urlscan.io logo urlscan.io
SecurityTrails logo

auth.bloomtech-staging.com Open in urlscan Pro
2606:4700:3033::ac43:a930  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.bloomtech-staging.com/
Effective URL: https://auth.bloomtech-staging.com/sign-in
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3033::ac43:a930, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.bloomtech-staging.com.
TLS certificate: Issued by E1 on May 16th 2024. Valid for: 3 months.
This is the only time auth.bloomtech-staging.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2606:4700:303... 13335 (CLOUDFLAR...)
2 99.86.8.175 16509 (AMAZON-02)
3 35.81.90.104 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a03:2880:f17... 32934 (FACEBOOK)
20 7
11    2606:4700:3033::ac43:a930 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.bloomtech-staging.com
2    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
3    35.81.90.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-90-104.us-west-2.compute.amazonaws.com
api.segment.io
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 bloomtech-staging.com
auth.bloomtech-staging.com
84 KB
3 segment.io
api.segment.io — Cisco Umbrella Rank: 1147
541 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
72 KB
2 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1589
108 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
273 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
92 KB
20 6
Domain Requested by
11 auth.bloomtech-staging.com 1 redirects auth.bloomtech-staging.com
3 api.segment.io cdn.segment.com
2 connect.facebook.net cdn.segment.com
connect.facebook.net
2 cdn.segment.com auth.bloomtech-staging.com
cdn.segment.com
1 www.facebook.com
1 www.googletagmanager.com cdn.segment.com
20 6

This site contains no links.

Subject Issuer Validity Valid
bloomtech-staging.com
E1		 2024-05-16 -
2024-08-14		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-21 -
2024-07-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.bloomtech-staging.com/sign-in
Frame ID: 533C906308FDF845D755CB2DC47B4B0A
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In | BloomTech

Page URL History Show full URLs

  1. https://auth.bloomtech-staging.com/ HTTP 302
    https://auth.bloomtech-staging.com/sign-in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

20
Requests

95 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

356 kB
Transfer

1366 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.bloomtech-staging.com/ HTTP 302
    https://auth.bloomtech-staging.com/sign-in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=773349016679285&ev=PageView&dl=https%3A%2F%2Fauth.bloomtech-staging.com%2Fsign-in%3F&rl=&if=false&ts=1720835981495&sw=1600&sh=1200&ud[external_id]=1ef601fd78b7dbc18c80843019f2c4eb55b673db735f54bddd239ab52701e944&v=2.9.161&r=stable&a=seg&ec=0&o=4126&fbp=fb.1.1720835981494.226479185568979492&ler=empty&cdl=API_unavailable&it=1720835981328&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D773349016679285%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fauth.bloomtech-staging.com%252Fsign-in%253F%26rl%26if%3Dfalse%26ts%3D1720835981495%26sw%3D1600%26sh%3D1200%26ud%255Bexternal_id%255D%3D1ef601fd78b7dbc18c80843019f2c4eb55b673db735f54bddd239ab52701e944%26v%3D2.9.161%26r%3Dstable%26a%3Dseg%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1720835981494.226479185568979492%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720835981328%26coo%3Dfalse%26dpo%3DLDU%26dpoco%3D0%26dpost%3D0%26rqm%3DFGET

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign-in
auth.bloomtech-staging.com/
Redirect Chain
  • https://auth.bloomtech-staging.com/
  • https://auth.bloomtech-staging.com/sign-in?
1 KB
929 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.bloomtech-staging.com/sign-in?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384c670d58ed808ef12c14bc0ac90be199c19f48d5a83bc83c2b81277c566e70
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self' 'sha256-2oK9nKJh7+ASpIs1U3ChVH6iXN39dJ+irLnc7O0qgmc=';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a25acbddf80b915-AMS
content-encoding
br
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self' 'sha256-2oK9nKJh7+ASpIs1U3ChVH6iXN39dJ+irLnc7O0qgmc=';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 01:59:37 GMT
expect-ct
max-age=0
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
no-referrer
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835977&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=swM8xfFkMqaJaWDdkJhM2G%2Bax976fRuclnYQ5Kolwf4%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835977&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=swM8xfFkMqaJaWDdkJhM2G%2Bax976fRuclnYQ5Kolwf4%3D
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a25acbbfdedb915-AMS
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 01:59:37 GMT
expect-ct
max-age=0
location
/sign-in?
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
no-referrer
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835977&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=swM8xfFkMqaJaWDdkJhM2G%2Bax976fRuclnYQ5Kolwf4%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835977&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=swM8xfFkMqaJaWDdkJhM2G%2Bax976fRuclnYQ5Kolwf4%3D
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
via
1.1 vegur
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
0
sign-in.css
auth.bloomtech-staging.com/css/pages/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.bloomtech-staging.com/css/pages/sign-in.css
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/sign-in?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11a8712a2ba21b8a306a83b3ae080ef183089a2a5e4593ea94802ed41ea5744
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:38 GMT
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
2850
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D
referrer-policy
no-referrer
last-modified
Tue, 21 Mar 2023 18:43:17 GMT
server
cloudflare
etag
W/"b22-187057b9188"
expect-ct
max-age=0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D"}]}
content-type
text/css; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a25acbe9a170c0d-AMS
logo.svg
auth.bloomtech-staging.com/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.bloomtech-staging.com/logo.svg
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/sign-in?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9fb8efc9992e96c92eb8d0ef7522e8ea990b171144c1fc77191d1eac8713a0
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:38 GMT
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
2520
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D
referrer-policy
no-referrer
last-modified
Tue, 21 Mar 2023 18:38:20 GMT
server
cloudflare
etag
W/"9d8-18705770960"
expect-ct
max-age=0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D"}]}
content-type
image/svg+xml
x-download-options
noopen
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a25acbe9a180c0d-AMS
logo-full-white.svg
auth.bloomtech-staging.com/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.bloomtech-staging.com/logo-full-white.svg
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/sign-in?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9e81e4c4f217aec16bce6fafce558f9f061ba486d318cf3c1d6bf38ffc465b5
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:38 GMT
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
2480
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D
referrer-policy
no-referrer
last-modified
Tue, 21 Mar 2023 18:38:20 GMT
server
cloudflare
etag
W/"9b0-18705770960"
expect-ct
max-age=0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D"}]}
content-type
image/svg+xml
x-download-options
noopen
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a25acbe9a190c0d-AMS
email-decode.min.js
auth.bloomtech-staging.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.bloomtech-staging.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/sign-in?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 08:14:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f945f-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMCQzbil0DmQ2u%2BuYsw4ZocOLiGXVPgyITbn2DamSKNiMM6kTvYo2PxaV54uJY051HF%2BrzeRRBgO1v0L5ei4WAEuDgC6cUyrMADF7PgTkLO%2FdtXM5DMfEN4sMNysq1%2Fx1kmC5%2FoBX0OcRuzEGcR5Luzla%2BLCV%2BY%2FeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a25acbeaa1e0c0d-AMS
expires
Mon, 15 Jul 2024 01:59:38 GMT
sign-in.js
auth.bloomtech-staging.com/js/pages/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.bloomtech-staging.com/js/pages/sign-in.js
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/sign-in?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99923bc6831dda19c7d4e1d99a037dfed4c6b117f62abd3f1200fcbf02ef12b6
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://auth.bloomtech-staging.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:38 GMT
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
1053
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D
referrer-policy
no-referrer
last-modified
Tue, 21 Mar 2023 18:43:22 GMT
server
cloudflare
etag
W/"41d-187057ba510"
expect-ct
max-age=0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D"}]}
content-type
application/javascript; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a25acbe9a1a0c0d-AMS
DefaultLayout.js
auth.bloomtech-staging.com/js/layouts/ 		118 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.bloomtech-staging.com/js/layouts/DefaultLayout.js
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/sign-in?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d7804dddb9f82cbddfdafc88f59ead4f11313fc7e61250c300123fffd74890
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://auth.bloomtech-staging.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:38 GMT
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
38063
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D
referrer-policy
no-referrer
last-modified
Tue, 21 Mar 2023 18:43:23 GMT
server
cloudflare
etag
W/"94af-187057ba8f8"
expect-ct
max-age=0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D"}]}
content-type
application/javascript; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a25acc09aae0c0d-AMS
Form.js
auth.bloomtech-staging.com/js/components/ 		400 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.bloomtech-staging.com/js/components/Form.js
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/sign-in?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4d9c1c1e66dcf85506177469273203e3c5948056be0309fcb54f4193e5ceef
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://auth.bloomtech-staging.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:38 GMT
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
296
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D
referrer-policy
no-referrer
last-modified
Tue, 21 Mar 2023 18:43:23 GMT
server
cloudflare
etag
W/"128-187057ba8f8"
expect-ct
max-age=0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D"}]}
content-type
application/javascript; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a25acc09aaf0c0d-AMS
LoadingIndicator.js
auth.bloomtech-staging.com/js/components/ 		287 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.bloomtech-staging.com/js/components/LoadingIndicator.js
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/sign-in?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb5aa59389ef144038e0a5bcd5f35b07449d779e04b3ec90af05323de74ebb2
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://auth.bloomtech-staging.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:38 GMT
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
207
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D
referrer-policy
no-referrer
last-modified
Tue, 21 Mar 2023 18:43:23 GMT
server
cloudflare
etag
W/"cf-187057ba8f8"
expect-ct
max-age=0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835978&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=MctuNRsowcr5yygiuoCn44jPaxJx2srtpCfJySIu49E%3D"}]}
content-type
application/javascript; charset=UTF-8
x-download-options
noopen
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a25acc09ab00c0d-AMS
analytics.min.js
cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.min.js
Requested by
Host: auth.bloomtech-staging.com
URL: https://auth.bloomtech-staging.com/js/layouts/DefaultLayout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4e951818d81650673360adfa40342a9230cec6644011b66b7b2aa8c08868225

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:40 GMT
x-amz-version-id
KUBpp_A0MLSRhINxVHUBXPLn6KdtXOEl
content-encoding
br
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 30 May 2024 19:35:27 GMT
server
AmazonS3
etag
W/"30917767c3fc0afa0bfb3b5815b6c132"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
iu55OrDe8RVpKVPL7hKsgLBU20KAS6fq_jzoQoRiGM4hVCEkYMllzA==
favicon.ico
auth.bloomtech-staging.com/ 		118 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.bloomtech-staging.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5459e968e20b7e9aba20819d8574a9313fba52d53a1fef5735e91f534cc469d
Security Headers
Name Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:39 GMT
content-security-policy
script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-dns-prefetch-control
off
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
26653
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1720835979&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KXJ8g8OZ4YmWt0bVN4TlwPOGJrMxsvsFuQbkvtz1reY%3D
referrer-policy
no-referrer
last-modified
Tue, 21 Mar 2023 18:38:20 GMT
server
cloudflare
etag
W/"681d-18705770960"
expect-ct
max-age=0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720835979&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KXJ8g8OZ4YmWt0bVN4TlwPOGJrMxsvsFuQbkvtz1reY%3D"}]}
content-type
image/x-icon
x-download-options
noopen
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a25acc3cb440c0d-AMS
m
api.segment.io/v1/ 		21 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/m
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://auth.bloomtech-staging.com
date
Sat, 13 Jul 2024 01:59:40 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
m
api.segment.io/v1/ 		21 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/m
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://auth.bloomtech-staging.com
date
Sat, 13 Jul 2024 01:59:40 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
analytics.classic.js
cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/ 		447 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.classic.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ce3a83436d9eb30f5e940351088666a9115d8bc86697bb5b57cba34132f7054

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:41 GMT
x-amz-version-id
N1oXZeWdKuXDLeb5bJD67m5JsORppYUU
content-encoding
br
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 25 Sep 2023 18:14:06 GMT
server
AmazonS3
etag
W/"642af9c2107bd993edc06933af5bc95c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
L7VrHh4u1KgGMpQkCuAB2Gqg_Ak-pPDXv_FnxuOV7S5bqQZlpS67lg==
p
api.segment.io/v1/ 		21 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.classic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://auth.bloomtech-staging.com
date
Sat, 13 Jul 2024 01:59:41 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
js
www.googletagmanager.com/gtag/ 		265 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-822711918
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.classic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e2849505fbfcb57fa4ca1904db8fb3b43d7329f3add42617237eae7ad9cdb2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 01:59:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93513
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 01:59:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.classic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 13 Jul 2024 01:59:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58653
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
8viYarx7Czepa+2EUIPbRhaMj0qHJAnWFiA08XmfcnDANBmIpHj9NUmoJq5C7dGT19x5w8PTuCkNtuwnPBDNpg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
773349016679285
connect.facebook.net/signals/config/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/773349016679285?v=2.9.161&r=stable&domain=auth.bloomtech-staging.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b4e869ae65ef466abec6ab091463cb4c613f05874bf4702b0accbe1703ad0f77
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 13 Jul 2024 01:59:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1328, tbw=64143, tp=-1, tpl=-1, uplat=136, ullat=0
pragma
public
x-fb-debug
/q3BtwrNt4JG5dhdLZ8mefatDsCaXkRHwLEOL/uZGnHEblC976ybeSXG3Yo25M6zn+3zqw1tORXoo2xdwDpYOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=773349016679285&ev=PageView&dl=https%3A%2F%2Fauth.bloomtech-staging.com%2Fsign-in%3F&rl=&if=false&ts=1720835981495&sw=1600&sh=1200&ud[external_id]=1ef601fd78b7dbc18c80843019f2c4eb55b673db735f54bddd239ab52701e944&v=2.9.161&r=stable&a=seg&ec=0&o=4126&fbp=fb.1.1720835981494.226479185568979492&ler=empty&cdl=API_unavailable&it=1720835981328&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 13 Jul 2024 01:59:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/login/
Redirect Chain
  • https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=773349016679285&ev=PageView&dl=https%3A%2F%2Fauth.bloomtech-staging.com%2Fsign-in%3F&rl=&if=false&ts=1720835981495&sw=1600&sh=120...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D773349016679285%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fauth.bloomtec...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D773349016679285%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fauth.bloomtech-staging.com%252Fsign-in%253F%26rl%26if%3Dfalse%26ts%3D1720835981495%26sw%3D1600%26sh%3D1200%26ud%255Bexternal_id%255D%3D1ef601fd78b7dbc18c80843019f2c4eb55b673db735f54bddd239ab52701e944%26v%3D2.9.161%26r%3Dstable%26a%3Dseg%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1720835981494.226479185568979492%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720835981328%26coo%3Dfalse%26dpo%3DLDU%26dpoco%3D0%26dpost%3D0%26rqm%3DFGET

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| _L_STATE_ object| analytics object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| __core-js_shared__ object| core object| optimizely object| dataLayer function| gtag function| Tracktor function| _fbq function| fbq function| normalize object| google_tag_manager object| google_tag_data

3 Cookies

Domain/Path Name / Value
.bloomtech-staging.com/ Name: ajs_anonymous_id
Value: %22002999bf-416d-4fd1-9306-25d4df03374b%22
.bloomtech-staging.com/ Name: _gcl_au
Value: 1.1.585502628.1720835981
.bloomtech-staging.com/ Name: _fbp
Value: fb.1.1720835981494.226479185568979492

2 Console Messages

Source Level URL
Text
security error URL: https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.min.js
Message:
Refused to connect to 'https://cdn.segment.com/v1/projects/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/settings' because it violates the following Content Security Policy directive: "connect-src https://api.segment.io 'self'".
javascript error URL: https://cdn.segment.com/analytics.js/v1/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/analytics.min.js
Message:
Refused to connect to 'https://cdn.segment.com/v1/projects/84vTvc4E3RluJ0MTMT5G1wfLmg4lglTW/settings' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src https://cdn.segment.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net 'self' 'sha256-2oK9nKJh7+ASpIs1U3ChVH6iXN39dJ+irLnc7O0qgmc=';connect-src https://api.segment.io 'self';img-src https://www.facebook.com https://www.google.com 'self';style-src 'unsafe-inline' 'self';frame-src https://bid.g.doubleclick.net 'self';default-src 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
auth.bloomtech-staging.com
cdn.segment.com
connect.facebook.net
www.facebook.com
www.googletagmanager.com
www.facebook.com
2606:4700:3033::ac43:a930
2a00:1450:4001:813::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
35.81.90.104
99.86.8.175
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1ce3a83436d9eb30f5e940351088666a9115d8bc86697bb5b57cba34132f7054
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cb5aa59389ef144038e0a5bcd5f35b07449d779e04b3ec90af05323de74ebb2
384c670d58ed808ef12c14bc0ac90be199c19f48d5a83bc83c2b81277c566e70
6b4d9c1c1e66dcf85506177469273203e3c5948056be0309fcb54f4193e5ceef
99923bc6831dda19c7d4e1d99a037dfed4c6b117f62abd3f1200fcbf02ef12b6
9e2849505fbfcb57fa4ca1904db8fb3b43d7329f3add42617237eae7ad9cdb2a
b4e869ae65ef466abec6ab091463cb4c613f05874bf4702b0accbe1703ad0f77
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
d2d7804dddb9f82cbddfdafc88f59ead4f11313fc7e61250c300123fffd74890
d5459e968e20b7e9aba20819d8574a9313fba52d53a1fef5735e91f534cc469d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e81e4c4f217aec16bce6fafce558f9f061ba486d318cf3c1d6bf38ffc465b5
f11a8712a2ba21b8a306a83b3ae080ef183089a2a5e4593ea94802ed41ea5744
f4e951818d81650673360adfa40342a9230cec6644011b66b7b2aa8c08868225
fd9fb8efc9992e96c92eb8d0ef7522e8ea990b171144c1fc77191d1eac8713a0