login.qc-staging.console.regtank.com Open in urlscan Pro
2606:4700::6813:9913 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.qc-staging.console.regtank.com/
Effective URL:
https://login.qc-staging.console.regtank.com/u/login?state=hKFo2SAwRlFQR2xHYnpXUVFwcmFfczBqRjAwbm9hTUloZTlvM6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIF...
Submission: On September 08 via automatic, source certstream-suspicious (September 8th 2023, 8:29:19 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6813:9913, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.qc-staging.console.regtank.com.
TLS certificate: Issued by E1 on September 8th 2023. Valid for: 3 months.

This is the only time login.qc-staging.console.regtank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	2606:4700::68... 2606:4700::6813:9913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.213.176.9 13.213.176.9	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.27.116 13.32.27.116	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	34.196.46.83 34.196.46.83	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:214... 2600:9000:214f:1800:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
13	10

3 2606:4700::6813:9913 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

login.qc-staging.console.regtank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.213.176.9 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-176-9.ap-southeast-1.compute.amazonaws.com

qc-staging.console.regtank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1295082.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.46.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-46-83.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:1800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	regtank.com 2 redirects login.qc-staging.console.regtank.com qc-staging.console.regtank.com	9 MB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1049 heapanalytics.com — Cisco Umbrella Rank: 949	38 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7494	3 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 7929	61 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	sentry.io o1295082.ingest.sentry.io	333 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	1 KB
13	7

	Domain	Requested by
3	qc-staging.console.regtank.com	qc-staging.console.regtank.com
3	login.qc-staging.console.regtank.com	2 redirects qc-staging.console.regtank.com
1	i.imgur.com	login.qc-staging.console.regtank.com
1	cdn.auth0.com	login.qc-staging.console.regtank.com
1	heapanalytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	o1295082.ingest.sentry.io	qc-staging.console.regtank.com
1	cdn.heapanalytics.com	qc-staging.console.regtank.com
1	fonts.googleapis.com	qc-staging.console.regtank.com
13	9

This site contains no links.

Subject Issuer	Validity	Valid
qc-staging.console.regtank.com R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
login.qc-staging.console.regtank.com E1	`2023-09-08` - `2023-12-07`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.qc-staging.console.regtank.com/u/login?state=hKFo2SAwRlFQR2xHYnpXUVFwcmFfczBqRjAwbm9hTUloZTlvM6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRxUHVXU2h1T3phMHdNWEhNUXFZTGVGcnBRTUh1eVVmo2NpZNkgTnozN3ZFMllBdk1SUEFJc3FMVlhjZkFDbzIxNkNNWEU
Frame ID: F9A47BCD6CAA76B21D710426F799A936
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in | Regtank Console (Sandbox)

Page URL History Show full URLs

https://login.qc-staging.console.regtank.com/ HTTP 302
https://qc-staging.console.regtank.com/ Page URL
https://login.qc-staging.console.regtank.com/authorize?scope=openid%20profile%20email&audience=https%3A%2F%2Fsandbox.api.... HTTP 302
https://login.qc-staging.console.regtank.com/u/login?state=hKFo2SAwRlFQR2xHYnpXUVFwcmFfczBqRjAwbm9hTUloZTlvM6Fur3VuaXZlcn... Page URL

Detected technologies

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

13
Requests

85 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

9239 kB
Transfer

9523 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.qc-staging.console.regtank.com/ HTTP 302
https://qc-staging.console.regtank.com/ Page URL
https://login.qc-staging.console.regtank.com/authorize?scope=openid%20profile%20email&audience=https%3A%2F%2Fsandbox.api.flagright.com%2F&client_id=Nz37vE2YAvMRPAIsqLVXcfACo216CMXE&redirect_uri=https%3A%2F%2Fqc-staging.console.regtank.com&response_type=code&response_mode=query&state=WVlYbTNBU1pXUnNSVElESEdMZzZwWkJUdFVOdWp5LjVkRHd1UTBmVGVwRQ%3D%3D&nonce=ZUNCR296ZH5ZR0t4OX42fmdKajhaNmhOVkttcWJNQmxpVTF0Q0oyYm1WNA%3D%3D&code_challenge=8DSNu_NdUssaECGiEXar-LvKNwYcyHKrwC808Doyb_w&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMC4xIn0%3D HTTP 302
https://login.qc-staging.console.regtank.com/u/login?state=hKFo2SAwRlFQR2xHYnpXUVFwcmFfczBqRjAwbm9hTUloZTlvM6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRxUHVXU2h1T3phMHdNWEhNUXFZTGVGcnBRTUh1eVVmo2NpZNkgTnozN3ZFMllBdk1SUEFJc3FMVlhjZkFDbzIxNkNNWEU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://login.qc-staging.console.regtank.com/ HTTP 302
https://qc-staging.console.regtank.com/

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
qc-staging.console.regtank.com/
Redirect Chain

https://login.qc-staging.console.regtank.com/
https://qc-staging.console.regtank.com/

2 KB
2 KB

1124ms
770ms

Document
text/html

13.213.176.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qc-staging.console.regtank.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.213.176.9 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-213-176-9.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b2f8dcb4efd009dcc74cab2f97d4e038cd98e66da47182f3a528f00331d5e0ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 20506
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 08 Sep 2023 08:29:07 GMT
ETag: W/"eaceb7020f477c901f94cce2ac3361fb"
Last-Modified: Thu, 07 Sep 2023 21:27:48 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 2d4a1087f3ef25ab8e6dac5fe05a063e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 9svb7Kp44DL567UhPUddBxc38N3xrCtHmfgkmOqXgSeFoYAYGbOKjg==
X-Amz-Cf-Pop: TLV50-C1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

age: 2
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 8035d2628ae291d5-FRA
content-type: text/html; charset=utf-8
date: Fri, 08 Sep 2023 08:29:06 GMT
location: https://qc-staging.console.regtank.com/
ot-baggage-auth0-request-id: 8035d257990e1c03
ot-tracer-sampled: true
ot-tracer-spanid: 3483457b5abfb9d6
ot-tracer-traceid: 0d759eaa7bb7dc75
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-00000000000000000d759eaa7bb7dc75-3483457b5abfb9d6-01
tracestate: auth0-request-id=8035d257990e1c03,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: ffb559cb2e475c027d5d
x-content-type-options: nosniff

GET
H/1.1 200
OK bundle.1694121983157.css
qc-staging.console.regtank.com/ 1 MB
1 MB 942ms
941ms Stylesheet
text/css 13.213.176.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qc-staging.console.regtank.com/bundle.1694121983157.css
Requested by: Host: qc-staging.console.regtank.com
URL: https://qc-staging.console.regtank.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.213.176.9 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-213-176-9.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a76c23bc4643b7b221621ccbd074b16a6a238e8658d9d7a2b9a073ddbd5cca0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qc-staging.console.regtank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:29:08 GMT
Via: 1.1 5f105c8a45513ef6d6473ba144b8b9a6.cloudfront.net (CloudFront)
Last-Modified: Thu, 07 Sep 2023 21:27:48 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Amz-Cf-Pop: TLV50-C1
Age: 1409
ETag: "a50567426060d5b6297ab1c55d83095c"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1244128
X-Amz-Cf-Id: qeSsl--CtRIn9tBWNY9LX6yy34S0BvRQxQ17QZec7_IDeGsGtP4YjQ==

GET
H/1.1 200
OK bundle.1694121983157.js Show response
qc-staging.console.regtank.com/ 8 MB
8 MB 1274ms
947ms Script
application/javascript 13.213.176.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qc-staging.console.regtank.com/bundle.1694121983157.js
Requested by: Host: qc-staging.console.regtank.com
URL: https://qc-staging.console.regtank.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.213.176.9 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-213-176-9.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 33eab25dde26007c58549b838a60032d05262f269a2feaf39f0a7a11f28885d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qc-staging.console.regtank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 08:29:08 GMT
Via: 1.1 7d30cf029bde247eef16106ceffb39ca.cloudfront.net (CloudFront)
Last-Modified: Thu, 07 Sep 2023 21:27:47 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Amz-Cf-Pop: TLV50-C1
Age: 1409
ETag: "428119a72cef2f92d178e7af9d6811cb"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8077340
X-Amz-Cf-Id: g0Zr27EVdGFbAG6U1GCB7uLkNJXc6XQhYVjFjncaG9fG0zFIySAZpQ==

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 52ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: qc-staging.console.regtank.com
URL: https://qc-staging.console.regtank.com/bundle.1694121983157.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c56fe794b668791cac8372a999138387b19ac7880016c91ddeecaa36e27e1ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qc-staging.console.regtank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 08:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 08:26:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 08:29:09 GMT

GET
H2 200 heap-3716559167.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 134ms
105ms Script
application/javascript 13.32.27.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3716559167.js

Requested by

Host: qc-staging.console.regtank.com
URL: https://qc-staging.console.regtank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-116.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

1b8cea4412d2ed35eef48b2ea72c4aefd798d009fc1b2c62c0ec1de83bf0bd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qc-staging.console.regtank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:28:25 GMT
content-encoding: br
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
age: 44
x-powered-by: Express
etag: W/"1d441-EBW51d1y/ThFIR3ZB6xrfTtJ2t8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CV47iUAwdSxPNNkR4PlLuTV1y2qonxsLnqaXfBcUdqEMA1LkgP9Frg==

POST
H2 200 /
o1295082.ingest.sentry.io/api/6520175/envelope/ 2 B
333 B 46ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1295082.ingest.sentry.io/api/6520175/envelope/?sentry_key=02c8d2cba7c34122b3e765ef586a0dac&sentry_version=7&sentry_client=sentry.javascript.react%2F7.7.0

Requested by

Host: qc-staging.console.regtank.com
URL: https://qc-staging.console.regtank.com/bundle.1694121983157.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://qc-staging.console.regtank.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Sep 2023 08:29:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v30/ 14 KB
14 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qc-staging.console.regtank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:49:05 GMT
x-content-type-options: nosniff
age: 528009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14256
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:02:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 05:49:05 GMT

GET
BLOB 200
OK bad462cf-66ef-47b1-9315-b44cac3c5a82
https://qc-staging.console.regtank.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://qc-staging.console.regtank.com/bad462cf-66ef-47b1-9315-b44cac3c5a82
Requested by: Host: qc-staging.console.regtank.com
URL: https://qc-staging.console.regtank.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 1726
Content-Type: application/javascript

GET
BLOB 200
OK 09c94153-7c14-4a08-ba2f-6126ce0cd541
https://qc-staging.console.regtank.com/ 0
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://qc-staging.console.regtank.com/09c94153-7c14-4a08-ba2f-6126ce0cd541
Requested by: Host: qc-staging.console.regtank.com
URL: https://qc-staging.console.regtank.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 0
Content-Type: application/javascript

GET
H3

200

Primary Request login Show response
login.qc-staging.console.regtank.com/u/
Redirect Chain

https://login.qc-staging.console.regtank.com/authorize?scope=openid%20profile%20email&audience=https%3A%2F%2Fsandbox.api.flagright.com%2F&client_id=Nz37vE2YAvMRPAIsqLVXcfACo216CMXE&redirect_uri=htt...
https://login.qc-staging.console.regtank.com/u/login?state=hKFo2SAwRlFQR2xHYnpXUVFwcmFfczBqRjAwbm9hTUloZTlvM6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRxUHVXU2h1T3phMHdNWEhNUXFZTGVGcnBRTUh1eVVmo2NpZNkgTnozN3...

15 KB
16 KB

199ms
198ms

Document
text/html

2606:4700::6813:9913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.qc-staging.console.regtank.com/u/login?state=hKFo2SAwRlFQR2xHYnpXUVFwcmFfczBqRjAwbm9hTUloZTlvM6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRxUHVXU2h1T3phMHdNWEhNUXFZTGVGcnBRTUh1eVVmo2NpZNkgTnozN3ZFMllBdk1SUEFJc3FMVlhjZkFDbzIxNkNNWEU

Requested by

Host: qc-staging.console.regtank.com
URL: https://qc-staging.console.regtank.com/bundle.1694121983157.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd411869539069c47e7d951a36f195b6b18697dc518f1e01cc62348c6ed9339b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qc-staging.console.regtank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8035d296cf4418c9-FRA
content-language: en
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Fri, 08 Sep 2023 08:29:14 GMT
etag: W/"3c3b-9CuJt64DCVSA7yQr5is47lzZpiA"
expires: Fri, 08 Sep 2023 08:29:14 GMT
ot-baggage-auth0-request-id: 8035d296cf4418c9
ot-tracer-sampled: true
ot-tracer-spanid: 66e7b3982ed9b431
ot-tracer-traceid: 027bc61c502b5e4b
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-0000000000000000027bc61c502b5e4b-66e7b3982ed9b431-01
tracestate: auth0-request-id=8035d296cf4418c9,auth0=true
vary: Accept-Encoding
x-auth0-requestid: e7cf8b4b815824eb04a7
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 20
x-ratelimit-remaining: 19
x-ratelimit-reset: 1694161761
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8035d2948fc691d5-FRA
content-length: 424
content-type: text/html; charset=utf-8
date: Fri, 08 Sep 2023 08:29:14 GMT
location: /u/login?state=hKFo2SAwRlFQR2xHYnpXUVFwcmFfczBqRjAwbm9hTUloZTlvM6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRxUHVXU2h1T3phMHdNWEhNUXFZTGVGcnBRTUh1eVVmo2NpZNkgTnozN3ZFMllBdk1SUEFJc3FMVlhjZkFDbzIxNkNNWEU
ot-baggage-auth0-request-id: 8035d2948fc691d5
ot-tracer-sampled: true
ot-tracer-spanid: 46f864c200ba6c16
ot-tracer-traceid: 6a938a3a4d431280
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-00000000000000006a938a3a4d431280-46f864c200ba6c16-01
tracestate: auth0-request-id=8035d2948fc691d5,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: 10d8ae252397d8832ba1
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1694161755

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 444ms
91ms Image
image/gif 34.196.46.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3716559167&u=3887972709275754&v=3975397014409158&s=19419224096002&b=web&tv=4.0&z=0&h=%2F&d=qc-staging.console.regtank.com&t=Regtank%20Console&ts=1694161754331&st=1694161754335

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.46.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-46-83.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qc-staging.console.regtank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 08:29:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.78.14/css/ 251 KB
61 KB 48ms
9ms Stylesheet
text/css 2600:9000:214f:1800:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/ulp/react-components/1.78.14/css/main.cdn.min.css

Requested by

Host: login.qc-staging.console.regtank.com
URL: https://login.qc-staging.console.regtank.com/u/login?state=hKFo2SAwRlFQR2xHYnpXUVFwcmFfczBqRjAwbm9hTUloZTlvM6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFRxUHVXU2h1T3phMHdNWEhNUXFZTGVGcnBRTUh1eVVmo2NpZNkgTnozN3ZFMllBdk1SUEFJc3FMVlhjZkFDbzIxNkNNWEU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:1800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea5e4145f594c6cfe4a158ae30d7ed88687b3b0fcd2a0877c659f4a0fc457163

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:51:20 GMT
x-amz-version-id: JZwLAw0D176b6GXTXEKnHFGsFKKCp4Q4
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 70675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Mon, 21 Aug 2023 14:46:54 GMT
server: AmazonS3
etag: W/"45b8104b81b0cea2cc3a51a6d58111bf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000,public
x-robots-tag: noindex
x-amz-cf-id: UJB36b6MPjQSKZdTs2_qo4OtTx098HADgybW98aE9Do0rfYyf0AvQg==

GET
H2 200 WQtpTiA.png
i.imgur.com/ 2 KB
3 KB 32ms
7ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WQtpTiA.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c7029f513caa80eb58ece0842b17f09adf9a5f167a6e92b3df84d219f9961581

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:29:14 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 237625
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 2179
x-served-by: cache-iad-kiad7000074-IAD, cache-fra-etou8220076-FRA
last-modified: Tue, 05 Sep 2023 14:28:50 GMT
server: cat factory 1.0
x-timer: S1694161755.917770,VS0,VE1
etag: "feb3a3d73ef1a3b3111c2476fb79e951"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Aun5VC0_pKQ2TwD8nuudXvtXH3dVtmXGgCSEe8Mtd8BxBayXaA0_hg==
x-cache-hits: 0, 1

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin: https://login.qc-staging.console.regtank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.login.qc-staging.console.regtank.com/	1970-01-20 14:36:03	Name: __cf_bm Value: S3D4ZUqRi71RkqKz7ws2eMo9L29Bt0A0lJyK8xugQzQ-1694161746-0-ARTfHBCT5XaTzDPCBRYWmKMO2IkhYj140ULm9yvM0oRWYN7hdQL4LEiP8fnAb7ddRE1+4aHmB4At0BGrmlI724M=
.regtank.com/	1970-01-21 00:03:59	Name: _hp2_id.3716559167 Value: %7B%22userId%22%3A%223887972709275754%22%2C%22pageviewId%22%3A%223975397014409158%22%2C%22sessionId%22%3A%2219419224096002%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
login.qc-staging.console.regtank.com/	1970-01-20 23:21:59	Name: did Value: s%3Av0%3Acb29ddf0-4e21-11ee-b2e4-09743ebf9a6e.fl0dTEMNOtJgEnmno%2FsitM75R9FtfjO2h9ffPwVMX9M
login.qc-staging.console.regtank.com/	1970-01-20 14:40:20	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQDfiF-FlyAs4m6jtqdaaO8Z-BXBZYL5FjfNQTvcdwmDPCb7fHuyyaSYnXFyZqk7zAkFLMCXAoGW6u6ZElxV8HxamY29va2llg6dleHBpcmVz1_-CajsAZP7P2q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.qKLenamQjwGz8E0rG%2FgqlUh4XRyvFGnC6T33tmuk4VU
login.qc-staging.console.regtank.com/	1970-01-20 23:21:59	Name: did_compat Value: s%3Av0%3Acb29ddf0-4e21-11ee-b2e4-09743ebf9a6e.fl0dTEMNOtJgEnmno%2FsitM75R9FtfjO2h9ffPwVMX9M
login.qc-staging.console.regtank.com/	1970-01-20 14:40:20	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQDfiF-FlyAs4m6jtqdaaO8Z-BXBZYL5FjfNQTvcdwmDPCb7fHuyyaSYnXFyZqk7zAkFLMCXAoGW6u6ZElxV8HxamY29va2llg6dleHBpcmVz1_-CajsAZP7P2q5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.qKLenamQjwGz8E0rG%2FgqlUh4XRyvFGnC6T33tmuk4VU
.regtank.com/	1970-01-20 14:36:03	Name: _hp2_ses_props.3716559167 Value: %7B%22ts%22%3A1694161754331%2C%22d%22%3A%22qc-staging.console.regtank.com%22%2C%22h%22%3A%22%2F%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.auth0.com
cdn.heapanalytics.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
i.imgur.com
login.qc-staging.console.regtank.com
o1295082.ingest.sentry.io
qc-staging.console.regtank.com
13.213.176.9
13.32.27.116
146.75.120.193
2600:9000:214f:1800:10:474e:104a:2961
2606:4700::6813:9913
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
34.120.195.249
34.196.46.83
0c56fe794b668791cac8372a999138387b19ac7880016c91ddeecaa36e27e1ee
1b8cea4412d2ed35eef48b2ea72c4aefd798d009fc1b2c62c0ec1de83bf0bd6c
33eab25dde26007c58549b838a60032d05262f269a2feaf39f0a7a11f28885d6
a76c23bc4643b7b221621ccbd074b16a6a238e8658d9d7a2b9a073ddbd5cca0d
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
b2f8dcb4efd009dcc74cab2f97d4e038cd98e66da47182f3a528f00331d5e0ff
bd411869539069c47e7d951a36f195b6b18697dc518f1e01cc62348c6ed9339b
c7029f513caa80eb58ece0842b17f09adf9a5f167a6e92b3df84d219f9961581
ea5e4145f594c6cfe4a158ae30d7ed88687b3b0fcd2a0877c659f4a0fc457163

login.qc-staging.console.regtank.com Open in urlscan Pro 2606:4700::6813:9913 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

85 %HTTPS

44 %IPv6

7 Domains

9 Subdomains

10 IPs

3 Countries

9239 kBTransfer

9523 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

7 Cookies

Indicators

login.qc-staging.console.regtank.com Open in urlscan Pro
2606:4700::6813:9913 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

9239 kB
Transfer

9523 kB
Size

7
Cookies

13 HTTP transactions
1 data transactions