms 244ms	Script application/javascript	18.245.46.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.bc52aebd.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/hegrq81z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-19.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id Mw1h9i8Md7P3qjd15fFHiY3cqmFJcVuL content-encoding gzip via 1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront) date Sun, 07 Jul 2024 19:17:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P9 age 6510 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 147287 last-modified Thu, 04 Jul 2024 09:15:11 GMT server AmazonS3 etag "045ab66ea0acdc79774f2aae33a45b67" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id selCo-lC_uTAfimcm10ZHaLlGxw5wqwnT6XK4LGBfA-Ws_Eh1ktxIQ==
GET H2	200	favicon.png heffalump-public.dev.elphasecure.io/	8 KB 8 KB	159ms 159ms	Other image/png	34.148.191.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://heffalump-public.dev.elphasecure.io/favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.148.191.42 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.191.148.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 6796e197677c35ddc5b2c6a3491e9a144d6ac65d5ac75d24f41525406c5a6dea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 21:06:20 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 12 Apr 2024 02:36:59 GMT server istio-envoy etag "66189e4b-211c" content-type image/png cache-control max-age=1800 x-envoy-upstream-service-time 2 accept-ranges bytes content-length 8476 expires Sun, 07 Jul 2024 21:36:20 GMT
GET H2	200	trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response js.stripe.com/v3/fingerprinted/js/	176 B 668 B	77ms 46ms	Script text/javascript	108.138.7.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-100.fra56.r.cloudfront.net Software Cloudfront / Resource Hash 07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://heffalump-public.dev.elphasecure.io/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 20:30:27 GMT via 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload age 2180 x-amz-cf-pop FRA56-P6 x-cache Hit from cloudfront content-length 176 last-modified Fri, 05 Jul 2024 17:12:02 GMT server Cloudfront etag "96f5b26d366f47393b3ff36fe7471474" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id 7KIu_MM0S5ctnDGEZQsA_uYwStbCqEUFY0p9feOrzSWfV7ChH1SEMw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtm.js?id=GTM-TFL85VD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| _env_ object| webpackJsonpelpha-secure-portal function| _ function| Intercom object| dataLayer object| webpackChunkStripeJSouter function| noop function| Stripe function| __intercomAssignLocation function| __intercomReloadLocation

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-21 07:29:06	Name: m Value: 6cc1f4ca-2e67-44ae-ac9b-2158b7e0160ceba319
			.heffalump-public.dev.elphasecure.io/	1970-01-21 06:38:42	Name: __stripe_mid Value: fc5401e8-fced-43d4-9433-c758ce81d48e9c078f
			.heffalump-public.dev.elphasecure.io/	1970-01-20 21:53:08	Name: __stripe_sid Value: 8294522e-2115-412b-b24e-1cc6e20356de1d659e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dev.auth.elphasecure.io/auth/realms/client/protocol/openid-connect/login-status-iframe.html/init?client_id=portal-public&origin=https%3A%2F%2Fheffalump-public.dev.elphasecure.io Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dev.auth.elphasecure.io
heffalump-public.dev.elphasecure.io
js.intercomcdn.com
js.stripe.com
p.typekit.net
use.typekit.net
widget.intercom.io
www.googletagmanager.com
www.googletagmanager.com
108.138.7.100
13.224.189.35
18.245.46.19
2a02:26f0:7100::1720:ef43
2a02:26f0:7100::1720:ef50
34.139.154.101
34.148.191.42
035d6c44112d2cb3bb5bec7cdf82b0bc4f463e459d949ad67a6eb50b7225dc4d
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1dbda0cbe7037242015cdb2787e17ebec2c03ddb3b46bc321e4355249e5d91d4
64351ef7026b06738077bcf9a5be86bf7692a1f3814e638d59ee1a5a8ae17b56
6660a69350fe09b653d1de74740115a0409ca214cebc2370ead6c3c070e8073c
669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1
66a5bd1bc7f01f2edc3d729df520e095529bbb1e43376c5b84ded766bef15b71
6796e197677c35ddc5b2c6a3491e9a144d6ac65d5ac75d24f41525406c5a6dea
81d907c82998d426e74c41cc9cf5c13465664e47383daa6a9d12d6e0237752ef
a6c8c5c1d56fb7a5ba685be6509e983ee999666b8963231003892278792f853d
b22646b97029b93128cf8369f9e6e404e04cbc0b57b4489aa019df1cdba13d49
c4b3a98c824fc61d3e6651d44b961fce8bdf2e9671cba6c04a8e621943ac2b38
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
d80e83ecd1e9c8f217ec7c12f09b7bf38e11fe6a1038652ed728cbd9e53ba105
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087