urlscan.io logo urlscan.io
SecurityTrails logo

auth.flocktory.com Open in urlscan Pro
54.76.186.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://reactivate-account-cabinet.staging.flocktory.com/
Effective URL: https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Faut...
Submission: On July 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 7 domains to perform 30 HTTP transactions. The main IP is 54.76.186.216, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is auth.flocktory.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 9th 2022. Valid for: a year.
This is the only time auth.flocktory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 52.51.153.234 16509 (AMAZON-02)
5 99.80.5.186 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.51.227.131 16509 (AMAZON-02)
1 212.193.146.114 34879 (CCT-AS NG...)
2 108.138.7.27 16509 (AMAZON-02)
2 18.66.2.12 16509 (AMAZON-02)
1 108.157.4.7 16509 (AMAZON-02)
1 1 176.34.92.96 16509 (AMAZON-02)
5 54.76.186.216 16509 (AMAZON-02)
1 2 34.117.176.229 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
30 13
3    52.51.153.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-153-234.eu-west-1.compute.amazonaws.com
reactivate-account-cabinet.staging.flocktory.com
5    99.80.5.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-5-186.eu-west-1.compute.amazonaws.com
api.flocktory.com
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.51.227.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-227-131.eu-west-1.compute.amazonaws.com
cabinet.flocktory.com
1    212.193.146.114 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
PTR: cdn.ngenix.net
assets.flocktory.com
2    108.138.7.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-27.fra56.r.cloudfront.net
static.hotjar.com
2    18.66.2.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-12.txl50.r.cloudfront.net
script.hotjar.com
1    108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net
vars.hotjar.com
1    176.34.92.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-92-96.eu-west-1.compute.amazonaws.com
auth-gateway.flocktory.com
5    54.76.186.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-186-216.eu-west-1.compute.amazonaws.com
auth.flocktory.com
2    34.117.176.229 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 229.176.117.34.bc.googleusercontent.com
wf.frontend.weborama.fr
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
17 flocktory.com
reactivate-account-cabinet.staging.flocktory.com
api.flocktory.com — Cisco Umbrella Rank: 58570
cabinet.flocktory.com Failed
assets.flocktory.com — Cisco Umbrella Rank: 122766
auth-gateway.flocktory.com
auth.flocktory.com
3 MB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 637
script.hotjar.com — Cisco Umbrella Rank: 795
vars.hotjar.com — Cisco Umbrella Rank: 874
134 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
3 KB
2 weborama.fr
wf.frontend.weborama.fr — Cisco Umbrella Rank: 29694
587 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
115 KB
1 gstatic.com
fonts.gstatic.com
13 KB
0 mail.ru Failed
top-fwz1.mail.ru — Cisco Umbrella Rank: 10803 Failed
ad.mail.ru Failed
30 7
Domain Requested by
5 auth.flocktory.com reactivate-account-cabinet.staging.flocktory.com
auth.flocktory.com
5 api.flocktory.com reactivate-account-cabinet.staging.flocktory.com
api.flocktory.com
3 fonts.googleapis.com reactivate-account-cabinet.staging.flocktory.com
auth.flocktory.com
3 reactivate-account-cabinet.staging.flocktory.com reactivate-account-cabinet.staging.flocktory.com
2 wf.frontend.weborama.fr 1 redirects api.flocktory.com
2 script.hotjar.com static.hotjar.com
2 static.hotjar.com www.googletagmanager.com
2 cabinet.flocktory.com reactivate-account-cabinet.staging.flocktory.com
2 www.googletagmanager.com reactivate-account-cabinet.staging.flocktory.com
auth.flocktory.com
1 fonts.gstatic.com fonts.googleapis.com
1 auth-gateway.flocktory.com 1 redirects
1 vars.hotjar.com static.hotjar.com
1 assets.flocktory.com reactivate-account-cabinet.staging.flocktory.com
0 ad.mail.ru Failed api.flocktory.com
0 top-fwz1.mail.ru Failed api.flocktory.com
30 15

This site contains no links.

Subject Issuer Validity Valid
reactivate-account-cabinet.staging.flocktory.com
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
*.flocktory.com
Go Daddy Secure Certificate Authority - G2		 2022-06-09 -
2023-07-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.frontend.weborama.fr
Go Daddy Secure Certificate Authority - G2		 2022-02-22 -
2023-03-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback&scope=openid+email&access_type=offline&response_type=code&state=eyJjc3JmX3Rva2VuIjogIjU5bGlCNFRub1o1NzFLVmcxYlZFLTVKSkJfeDhmVm1nIiwgImRlc3RpbmF0aW9uIjogImV5SmhiR2NpT2lKSVV6VXhNaUo5LkltaDBkSEE2THk5aGRYUm9MV2RoZEdWM1lYa3VabXh2WTJ0MGIzSjVMbU52YlM5allXSnBibVYwUDI1bGVIUTlhSFIwY0hNNkpUSkdKVEpHY21WaFkzUnBkbUYwWlMxaFkyTnZkVzUwTFdOaFltbHVaWFF1YzNSaFoybHVaeTVtYkc5amEzUnZjbmt1WTI5dEpUSkdJZy53c29FajQ0aTcwaGxHQVpMQmNkQnBTTEN1aE1TRkwxekozSTF5OER0TTJtaDd4cGR0Qi1yeFZKTDFEX2thREZIdUpYS0lzRk5XdjdKRWJZeEt1UExpdyJ9&openid.realm=https%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback
Frame ID: D12950C2BECAB9BEE82D85B09046BCB6
Requests: 24 HTTP requests in this frame

Frame: https://api.flocktory.com/v2/provider/provider.html
Frame ID: BA5772B681BDA029592E3C9DBA32C076
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: BFEACD637DD362A9FDD113A3DC88449C
Requests: 1 HTTP requests in this frame

Frame: https://top-fwz1.mail.ru/counter2?id=2951107;pid=2a57f3f8-34b4-407e-8be5a8b1b5f5166a
Frame ID: 4952C584D30935C71D90E68325315897
Requests: 1 HTTP requests in this frame

Frame: https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222a57f3f8-34b4-407e-8be5a8b1b5f5166a%22%7D&d.r=1658745599335&bounce=1&random=525127801
Frame ID: CFE0F24A9019E91CDE6F1E886AD2FC64
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/cm.gif?p=34&id=Aprl7bePwVS1
Frame ID: 444582686CBE27D464498C3EC10CE003
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to HQ

Page URL History Show full URLs

  1. https://reactivate-account-cabinet.staging.flocktory.com/ Page URL
  2. https://auth-gateway.flocktory.com/cabinet?next=https://reactivate-account-cabinet.staging.flocktory.com/ HTTP 302
    https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

30
Requests

87 %
HTTPS

23 %
IPv6

7
Domains

15
Subdomains

13
IPs

4
Countries

3364 kB
Transfer

11537 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reactivate-account-cabinet.staging.flocktory.com/ Page URL
  2. https://auth-gateway.flocktory.com/cabinet?next=https://reactivate-account-cabinet.staging.flocktory.com/ HTTP 302
    https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback&scope=openid+email&access_type=offline&response_type=code&state=eyJjc3JmX3Rva2VuIjogIjU5bGlCNFRub1o1NzFLVmcxYlZFLTVKSkJfeDhmVm1nIiwgImRlc3RpbmF0aW9uIjogImV5SmhiR2NpT2lKSVV6VXhNaUo5LkltaDBkSEE2THk5aGRYUm9MV2RoZEdWM1lYa3VabXh2WTJ0MGIzSjVMbU52YlM5allXSnBibVYwUDI1bGVIUTlhSFIwY0hNNkpUSkdKVEpHY21WaFkzUnBkbUYwWlMxaFkyTnZkVzUwTFdOaFltbHVaWFF1YzNSaFoybHVaeTVtYkc5amEzUnZjbmt1WTI5dEpUSkdJZy53c29FajQ0aTcwaGxHQVpMQmNkQnBTTEN1aE1TRkwxekozSTF5OER0TTJtaDd4cGR0Qi1yeFZKTDFEX2thREZIdUpYS0lzRk5XdjdKRWJZeEt1UExpdyJ9&openid.realm=https%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://cabinet.flocktory.com/assets/px.gif HTTP 301
  • https://assets.flocktory.com/assets/px.gif
Request Chain 17
  • https://top-fwz1.mail.ru/counter?id=2951107;pid=2a57f3f8-34b4-407e-8be5a8b1b5f5166a HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=2951107;pid=2a57f3f8-34b4-407e-8be5a8b1b5f5166a
Request Chain 18
  • https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222a57f3f8-34b4-407e-8be5a8b1b5f5166a%22%7D&d.r=1658745599335 HTTP 302
  • https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222a57f3f8-34b4-407e-8be5a8b1b5f5166a%22%7D&d.r=1658745599335&bounce=1&random=525127801
Request Chain 19
  • https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=2a57f3f8-34b4-407e-8be5a8b1b5f5166a HTTP 302
  • https://ad.mail.ru/cm.gif?p=34&id=Aprl7bePwVS1

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
reactivate-account-cabinet.staging.flocktory.com/ 		1 KB
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reactivate-account-cabinet.staging.flocktory.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.153.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-153-234.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.6 /
Resource Hash
8c2e3783641be477bf4707b32ebdcd9618a43e06c8e232d7a53d673146f09915

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
754
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 10:39:57 GMT
etag
W/"62de727d-485"
last-modified
Mon, 25 Jul 2022 10:37:49 GMT
server
nginx/1.19.6
vary
Accept-Encoding
app.66c024eef76e2cbfc7a8.css
reactivate-account-cabinet.staging.flocktory.com/sites/ 		3 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reactivate-account-cabinet.staging.flocktory.com/sites/app.66c024eef76e2cbfc7a8.css
Requested by
Host: reactivate-account-cabinet.staging.flocktory.com
URL: https://reactivate-account-cabinet.staging.flocktory.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.153.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-153-234.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.6 /
Resource Hash
4632be976cc218162d98439e15521d238028558ef91c933f4f48378bb9888aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 10:39:58 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 10:37:49 GMT
server
nginx/1.19.6
etag
W/"62de727d-3564d2"
vary
Accept-Encoding
content-type
text/css
loader.js
api.flocktory.com/v2/ 		264 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/v2/loader.js?site_id=3293
Requested by
Host: reactivate-account-cabinet.staging.flocktory.com
URL: https://reactivate-account-cabinet.staging.flocktory.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.5.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-5-186.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
7b3a3edb5889e3af73331f3f651037e22cfab66485ba5879062ab4135c05fe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 10:39:58 GMT
Content-Encoding
br
Last-Modified
Wed, 20 Jul 2022 09:57:06 GMT
Server
openresty
x-amz-meta-s3cmd-attrs
atime:1658310994/ctime:1658310994/gid:0/gname:root/md5:ee8240eafc36e8d4057207fb0b99c36a/mode:33188/mtime:1658310994/uid:0/uname:root
x-amz-request-id
TSC98A3XVCXENKZQ
ETag
W/"ee8240eafc36e8d4057207fb0b99c36a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
79393
x-amz-id-2
14fBhIfTh6VPMdHP8Pi6mYhFqhBuz5URfeFwuhyON/PEh9D3IQf2b4emdcUn2TAM1BaPAb1AKYI=
app.66c024eef76e2cbfc7a8.js
reactivate-account-cabinet.staging.flocktory.com/sites/ 		7 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://reactivate-account-cabinet.staging.flocktory.com/sites/app.66c024eef76e2cbfc7a8.js
Requested by
Host: reactivate-account-cabinet.staging.flocktory.com
URL: https://reactivate-account-cabinet.staging.flocktory.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.153.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-153-234.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.6 /
Resource Hash
eff8ccd0184c4faff7b98fae56104d77ff9d1f4e69ed137c214b3600112ba9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 10:39:58 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 10:37:49 GMT
server
nginx/1.19.6
etag
"62de727d-6b336d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600&display=swap&subset=cyrillic,cyrillic-ext
Requested by
Host: reactivate-account-cabinet.staging.flocktory.com
URL: https://reactivate-account-cabinet.staging.flocktory.com/sites/app.66c024eef76e2cbfc7a8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fdeb216658b19daba06be26650f3a39cbaf5df38a8b9374192a374f819a1892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 10:39:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 10:39:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 10:39:58 GMT
gtm.js
www.googletagmanager.com/ 		158 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSGG9T4
Requested by
Host: reactivate-account-cabinet.staging.flocktory.com
URL: https://reactivate-account-cabinet.staging.flocktory.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 10:39:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58540
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Jul 2022 10:39:58 GMT
provider.html
api.flocktory.com/v2/provider/ Frame BA57 		176 B
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/v2/provider/provider.html
Requested by
Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=3293
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.5.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-5-186.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://reactivate-account-cabinet.staging.flocktory.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000 max-age=604800 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
176
Content-Type
text/html
Date
Mon, 25 Jul 2022 10:39:58 GMT
ETag
"fa0d23dc4ae114b646672c80aabc3406"
Expires
Sat, 21 Jan 2023 10:39:58 GMT
Last-Modified
Tue, 29 Mar 2022 08:40:38 GMT
Pragma
public
Server
openresty
x-amz-id-2
orYaNWOQX5msI8zKPJCUZB7hIlxg1eKJCs86bpWCJJCrHoKGZxGVGEjsbF732Vqqd/pVzBPoUTg=
x-amz-meta-s3cmd-attrs
atime:1648543146/ctime:1648543236/gid:0/gname:root/md5:fa0d23dc4ae114b646672c80aabc3406/mode:33188/mtime:1648543146/uid:0/uname:root
x-amz-request-id
5NVXQD2TAPSD0X2C
/
cabinet.flocktory.com/behemoth/bootstrap// 		0
0
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,300,600,700&subset=latin,cyrillic
Requested by
Host: reactivate-account-cabinet.staging.flocktory.com
URL: https://reactivate-account-cabinet.staging.flocktory.com/sites/app.66c024eef76e2cbfc7a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 10:39:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 10:39:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 10:39:58 GMT
px.gif
assets.flocktory.com/assets/
Redirect Chain
  • https://cabinet.flocktory.com/assets/px.gif
  • https://assets.flocktory.com/assets/px.gif
43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.flocktory.com/assets/px.gif
Requested by
Host: reactivate-account-cabinet.staging.flocktory.com
URL: https://reactivate-account-cabinet.staging.flocktory.com/
Protocol
H2
Server
212.193.146.114 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 10:39:59 GMT
last-modified
Thu, 05 May 2022 16:32:34 GMT
server
nginx
etag
"325472601571f31e1bf00674c368d335"
x-ngenix-cache
HIT
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
content-length
43
expires
Sat, 21 Jan 2023 10:39:59 GMT

Redirect headers

Date
Mon, 25 Jul 2022 10:39:59 GMT
x-envoy-decorator-operation
app-cabinet.production.svc.cluster.local:80/*
x-content-type-options
nosniff
Server
openresty
x-frame-options
SAMEORIGIN
Content-Type
text/html
location
https://assets.flocktory.com/assets/px.gif
Connection
keep-alive
x-envoy-upstream-service-time
0
Strict-Transport-Security
max-age=0;
Content-Length
162
x-xss-protection
1; mode=block
/
cabinet.flocktory.com/behemoth/bootstrap// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cabinet.flocktory.com/behemoth/bootstrap//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.227.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-227-131.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://reactivate-account-cabinet.staging.flocktory.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
Access-Control-Allow-Methods
GET, POST, PUT, OPTIONS
Access-Control-Allow-Origin
https://reactivate-account-cabinet.staging.flocktory.com
Connection
keep-alive
Content-Length
0
Content-Type
text/plain charset=UTF-8
Date
Mon, 25 Jul 2022 10:39:59 GMT
Server
openresty
X-Frame-Options
ALLOWALL
provider.min.js
api.flocktory.com/v2/provider/ Frame BA57 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/v2/provider/provider.min.js
Requested by
Host: api.flocktory.com
URL: https://api.flocktory.com/v2/provider/provider.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.5.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-5-186.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.flocktory.com/v2/provider/provider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 10:39:59 GMT
Content-Encoding
br
x-amz-request-id
0HMPKK7TWSFENT4S
Connection
keep-alive
Content-Length
13882
x-amz-id-2
20wObhrim6YuRXD6WCM0U95ISWHJVXkwHzEoxCsLzUqf9SRGX2xpiETQStGwYy86lQuylGp/rDA=
Pragma
public
Last-Modified
Tue, 29 Mar 2022 08:40:38 GMT
Server
openresty
x-amz-meta-s3cmd-attrs
atime:1648543146/ctime:1648543236/gid:0/gname:root/md5:736443f817d49a8b83ea3a1ecc908bec/mode:33188/mtime:1648543146/uid:0/uname:root
ETag
W/"736443f817d49a8b83ea3a1ecc908bec"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000, max-age=604800, public, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Expires
Sat, 21 Jan 2023 10:39:59 GMT
hotjar-1475129.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1475129.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSGG9T4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-27.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 10:39:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
52
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-origin
*
x-cache-hit
1
etag
W/39563dcea52eb7c6acbf66b48e29b3c4
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
MM9FQSKrH8aikFQH5sNFYUXdKQk2GQg4yTp7D6RlIxivajRqgyZFUg==
modules.6a5da0d590df764ca613.js
script.hotjar.com/ 		247 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6a5da0d590df764ca613.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1475129.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-12.txl50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 09:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
349253
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64657
access-control-allow-origin
*
last-modified
Thu, 21 Jul 2022 09:39:03 GMT
etag
"2bddb6ee72f2a47166ed0f5f35ee713b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b4da6d96c003c62f2930bf5be4b14730.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
TpkJnylfnpWHeUx45HgpEgASwqHVhqDQeTnS9BEzNEyxz5jHQS2bEA==
box-0004cb77850b00d4aa7e1e08ff61e8f0.html
vars.hotjar.com/ Frame BFEA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1475129.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-7.dus51.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://reactivate-account-cabinet.staging.flocktory.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
851272
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 14:12:07 GMT
etag
"d2caf2e569940c65a88268a169f3facf"
last-modified
Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
x-amz-cf-id
N81SGw2JWur5FOBlcTiABxnphs0XJsRbTCADIbsdsKBQ_k2zyIWwWw==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
setup-api.js
api.flocktory.com/u_shaman/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.flocktory.com/u_shaman/setup-api.js?body=%7B%22siteId%22%3A%223293%22%2C%22utm%22%3A%7B%22source%22%3A%22%22%2C%22medium%22%3A%22%22%2C%22campaign%22%3A%22%22%2C%22term%22%3A%22%22%2C%22content%22%3A%22%22%7D%2C%22site-session-id%22%3A%22aba88c22-3784-43c4-b75e-d3e072f8f2af-0%22%7D&callback=flock_jsonp_1
Requested by
Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=3293
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.5.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-5-186.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 10:39:59 GMT
Content-Encoding
br
x-envoy-decorator-operation
shaman-public-api.production.svc.cluster.local:80/*
Server
openresty
Vary
Accept-Encoding
Strict-Transport-Security
max-age=604800;
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
21
Connection
keep-alive
Content-Length
891
Primary Request auth
auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/
Redirect Chain
  • https://auth-gateway.flocktory.com/cabinet?next=https://reactivate-account-cabinet.staging.flocktory.com/
  • https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback&scope=openid+email&access_type=off...
4 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback&scope=openid+email&access_type=offline&response_type=code&state=eyJjc3JmX3Rva2VuIjogIjU5bGlCNFRub1o1NzFLVmcxYlZFLTVKSkJfeDhmVm1nIiwgImRlc3RpbmF0aW9uIjogImV5SmhiR2NpT2lKSVV6VXhNaUo5LkltaDBkSEE2THk5aGRYUm9MV2RoZEdWM1lYa3VabXh2WTJ0MGIzSjVMbU52YlM5allXSnBibVYwUDI1bGVIUTlhSFIwY0hNNkpUSkdKVEpHY21WaFkzUnBkbUYwWlMxaFkyTnZkVzUwTFdOaFltbHVaWFF1YzNSaFoybHVaeTVtYkc5amEzUnZjbmt1WTI5dEpUSkdJZy53c29FajQ0aTcwaGxHQVpMQmNkQnBTTEN1aE1TRkwxekozSTF5OER0TTJtaDd4cGR0Qi1yeFZKTDFEX2thREZIdUpYS0lzRk5XdjdKRWJZeEt1UExpdyJ9&openid.realm=https%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback
Requested by
Host: reactivate-account-cabinet.staging.flocktory.com
URL: https://reactivate-account-cabinet.staging.flocktory.com/sites/app.66c024eef76e2cbfc7a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.186.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-186-216.eu-west-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
df0553a40e71181d07ef60471acf162e634ec5d83c88fac99c29df982f0c9b5a
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reactivate-account-cabinet.staging.flocktory.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
PUT, GET, PATCH, DELETE, POST, OPTIONS
Cache-Control
no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Language
en
Content-Length
4230
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Mon, 25 Jul 2022 10:39:59 GMT
Referrer-Policy
no-referrer
Server
nginx/1.21.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN ALLOWALL
X-Robots-Tag
none
X-XSS-Protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
PUT, GET, PATCH, DELETE, POST, OPTIONS
content-length
1721
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 10:39:59 GMT
location
https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback&scope=openid+email&access_type=offline&response_type=code&state=eyJjc3JmX3Rva2VuIjogIjU5bGlCNFRub1o1NzFLVmcxYlZFLTVKSkJfeDhmVm1nIiwgImRlc3RpbmF0aW9uIjogImV5SmhiR2NpT2lKSVV6VXhNaUo5LkltaDBkSEE2THk5aGRYUm9MV2RoZEdWM1lYa3VabXh2WTJ0MGIzSjVMbU52YlM5allXSnBibVYwUDI1bGVIUTlhSFIwY0hNNkpUSkdKVEpHY21WaFkzUnBkbUYwWlMxaFkyTnZkVzUwTFdOaFltbHVaWFF1YzNSaFoybHVaeTVtYkc5amEzUnZjbmt1WTI5dEpUSkdJZy53c29FajQ0aTcwaGxHQVpMQmNkQnBTTEN1aE1TRkwxekozSTF5OER0TTJtaDd4cGR0Qi1yeFZKTDFEX2thREZIdUpYS0lzRk5XdjdKRWJZeEt1UExpdyJ9&openid.realm=https%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback
server
nginx/1.15.6
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Cookie
x-envoy-decorator-operation
auth-gateway.production.svc.cluster.local:80/*
x-envoy-upstream-service-time
2
ultimate.js
api.flocktory.com/underworld/tracks/ 		33 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.flocktory.com/underworld/tracks/ultimate.js?body=%7B%22data%22%3A%7B%22action%22%3A%22session.page_visit%22%2C%22payload%22%3A%7B%22resolution%22%3A%221600x1200%22%2C%22ga%22%3A%7B%22utmcsr%22%3A%22%22%2C%22utmccn%22%3A%22%22%2C%22utmcmd%22%3A%22%22%2C%22h_utmcsr%22%3A%22%22%2C%22h_utmccn%22%3A%22%22%2C%22h_utmcmd%22%3A%22%22%7D%2C%22url%22%3A%22https%3A%2F%2Freactivate-account-cabinet.staging.flocktory.com%2F%22%7D%2C%22links%22%3A%7B%22site%22%3A3293%7D%7D%2C%22site-session-id%22%3A%22aba88c22-3784-43c4-b75e-d3e072f8f2af-0%22%7D&callback=flock_jsonp_9999
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.5.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-5-186.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reactivate-account-cabinet.staging.flocktory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 10:39:59 GMT
Content-Encoding
br
x-envoy-decorator-operation
tracks-general.production.svc.cluster.local:80/*
Server
openresty
Vary
Accept-Encoding
Strict-Transport-Security
max-age=604800;
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
37
counter2
top-fwz1.mail.ru/ Frame 4952
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=2951107;pid=2a57f3f8-34b4-407e-8be5a8b1b5f5166a
  • https://top-fwz1.mail.ru/counter2?id=2951107;pid=2a57f3f8-34b4-407e-8be5a8b1b5f5166a
0
0
/
wf.frontend.weborama.fr/streampixel/ Frame CFE0
Redirect Chain
  • https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222a57f3f8-34b4-407e-8be5a8b1b5f5166a%22%7D&d.r=1658745599335
  • https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222a57f3f8-34b4-407e-8be5a8b1b5f5166a%22%7D&d.r=1658745599335&bounce=1&random=525127801
67 B
87 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222a57f3f8-34b4-407e-8be5a8b1b5f5166a%22%7D&d.r=1658745599335&bounce=1&random=525127801
Requested by
Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=3293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.176.229 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
229.176.117.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length
67
content-type
image/gif
date
Mon, 25 Jul 2022 10:39:58 GMT
expires
Tue, 03 Jul 2001 06:00:00 GMT
last-modified
Mon, 25 Jul 2022 10:39:59 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma
no-cache
server
Weborama Collect Frontend
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length
0
date
Mon, 25 Jul 2022 10:39:58 GMT
expires
Tue, 03 Jul 2001 06:00:00 GMT
last-modified
Mon, 25 Jul 2022 10:39:59 GMT
location
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222a57f3f8-34b4-407e-8be5a8b1b5f5166a%22%7D&d.r=1658745599335&bounce=1&random=525127801
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma
no-cache
server
Weborama Collect Frontend
via
1.1 google
cm.gif
ad.mail.ru/ Frame 4445
Redirect Chain
  • https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=2a57f3f8-34b4-407e-8be5a8b1b5f5166a
  • https://ad.mail.ru/cm.gif?p=34&id=Aprl7bePwVS1
0
0
styles.css
auth.flocktory.com/auth/resources/hjsy0/login/flocktory/css/ 		8 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.flocktory.com/auth/resources/hjsy0/login/flocktory/css/styles.css
Requested by
Host: auth.flocktory.com
URL: https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback&scope=openid+email&access_type=offline&response_type=code&state=eyJjc3JmX3Rva2VuIjogIjU5bGlCNFRub1o1NzFLVmcxYlZFLTVKSkJfeDhmVm1nIiwgImRlc3RpbmF0aW9uIjogImV5SmhiR2NpT2lKSVV6VXhNaUo5LkltaDBkSEE2THk5aGRYUm9MV2RoZEdWM1lYa3VabXh2WTJ0MGIzSjVMbU52YlM5allXSnBibVYwUDI1bGVIUTlhSFIwY0hNNkpUSkdKVEpHY21WaFkzUnBkbUYwWlMxaFkyTnZkVzUwTFdOaFltbHVaWFF1YzNSaFoybHVaeTVtYkc5amEzUnZjbmt1WTI5dEpUSkdJZy53c29FajQ0aTcwaGxHQVpMQmNkQnBTTEN1aE1TRkwxekozSTF5OER0TTJtaDd4cGR0Qi1yeFZKTDFEX2thREZIdUpYS0lzRk5XdjdKRWJZeEt1UExpdyJ9&openid.realm=https%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.186.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-186-216.eu-west-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
a6ac2b5a996352416aef78a0968abf39ec686f3097d38782f676c3fcc666606e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 10:39:59 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
nginx/1.21.0
Connection
keep-alive
X-Frame-Options
ALLOWALL
Access-Control-Allow-Methods
PUT, GET, PATCH, DELETE, POST, OPTIONS
Content-Type
text/css;charset=UTF-8
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
3485
X-Content-Type-Options
nosniff
imask.js
auth.flocktory.com/auth/resources/hjsy0/login/flocktory/js/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.flocktory.com/auth/resources/hjsy0/login/flocktory/js/imask.js
Requested by
Host: auth.flocktory.com
URL: https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback&scope=openid+email&access_type=offline&response_type=code&state=eyJjc3JmX3Rva2VuIjogIjU5bGlCNFRub1o1NzFLVmcxYlZFLTVKSkJfeDhmVm1nIiwgImRlc3RpbmF0aW9uIjogImV5SmhiR2NpT2lKSVV6VXhNaUo5LkltaDBkSEE2THk5aGRYUm9MV2RoZEdWM1lYa3VabXh2WTJ0MGIzSjVMbU52YlM5allXSnBibVYwUDI1bGVIUTlhSFIwY0hNNkpUSkdKVEpHY21WaFkzUnBkbUYwWlMxaFkyTnZkVzUwTFdOaFltbHVaWFF1YzNSaFoybHVaeTVtYkc5amEzUnZjbmt1WTI5dEpUSkdJZy53c29FajQ0aTcwaGxHQVpMQmNkQnBTTEN1aE1TRkwxekozSTF5OER0TTJtaDd4cGR0Qi1yeFZKTDFEX2thREZIdUpYS0lzRk5XdjdKRWJZeEt1UExpdyJ9&openid.realm=https%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.186.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-186-216.eu-west-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
26a33d7669a55ceb05ec640ace4ff1b3b3c977e068d396871288dff84720e677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 10:39:59 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
nginx/1.21.0
Connection
keep-alive
X-Frame-Options
ALLOWALL
Access-Control-Allow-Methods
PUT, GET, PATCH, DELETE, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
X-Content-Type-Options
nosniff
script.js
auth.flocktory.com/auth/resources/hjsy0/login/flocktory/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.flocktory.com/auth/resources/hjsy0/login/flocktory/js/script.js
Requested by
Host: auth.flocktory.com
URL: https://auth.flocktory.com/auth/realms/HQ/protocol/openid-connect/auth?client_id=auth-gateway&redirect_uri=http%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback&scope=openid+email&access_type=offline&response_type=code&state=eyJjc3JmX3Rva2VuIjogIjU5bGlCNFRub1o1NzFLVmcxYlZFLTVKSkJfeDhmVm1nIiwgImRlc3RpbmF0aW9uIjogImV5SmhiR2NpT2lKSVV6VXhNaUo5LkltaDBkSEE2THk5aGRYUm9MV2RoZEdWM1lYa3VabXh2WTJ0MGIzSjVMbU52YlM5allXSnBibVYwUDI1bGVIUTlhSFIwY0hNNkpUSkdKVEpHY21WaFkzUnBkbUYwWlMxaFkyTnZkVzUwTFdOaFltbHVaWFF1YzNSaFoybHVaeTVtYkc5amEzUnZjbmt1WTI5dEpUSkdJZy53c29FajQ0aTcwaGxHQVpMQmNkQnBTTEN1aE1TRkwxekozSTF5OER0TTJtaDd4cGR0Qi1yeFZKTDFEX2thREZIdUpYS0lzRk5XdjdKRWJZeEt1UExpdyJ9&openid.realm=https%3A%2F%2Fauth-gateway.flocktory.com%2Foidc_callback
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.186.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-186-216.eu-west-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
c89f7f66de783482808f27f5a1f11da152df8b7ad97887e79c08470ac443aa5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 10:39:59 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
nginx/1.21.0
Connection
keep-alive
X-Frame-Options
ALLOWALL
Access-Control-Allow-Methods
PUT, GET, PATCH, DELETE, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
892
X-Content-Type-Options
nosniff
css2
fonts.googleapis.com/ 		2 KB
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat&display=swap
Requested by
Host: auth.flocktory.com
URL: https://auth.flocktory.com/auth/resources/hjsy0/login/flocktory/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73c3d8c3e9a8def4e24d51f455de5362ad7553e2f3e36d25ba54fb960d588817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 08:43:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 10:39:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 10:39:59 GMT
new-logo.png
auth.flocktory.com/auth/resources/hjsy0/login/flocktory/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.flocktory.com/auth/resources/hjsy0/login/flocktory/img/new-logo.png
Requested by
Host: auth.flocktory.com
URL: https://auth.flocktory.com/auth/resources/hjsy0/login/flocktory/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.186.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-186-216.eu-west-1.compute.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
981be47acbf5a921c60b3da412c3c4c125a530dfba4f4ae1ffa3b18c52ca6145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 10:39:59 GMT
Referrer-Policy
no-referrer
Server
nginx/1.21.0
Connection
keep-alive
X-Frame-Options
ALLOWALL
Access-Control-Allow-Methods
PUT, GET, PATCH, DELETE, POST, OPTIONS
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
13282
X-Content-Type-Options
nosniff
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.flocktory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 03:53:06 GMT
x-content-type-options
nosniff
age
370013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jul 2023 03:53:06 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfddd57311315cce29d10a1c38acac18a00177653f05a0e64b2bd85c6fcb68af

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
gtm.js
www.googletagmanager.com/ 		158 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSGG9T4
Requested by
Host: auth.flocktory.com
URL: https://auth.flocktory.com/auth/resources/hjsy0/login/flocktory/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca58600850c7b4b4d64ed16c7b1f047a1e0e695602d819bb6f3bc53ac3094684
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 10:39:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58538
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Jul 2022 10:39:59 GMT
hotjar-1475129.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1475129.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSGG9T4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-27.fra56.r.cloudfront.net
Software
/
Resource Hash
591dd58b0475488d187d9711fe77a42da066b073c4af178ff7f881a2c55ddc24
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 10:39:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
52
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-origin
*
x-cache-hit
1
etag
W/39563dcea52eb7c6acbf66b48e29b3c4
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
WorgGe__bdFz6Ycec8WOUdmv-9XbGauFkjq_-RT84u9osVUIXm-ObA==
modules.6a5da0d590df764ca613.js
script.hotjar.com/ 		247 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6a5da0d590df764ca613.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1475129.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-12.txl50.r.cloudfront.net
Software
/
Resource Hash
eea54a25d415f4abf48a1e89d7a6d9211b65986bb081de9ad324dcbb103db9b8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 09:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
349254
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64657
access-control-allow-origin
*
last-modified
Thu, 21 Jul 2022 09:39:03 GMT
etag
"2bddb6ee72f2a47166ed0f5f35ee713b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b4da6d96c003c62f2930bf5be4b14730.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
NjMsPv2F8oIdVjwKqvHwJn3zI5eakXu303Izn35KErp1i5Z1d4EBuQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cabinet.flocktory.com
URL
https://cabinet.flocktory.com/behemoth/bootstrap//
Domain
top-fwz1.mail.ru
URL
https://top-fwz1.mail.ru/counter2?id=2951107;pid=2a57f3f8-34b4-407e-8be5a8b1b5f5166a
Domain
ad.mail.ru
URL
https://ad.mail.ru/cm.gif?p=34&id=Aprl7bePwVS1

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| IMask object| dataLayer object| google_tag_manager function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

15 Cookies

Domain/Path Name / Value
auth.flocktory.com/auth/realms/HQ/ Name: AUTH_SESSION_ID
Value: 2d9b7fc3-b896-405c-8801-89480b310e4d.keycloak-1
auth.flocktory.com/auth/realms/HQ/ Name: AUTH_SESSION_ID_LEGACY
Value: 2d9b7fc3-b896-405c-8801-89480b310e4d.keycloak-1
auth.flocktory.com/auth/realms/HQ/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3YzE5N2EzZC01ODU3LTQwMTgtODZmNi00Yzc4MzAxNDBjMWIifQ.eyJjaWQiOiJhdXRoLWdhdGV3YXkiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwOi8vYXV0aC1nYXRld2F5LmZsb2NrdG9yeS5jb20vb2lkY19jYWxsYmFjayIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7ImNsaWVudF9yZXF1ZXN0X3BhcmFtX2FjY2Vzc190eXBlIjoib2ZmbGluZSIsInNjb3BlIjoib3BlbmlkIGVtYWlsIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmZsb2NrdG9yeS5jb20vYXV0aC9yZWFsbXMvSFEiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHA6Ly9hdXRoLWdhdGV3YXkuZmxvY2t0b3J5LmNvbS9vaWRjX2NhbGxiYWNrIiwic3RhdGUiOiJleUpqYzNKbVgzUnZhMlZ1SWpvZ0lqVTViR2xDTkZSdWIxbzFOekZMVm1jeFlsWkZMVFZLU2tKZmVEaG1WbTFuSWl3Z0ltUmxjM1JwYm1GMGFXOXVJam9nSW1WNVNtaGlSMk5wVDJsS1NWVjZWWGhOYVVvNUxrbHRhREJrU0VFMlRIazVhR1JZVW05TVYyUm9aRWRXTTFsWWEzVmFiWGgyV1RKME1HSXpTalZNYlU1MllsTTVhbGxYU25CaWJWWXdVREkxYkdWSVVUbGhTRkl3WTBoTk5rcFVTa2RLVkVwSFkyMVdhRmt6VW5Ca2JVWXdXbE14YUZreVRuWmtWelV3VEZkT2FGbHRiSFZhV0ZGMVl6TlNhRm95YkhWYWVUVnRZa2M1YW1FelVuWmpibXQxV1RJNWRFcFVTa2RKWnk1M2MyOUZhalEwYVRjd2FHeEhRVnBNUW1Oa1FuQlRURU4xYUUxVFJrd3hla296U1RGNU9FUjBUVEp0YURkNGNHUjBRaTF5ZUZaS1RERkVYMnRoUkVaSWRVcFlTMGx6Ums1WGRqZEtSV0paZUV0MVVFeHBkeUo5IiwiY2xpZW50X3JlcXVlc3RfcGFyYW1fb3BlbmlkLnJlYWxtIjoiaHR0cHM6Ly9hdXRoLWdhdGV3YXkuZmxvY2t0b3J5LmNvbS9vaWRjX2NhbGxiYWNrIn19.Sp2FyGmUJpOBvUdNUkzYjSlsw-mbZu7BAwsBOc_-0n8
.flocktory.com/ Name: __flocktory-web_session2
Value: 2a57f3f8-34b4-407e-8be5a8b1b5f5166a
reactivate-account-cabinet.staging.flocktory.com/ Name: flocktory-uuid
Value: aba88c22-3784-43c4-b75e-d3e072f8f2af-0
.flocktory.com/ Name: _hjSessionUser_1475129
Value: eyJpZCI6IjNlZjg1ZDM3LTlhODMtNWFlYi1hZTkyLWM4ZDRiMzcyYmNhYyIsImNyZWF0ZWQiOjE2NTg3NDU1OTkzMDgsImV4aXN0aW5nIjpmYWxzZX0=
.flocktory.com/ Name: _hjFirstSeen
Value: 1
reactivate-account-cabinet.staging.flocktory.com/ Name: _hjIncludedInSessionSample
Value: 0
.flocktory.com/ Name: _hjSession_1475129
Value: eyJpZCI6Ijk1ZWQwYTc3LTUyMzMtNDg4ZC1hNTI2LWQwNzcwMTcyOGUwZiIsImNyZWF0ZWQiOjE2NTg3NDU1OTkzMjUsImluU2FtcGxlIjpmYWxzZX0=
.flocktory.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
auth-gateway.flocktory.com/ Name: session
Value: eyJvaWRjX2NzcmZfdG9rZW4iOiI1OWxpQjRUbm9aNTcxS1ZnMWJWRS01SkpCX3g4ZlZtZyJ9.Yt5y_w.s4FPyuppcqDMRGWfCbJrSBnAxx0
.weborama.fr/ Name: AFFICHE_W
Value: AM4zsaMktnMA21
.rutarget.ru/ Name: userId
Value: Aprl7bePwVS1
.rutarget.ru/ Name: sync_71c015090a068e09460994346a52bdbb
Value: Aprl7bePwVS1|1658745599528
.mail.ru/ Name: FTID
Value: 3PSjeL0dlZYB:1658745599:2951107:::

4 Console Messages

Source Level URL
Text
javascript error URL: https://reactivate-account-cabinet.staging.flocktory.com/
Message:
Access to fetch at 'https://cabinet.flocktory.com/behemoth/bootstrap//' from origin 'https://reactivate-account-cabinet.staging.flocktory.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://cabinet.flocktory.com/behemoth/bootstrap//
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://static.hotjar.com/
Message:
Refused to frame 'https://vars.hotjar.com/' because it violates the following Content Security Policy directive: "frame-src 'self'".
security error URL: https://script.hotjar.com/modules.6a5da0d590df764ca613.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://vars.hotjar.com') does not match the recipient window's origin ('null').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
api.flocktory.com
assets.flocktory.com
auth-gateway.flocktory.com
auth.flocktory.com
cabinet.flocktory.com
fonts.googleapis.com
fonts.gstatic.com
reactivate-account-cabinet.staging.flocktory.com
script.hotjar.com
static.hotjar.com
top-fwz1.mail.ru
vars.hotjar.com
wf.frontend.weborama.fr
www.googletagmanager.com
ad.mail.ru
cabinet.flocktory.com
top-fwz1.mail.ru
108.138.7.27
108.157.4.7
176.34.92.96
18.66.2.12
212.193.146.114
2a00:1450:4001:810::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
34.117.176.229
52.51.153.234
52.51.227.131
54.76.186.216
99.80.5.186
26a33d7669a55ceb05ec640ace4ff1b3b3c977e068d396871288dff84720e677
4632be976cc218162d98439e15521d238028558ef91c933f4f48378bb9888aa3
591dd58b0475488d187d9711fe77a42da066b073c4af178ff7f881a2c55ddc24
73c3d8c3e9a8def4e24d51f455de5362ad7553e2f3e36d25ba54fb960d588817
7b3a3edb5889e3af73331f3f651037e22cfab66485ba5879062ab4135c05fe73
8c2e3783641be477bf4707b32ebdcd9618a43e06c8e232d7a53d673146f09915
981be47acbf5a921c60b3da412c3c4c125a530dfba4f4ae1ffa3b18c52ca6145
9fdeb216658b19daba06be26650f3a39cbaf5df38a8b9374192a374f819a1892
a6ac2b5a996352416aef78a0968abf39ec686f3097d38782f676c3fcc666606e
c89f7f66de783482808f27f5a1f11da152df8b7ad97887e79c08470ac443aa5f
ca58600850c7b4b4d64ed16c7b1f047a1e0e695602d819bb6f3bc53ac3094684
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
df0553a40e71181d07ef60471acf162e634ec5d83c88fac99c29df982f0c9b5a
dfddd57311315cce29d10a1c38acac18a00177653f05a0e64b2bd85c6fcb68af
eea54a25d415f4abf48a1e89d7a6d9211b65986bb081de9ad324dcbb103db9b8
eff8ccd0184c4faff7b98fae56104d77ff9d1f4e69ed137c214b3600112ba9c6