dev-authorisation.flyfreely.io Open in urlscan Pro
2606:4700:3030::6815:2ec0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dev-authorisation.flyfreely.io/
Submission: On February 14 via automatic, source certstream-suspicious (February 14th 2022, 5:03:31 am UTC) — Scanned from DE

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 25 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3030::6815:2ec0, located in United States and belongs to CLOUDFLARENET, US. The main domain is dev-authorisation.flyfreely.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2021. Valid for: a year.

This is the only time dev-authorisation.flyfreely.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3030::6815:2ec0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	54.93.61.38 54.93.61.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.102 108.157.4.102	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.12 108.157.4.12	16509 (AMAZON-02) (AMAZON-02)
2	34.209.192.116 34.209.192.116	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.16.248.108 52.16.248.108	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7d1	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
57	31

9 2606:4700:3030::6815:2ec0 (United States)

ASN13335 (CLOUDFLARENET, US)

dev-authorisation.flyfreely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o128452.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.61.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-61-38.eu-central-1.compute.amazonaws.com

widget.usersnap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-102.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-12.dus51.r.cloudfront.net

resources.usersnap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.209.192.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-192-116.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.248.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-248-108.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	flyfreely.io dev-authorisation.flyfreely.io	2 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 854 q.stripe.com — Cisco Umbrella Rank: 5951 m.stripe.com — Cisco Umbrella Rank: 828	69 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 574 script.hotjar.com — Cisco Umbrella Rank: 726 vars.hotjar.com — Cisco Umbrella Rank: 809 in.hotjar.com — Cisco Umbrella Rank: 1615	66 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	3 KB
4	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4676 track.hubspot.com — Cisco Umbrella Rank: 2223	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	133 KB
3	usersnap.com widget.usersnap.com — Cisco Umbrella Rank: 39485 resources.usersnap.com — Cisco Umbrella Rank: 54026	175 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	498 B
2	gstatic.com fonts.gstatic.com	68 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 913	17 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6342	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	39 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3513	957 B
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4922	22 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2042	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2019	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3177	3 KB
1	sentry.io o128452.ingest.sentry.io	255 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2180	991 B
57	25

	Domain	Requested by
9	dev-authorisation.flyfreely.io	dev-authorisation.flyfreely.io
4	fonts.googleapis.com	client resources.usersnap.com
3	connect.facebook.net	js.hsadspixel.net connect.facebook.net
3	js.stripe.com	dev-authorisation.flyfreely.io js.stripe.com
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com
2	track.hubspot.com
2	fonts.gstatic.com	fonts.googleapis.com
2	in.hotjar.com	dev-authorisation.flyfreely.io
2	api.hubspot.com	dev-authorisation.flyfreely.io
2	m.stripe.com	m.stripe.network
2	resources.usersnap.com	widget.usersnap.com resources.usersnap.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	dev-authorisation.flyfreely.io
2	www.google-analytics.com	dev-authorisation.flyfreely.io
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	js.hsadspixel.net
1	www.googletagmanager.com	js.hsadspixel.net
1	api.hubapi.com	dev-authorisation.flyfreely.io
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	static.hotjar.com	dev-authorisation.flyfreely.io
1	widget.usersnap.com	dev-authorisation.flyfreely.io
1	o128452.ingest.sentry.io	dev-authorisation.flyfreely.io
1	js.hs-scripts.com	dev-authorisation.flyfreely.io
57	34

This site contains links to these domains. Also see Links.

Domain
www.flyfreely.io

Subject Issuer	Validity	Valid
flyfreely.io Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.ingest.sentry.io R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
usersnap.com Amazon	`2021-10-08` - `2022-11-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://dev-authorisation.flyfreely.io/
Frame ID: 83CB2269AEBD2C7F1FDD128EF7F704F5
Requests: 44 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
Frame ID: 32C010EEE804254C438713CC49A8A254
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 808408A35214570F7209A127DA7E7113
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: E72EDF57C1709492C0EDEBF21FB60820
Requests: 1 HTTP requests in this frame

Frame: https://resources.usersnap.com/assets/js/entries/setup/337bf3d41d5e45f012b8.js
Frame ID: 36EEAD7D216DE08765DB532D194B6C0F
Requests: 1 HTTP requests in this frame

Frame: https://resources.usersnap.com/assets/js/entries/buttonV2/1db559fb8ed2fdfc3673.js
Frame ID: BC85AEAD9EA24778AF66FAABB6F2529F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FlyFreely

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

57
Requests

98 %
HTTPS

61 %
IPv6

25
Domains

34
Subdomains

31
IPs

4
Countries

3062 kB
Transfer

12265 kB
Size

30
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.flyfreely.io/terms-of-use/
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://www.flyfreely.io/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=196284&time=1644815005790&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D196284%26time%3D1644815005790%26url%3Dhttps%253A%252F%252Fdev-authorisation.flyfreely.io%252Flogin%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=196284&time=1644815005790&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=196284&time=1644815005790&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&liSync=true&e_ipv6=AQKE8UHv-c27rgAAAX72nTmLks3OqqV50BlJWIQAb390sMyzlDZ9v19hXxi-Sl8jUpa-vEaGU3ZO0C9m8sle77YqhA3kSA

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dev-authorisation.flyfreely.io/ 6 KB
2 KB 915ms
722ms Document
text/html 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev-authorisation.flyfreely.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f90d8f41955fc5b768b6f242677c19259d754baec5c8ca4cf0b24350d5ff325

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 14 Feb 2022 05:03:21 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=0, must-revalidate
last-modified: Mon, 14 Feb 2022 04:01:35 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxqvU%2ByJ0MvSlHpnSNQ7wsaBezNR44g8lmKdbsxzk31jVUtR%2FLzo0XUgW9l1rbNIFX5s%2FFfSzqmieda2JEEruBa5CyCmR3Ddn%2BqaK8OLR54NTbvFXQZqrx9PtFEDMqJ%2F%2BKGJWhlfPxbdp%2BTetjZ%2F2apPVPYMrTT%2FBPAKWNo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dd3bfd97d2c59a7-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
js.stripe.com/v3/ 277 KB
67 KB 89ms
7ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0c028aaf164d6f33d917882e8ee8eb1329f990e8c6ebb81a2ac87ec31c9055a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 71
x-cache: HIT
content-length: 67825
etag: "fd1b3714d3810597a46d60d6b9bec755"
x-request-id: b97b5ee0-9ebb-4981-be7b-27f79522c709
x-served-by: cache-hhn4070-HHN
access-control-allow-origin: *
last-modified: Fri, 11 Feb 2022 22:43:13 GMT
server: Fastly
date: Mon, 14 Feb 2022 05:03:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20

GET
H2 200 vendor.1c2dec21314725df34f6.js Show response
dev-authorisation.flyfreely.io/ 9 MB
2 MB 1836ms
1836ms Script
text/javascript 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js
Requested by: Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc0033315e203a9b3e41e56f8372b93c890b8137a6b47abcfc36909665c0f09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 05:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVxcDGADzxfMxsn%2Fe0F9PfbrgijImhECJppCaMuNZNT6BdC8zJKW6TmlHLU%2B0wAw9g%2FJ1%2BfhDHaAXnmjbhk7xOpkFvDpDy%2FsCJkGBd8IbwDwh4CZwJTZqCJ%2Fw5of0fZIKeszV8eh1kVLBg5UzOCcFAQ5jU4pZBMWJmB1DyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dd3bfde1a5959a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 user.81cf7966c325acab9353.js Show response
dev-authorisation.flyfreely.io/ 720 KB
132 KB 1858ms
1857ms Script
text/javascript 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev-authorisation.flyfreely.io/user.81cf7966c325acab9353.js
Requested by: Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a9f57502fd1455793f00ff6761a427bdc947f5245b88379b93ef6b669f94b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 05:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPICbGTfzldEqa%2Fr8RBRXjJuCHIZljNQHTtEwtAHhYoXIdeXKkTgUfQYhU%2BPQtHcVK9Ex5GwZ3JTLxs9QMyCA2lfTqeHH5oGC2r41IjPrhDx2dWQtMypAahJDbwR7R3Hs3L7LuRZDowKbH%2Bl%2FRhKqFhTJD9Psx1SOnCzhm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dd3bfde1a5a59a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3997179.js Show response
js.hs-scripts.com/ 2 KB
991 B 206ms
166ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3997179.js
Requested by: Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 407a82e1ae1bd4eaea7cdd57be15a78bb9761ff5ee6b265ada18f34303ba57b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: ff700c75-de4c-4c4f-a1f3-bbdb640d3db7
last-modified: Mon, 14 Feb 2022 00:28:38 GMT
server: cloudflare
x-trace: 2B4D62A9242041E2BB9032CEFBF768917CCC7DD0AE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://dev-authorisation.flyfreely.io
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6dd3bfdf1e11e8ff-MXP
expires: Mon, 14 Feb 2022 05:04:21 GMT

POST
H2 200 / Show response
o128452.ingest.sentry.io/api/5370317/envelope/ 2 B
255 B 42ms
9ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o128452.ingest.sentry.io/api/5370317/envelope/?sentry_key=cef7e25c50654781b4d811cf9ba35d54&sentry_version=7

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dev-authorisation.flyfreely.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 05:03:24 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://dev-authorisation.flyfreely.io
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 css
fonts.googleapis.com/ 3 KB
953 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,400i,500,700

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5047f1e6270d0560e55a614449d6804eff807b631064d6a54fed4ec981cecd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 05:03:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 05:03:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 05:03:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
648 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,600

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

663a1db71ddbd60d627a7908769394a5670ec341b8b38895923ab0f76ef2f378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 03:40:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 05:03:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 05:03:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
692 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,600

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76f754050e2c29ed1ee0e170536af6dfb5b48721068bc9fe786633289b024272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 03:16:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 05:03:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 05:03:24 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 401 user Show response
dev-authorisation.flyfreely.io/webapi/ 79 B
688 B 821ms
820ms XHR
application/json 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-authorisation.flyfreely.io/webapi/user

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f5d55d4e28ebd45363ab6c37487583ab93f53e53be84657dc7ddba7bcb61336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dev-authorisation.flyfreely.io/
x-requested-with: XMLHttpRequest
x-flyfreely-ui: OfficeApp 1.6.69
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 05:03:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOwjsSo3J%2FxtFblQMS73uVdWQUbbRWUDy5GSFffqWB6H9HNE7aBoaHvaCzXySHeQ5OHlWoGYwpyebx4tvL4Tm5RB4y54ofVU%2Fdx1Up0ndzyRripptKoB%2BPMPIj%2FHu3g1HTfnx5fepNBTs3sGfkWxcfkq5Lk98QufguJouJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6dd3bff28db759fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: 0

GET
H3 401 organisations Show response
dev-authorisation.flyfreely.io/webapi/user/ 93 B
739 B 815ms
815ms XHR
application/json 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-authorisation.flyfreely.io/webapi/user/organisations

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9408144a655e70fb72f0d139a614f7105b4447a11d10ae6ad5f18e805cf9810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dev-authorisation.flyfreely.io/
x-requested-with: XMLHttpRequest
x-flyfreely-ui: OfficeApp 1.6.69
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 05:03:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq73awROPAq35pyDTzQPl78FAYtM0BYTQiZVaEBec56kZkOLCIxueK%2FsH%2FO3Kxje0hpMwgw1KPtx%2BlFGzQ0QKmuNYtmaoyznExWdULTEBVMDu2U6K%2BuK6Ruua22RsKkrbh90%2FComDonKXUfkau%2ByhQYx5KWFft2BCN1Cztc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6dd3bff28db959fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 copy Show response
dev-authorisation.flyfreely.io/publicapi/ 16 KB
3 KB 874ms
874ms XHR
application/json 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-authorisation.flyfreely.io/publicapi/copy

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1313e766040033df914a0e16ecca6594aedafad5c96fd92f7f91f2b98d7826d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://dev-authorisation.flyfreely.io/
x-requested-with: XMLHttpRequest
x-flyfreely-ui: OfficeApp 1.6.69
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
etag: W/"00f672ff2fcd9b8925f258fa266d29dee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmK%2B59Sr2IHTyvt%2FcgBOhFOJqANnCog2MKVcyoPD5QOFyABTKDJpnYaYA5QOgmPkAcUzHxUZPvvyrcCMU320w7qU93Fxb11iDf%2BqTcXDGOT%2BnThzzXWkvKPHOSvuMHVZJc9U2gkcRuW25bpD%2FDB0%2BpJq39xenTMgbSlydMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6dd3bff29dc559fb-MXP
expires: 0

GET
H2 200 1211b283-a12e-4492-9aa6-ec28d43b821c Show response
widget.usersnap.com/load/ 28 KB
11 KB 63ms
28ms Script
application/javascript 54.93.61.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.usersnap.com/load/1211b283-a12e-4492-9aa6-ec28d43b821c?onload=onUsersnapCXLoad

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.61.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-61-38.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

941b787e17cb44cc7f9adf9b01f106d4d75f9464d7600a2733d46263b295d6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3512
date: Mon, 14 Feb 2022 04:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Feb 2022 06:04:52 GMT

GET
H2 200 hotjar-1074220.js Show response
static.hotjar.com/c/ 4 KB
2 KB 54ms
38ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1074220.js?sv=6

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

f88deb643f55e48a17dfea7cd33627868eedcf86c0dd3490f10f377587f52c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/5636d02a18bdddc757079121b6496ec7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1892
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-id: Q975xvvN8l-JCy2bBdknVPK7DYI9zz3WfcvgKaDVpEIiVx7U9EdRlg==

GET
H2 200 m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html Show response
js.stripe.com/v3/ Frame 32C0 240 B
550 B 6ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/

Response headers

last-modified: Thu, 27 Jan 2022 19:43:21 GMT
etag: "08a1fefa46cfc8cc94fc477ddcdb0555"
content-type: text/html; charset=utf-8
cache-control: max-age=31536000
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 14 Feb 2022 05:03:24 GMT
via: 1.1 varnish
age: 108
x-request-id: a3a9317d-4b22-4e7d-8a4d-cec3162124fd
x-served-by: cache-hhn4070-HHN
x-cache: HIT
x-cache-hits: 33
vary: Accept-Encoding
timing-allow-origin: *
content-length: 140

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 64ms
26ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3997179.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78a88b38cd5143f136506a09ddd5911e109b4960b41c59acaf84696b12cbe6f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:24 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 30
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.263/bundles/pixels-release.js&cfRay=6dd3bf338f6d83b2-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 31 Jan 2022 01:20:51 UTC
server: cloudflare
etag: W/"44929f5996c89154c598e0d6b2db6dfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: btixHLv80iuUeBFW.WSHuvdv5D78LgXM
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6dd3bff3da49599b-MXP
x-amz-cf-id: eEWOI9yiBwCEB2sZCFezQyDvAG5wesD4fjet0m5cauxmubYVUHpcMw==
x-hs-target-asset: adsscriptloaderstatic/static-1.263/bundles/pixels-release.js

GET
H2 200 3997179.js Show response
js.hs-analytics.net/analytics/1644814800000/ 62 KB
20 KB 203ms
169ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1644814800000/3997179.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3997179.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed6eeb5dd9aae26c773433812fb389c99ce945e8ed57b82b97596911bb48947f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:24 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 9JJ8JCJGWSV0EG0N
x-amz-server-side-encryption: AES256
cf-ray: 6dd3bff3ce4fd610-MXP
x-amz-id-2: eM0BrKHeUPoMLaWrLxFC4YbgEPnZqMvDAmYhcYH8rWzi3iE4KW6Di3xFifc0SqnbP3yyviTN+2w=
last-modified: Mon, 19 Jul 2021 14:45:13 GMT
server: cloudflare
etag: W/"691c1aac2a99e2d602773f2da5ce1ddb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 14 Feb 2022 05:08:24 GMT

GET
H2 200 3997179.js Show response
js.hs-banner.com/ 61 KB
16 KB 502ms
466ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3997179.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3997179.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64e36983938066dda14f7e989bfb36d37721bc16b95374a21a2a86453b5677dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: B1KN2ZGCFTNMAX1D
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 2cigAo3hkKe4v/JKMR9eqDJm0huM0xNzld/tnbJtImBae7vUoa+shsmHbajbSUzqB8oiXteSdIk=
timing-allow-origin: *
last-modified: Tue, 08 Feb 2022 23:34:56 GMT
server: cloudflare
etag: W/"41333a12046a5f9e9718337b55fe74da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: K8FlcmXjm6CMQvWzWZZ2a0z5S3v1Sx3Z
access-control-allow-origin: https://app.flyfreely.io
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6dd3bff3da5483ae-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 14 Feb 2022 05:08:25 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
22 KB 69ms
24ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3997179.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a68281c1d759e7214cb0c6699944953819e5a5bb78777e65fb87fecb6170f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:24 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 592
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9643/bundles/project.js&cfRay=6dd3b17baa0f59f5-MXP
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 08 Feb 2022 09:27:47 UTC
server: cloudflare
etag: W/"9bc16782e1eac254ba1de1dc1a59c460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 28vyk6lF2op8UTN0Rmz7WbkS5SVIGQD3
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6dd3bff3ea2c839a-MXP
x-amz-cf-id: jTEFsmjp16Ee4twBs3mJbUypfjhIgy9DUK6ohFzCDZL6X573Fae52Q==
x-hs-target-asset: conversations-embed/static-1.9643/bundles/project.js

POST
H2 200 csp-report
q.stripe.com/ Frame 32C0 0
356 B 488ms
157ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-ebb7106827d6c64e55a93b6fe1303341.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 32C0 1 KB
774 B 6ms
6ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 17
x-cache: HIT
content-length: 645
etag: "5213886b88cd72e6d0aebc89868e5d13"
x-request-id: a273eab2-fd34-4984-89a7-29eae22ce475
x-served-by: cache-hhn4070-HHN
access-control-allow-origin: *
last-modified: Thu, 27 Jan 2022 19:43:06 GMT
server: Fastly
date: Mon, 14 Feb 2022 05:03:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 8084 932 B
1 KB 20ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Feb 2022 05:03:24 GMT
via: 1.1 varnish
age: 33
x-request-id: ae38f515-0389-4533-a64d-d89ec3e057bc
x-served-by: cache-hhn4070-HHN
x-cache: HIT
x-cache-hits: 26
x-timer: S1644815005.764378,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

POST
H2 200 csp-report
q.stripe.com/ Frame 8084 0
131 B 451ms
155ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 8084 85 KB
16 KB 8ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 23
x-cache: HIT
content-length: 15786
x-request-id: a1517043-1c7b-46e7-b395-7178781b2eed
x-served-by: cache-hhn4070-HHN
server: Fastly
x-timer: S1644815005.777063,VS0,VE0
date: Mon, 14 Feb 2022 05:03:24 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 modules.855de5fca5328f4d913a.js Show response
script.hotjar.com/ 235 KB
62 KB 22ms
7ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.855de5fca5328f4d913a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1074220.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 301398
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 62578
access-control-allow-origin: *
last-modified: Thu, 10 Feb 2022 17:19:42 GMT
etag: "6f96b4466f1ad2a1f9575d6ac84a137f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UuQLpW4zWDOakrehvOqDoVZKZBgQb9BeISV4nU4PYxryIK8t1Xt2mQ==

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame E72E 2 KB
1 KB 30ms
9ms Document
text/html 108.157.4.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1074220.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-102.dus51.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: GtJu368lcuoVfLRlj-f37HUzc6srCgJkUG9K8RLTUXrCZc4gTo7ZhQ==
age: 850278

GET
H2 200 337bf3d41d5e45f012b8.js Show response
resources.usersnap.com/assets/js/entries/setup/ Frame 36EE 248 KB
76 KB 57ms
13ms Script
application/javascript 108.157.4.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.usersnap.com/assets/js/entries/setup/337bf3d41d5e45f012b8.js
Requested by: Host: widget.usersnap.com
URL: https://widget.usersnap.com/load/1211b283-a12e-4492-9aa6-ec28d43b821c?onload=onUsersnapCXLoad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-12.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 983fa48569be0d72b3fe27ce64261e03b5d45cf8da85bd8173e9045dfca0b6c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:44:48 GMT
content-encoding: br
last-modified: Thu, 10 Feb 2022 15:10:11 GMT
server: AmazonS3
age: 307117
etag: W/"7a1c7fda98ea45be7e45f155ccce2924"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 6o6sU-u-6HOV7Va18AkvMG0M9lR3Q-qt5fqaTF_MvNzOk8yQmHYXXw==

POST
H2 200 6 Show response
m.stripe.com/ Frame 8084 156 B
523 B 480ms
161ms XHR
application/json 34.209.192.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.192.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-192-116.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e021108db041eaccc3aa0c0a7ff558d17d71d4d0175b2083c47aec736dc144dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 273 B
1 KB 176ms
154ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3997179&conversations-embed=static-1.9643&mobile=false&messagesUtk=099f6543fc0e42a6b208d77f130450a5&traceId=099f6543fc0e42a6b208d77f130450a5

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440336e08262bfa81a8d15e52d236a474c9455e84cebca5eccbd724c5c88526e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://dev-authorisation.flyfreely.io/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://dev-authorisation.flyfreely.io/

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 639f80e9-8827-4ccb-945b-322c350b431e
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 216
server: cloudflare
x-trace: 2BD41B2F52CAE98CFC6D1CD6AB3BAE5590B143F3E3000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UW9QDPvgptZrYGKZiZBQF9CgavxtJLFkQF11aZTNsvljB6knw6eQYXW08U3VmFcdicuF6YGw7RGdzgSdUKvH2LZrFfilMCaU8U8qxb98VrZ1lq2pWGraGfQDobn8LoqOX1usZmHe7VrbiM5e9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dev-authorisation.flyfreely.io
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6dd3bff6288f375b-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 206ms
145ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://dev-authorisation.flyfreely.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6dd3bff51c580e1e-MXP
access-control-allow-origin: https://dev-authorisation.flyfreely.io
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 5b61596b-19ca-4916-aa91-a4e551853851
x-trace: 2BEBCAFB53CF0E125D929D371AB42D8C6D0629DA01000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnCZ4cqGHPJfn4xGL8yN1nT%2FG%2F5%2FVhZoJ9M9GX4AVPUVLRkZKK20JOq379fTD1f4sPLMpmKQCg1XxMk7qxhUyonM6Kw6I68v%2FLB8KNxkRQ6By94qk%2F2vTuLmd8Pr7wfYw6Kq1rjPbiQIjlth8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1074220/ 146 B
323 B 101ms
36ms XHR
application/json 52.16.248.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1074220/visit-data?sv=6
Requested by: Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.248.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-248-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer: https://dev-authorisation.flyfreely.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 1db559fb8ed2fdfc3673.js Show response
resources.usersnap.com/assets/js/entries/buttonV2/ Frame BC85 304 KB
88 KB 11ms
10ms Script
application/javascript 108.157.4.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.usersnap.com/assets/js/entries/buttonV2/1db559fb8ed2fdfc3673.js
Requested by: Host: resources.usersnap.com
URL: https://resources.usersnap.com/assets/js/entries/setup/337bf3d41d5e45f012b8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-12.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56dde46e7f9e885e2414a5c5d6ac1789e267ad38a9a2b3d31a3edfdbb059c9fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 13:20:01 GMT
content-encoding: br
last-modified: Thu, 20 Jan 2022 13:11:48 GMT
server: AmazonS3
age: 2130205
etag: W/"89cda88646dd59bd6ae5f9b62e9386ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: jKtmO_c5CTmm5JvhQIvH0PLTlvlk39ixTDyFSFtNtnBFmZh9ESVOWw==

GET
H3 200 css2
fonts.googleapis.com/ Frame BC85 20 KB
873 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: resources.usersnap.com
URL: https://resources.usersnap.com/assets/js/entries/buttonV2/1db559fb8ed2fdfc3673.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

019a30e6fdaaa6da4800602cffe0ffe97b3ccf895716146e3fdeea51de821e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 03:18:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 05:03:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 05:03:25 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ Frame BC85 37 KB
38 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dev-authorisation.flyfreely.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:57:28 GMT
x-content-type-options: nosniff
age: 522357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 03:57:28 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 204 B
957 B 201ms
162ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3997179

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c405c48d82ce7b077c4e101dd8286600093d4eedec5286aa3843df5f0391ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: dabc07e4-2513-4092-baef-f4f7be2f6e16
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B4BACFA4F57EB1AB790B8745DABF77749B309BC31000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BeeXOMSbDAnBl44KtcSE7NoJ3Jsj8MjaKynzfi1At1XER6uzZ1EY5HZbMSb7cWT3xUABrqcPyWucVHWvt1KeKJICIdzC1cTVQIgu3uUdAWpv9Cwa1ym9BMxaNisoJE72w%2FXiFQmofOOfLqv"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dev-authorisation.flyfreely.io
access-control-allow-credentials: false
cf-ray: 6dd3bff71abb0e22-MXP
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
963 B 195ms
159ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=3997179&pu=https%3A%2F%2Fdev-authorisation.flyfreely.io%2F&t=FlyFreely&cts=1644815005241&vi=ec62bd7165c5e3ae4084f2e427c4bec4&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 637c36b1-2f81-49d6-870f-9aecd1a2e64e
cf-ray: 6dd3bff70df30f5a-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtJ36qPo3TkoZYhVGqmT%2FrjR3XoueV0mRwLkAGdAfh6kt1Ce9HhHiqpA0QoO3%2F7nCKCFlFMrNTKDHBEwZcGD7a7Q8cUE2h%2FDs9%2Bm8vrJ86XVLylY1EDcCWRkC4B2hZOLWH6a6T6vQ44PFtT0R0ba"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
34ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=205971458&t=pageview&_s=1&dl=https%3A%2F%2Fdev-authorisation.flyfreely.io%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=FlyFreely&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=2112647825&gjid=23120564&cid=1349912676.1644815005&tid=UA-147527473-1&_gid=1567966284.1644815005&_r=1&_slc=1&z=1606878218

Requested by

Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dev-authorisation.flyfreely.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 05:03:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dev-authorisation.flyfreely.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
562 B 145ms
144ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=3997179&po=%2Flogin&pu=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&t=FlyFreely&cts=1644815005398&vi=ec62bd7165c5e3ae4084f2e427c4bec4&nc=true&u=203733263.ec62bd7165c5e3ae4084f2e427c4bec4.1644815005238.1644815005238.1644815005238.1&b=203733263.1.1644815005238&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1541df37-1700-4fe2-9aa0-2e741099fa42
cf-ray: 6dd3bff7de930f5a-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mE9Uwddbk2d3mM9x2Zvun7qAxwBs%2FAop298R9DERXUME9j0fMdf%2FBHZbGGE%2F4IuRzlXnpzncpA76whkZKH2X21SCj2ifylk9EPb4%2F4lDl2Q8IfCo3x26%2FT7bXVtbvpne1O8T9vB%2F6C%2BrcZm7NeAW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 flyfreely-logo-black-text.png
dev-authorisation.flyfreely.io/images/ 33 KB
34 KB 938ms
937ms Image
image/png 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dev-authorisation.flyfreely.io/images/flyfreely-logo-black-text.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514e24395e4107ebc746b2a937927a8011456d7353c0ae5443e820b12c7ed574

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:26 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 05:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMit7OGSKMYM9wPsFQ8fOussE7qdl5ljIm%2Fkv3l%2BPJl%2FOcGgAK4w6FvJYp%2BakVoD9Onbi2Kla9WNFgGeQJHvPICQmVwZVxPyBQY4C55fu2Q%2FQr7GbdaBUchaGAU1KHIb4I6PylGxKo0xfw7GoKcoXjohnGEO%2Bkj5dh3BJ%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dd3bff7dcd959fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34072

GET
H3 200 login-background.jpg
dev-authorisation.flyfreely.io/assets/ 103 KB
104 KB 1175ms
1174ms Image
image/jpeg 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dev-authorisation.flyfreely.io/assets/login-background.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e812e5958f377af5da8ef9e9caaf71133c6a847976ed44b2dd1d21005500410f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:26 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 05:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WGPCDkXHc4X4sIq22on8pCE9MOMvWgytkNqb2PmA0ucfsJm4h4fH7McB%2BAqCUJ%2BzB%2F8Q%2BUhI5dIdugoY%2FS6pDdf%2FSFCgSAyLHv%2B27yPvXxgHvhdMrFig4kxXLlzXQqx2b4kvv8JuwZ9HXlKFwvSA285HAM5AeUY9Se%2Fpd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dd3bff7dce059fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105874

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
30 KB 63ms
28ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dev-authorisation.flyfreely.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 08:55:44 GMT
x-content-type-options: nosniff
age: 418061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 08:55:44 GMT

GET
H3 200 glyphicons-halflings-regular.woff2
dev-authorisation.flyfreely.io/assets/ 18 KB
18 KB 953ms
952ms Font
font/woff2 2606:4700:3030::6815:2ec0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev-authorisation.flyfreely.io/assets/glyphicons-halflings-regular.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2ec0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://dev-authorisation.flyfreely.io/
Origin: https://dev-authorisation.flyfreely.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:26 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 05:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJflcYVwLZ1nU5tr11hE8QGQpiajRs4ta9WmlPTs6ewaAPxgWzR0QyTemRyFIyLPo8Id8xqdXzSWQuqBui2kWlGESTIciU2NPZXCVjoU25LbjvDkoh6ejq7Dwnv0gigXQg1Owepze%2BvWw789UjMDQaZZgXwBb4ZKYC4kQ8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6dd3bff7dce759fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 102ms
30ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-826709362

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d03f1e3222487a45a38471f0fd3bbfa4cf8fe06b003d6e5b74c23446dea955c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39592
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Feb 2022 05:03:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 92ms
27ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: tqgHnLoeilUup/dk9ZHRXHnXZKapFNly34VhTHcoyDnCG5ioqMHRVTPsig9RH+/J7xQkUwaXwHU7G1V/qwTi1Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 14 Feb 2022 05:03:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 340ms
81ms Script
application/x-javascript 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 05:03:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=64767
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1074220/ 146 B
322 B 37ms
37ms XHR
application/json 52.16.248.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1074220/visit-data?sv=6
Requested by: Host: dev-authorisation.flyfreely.io
URL: https://dev-authorisation.flyfreely.io/vendor.1c2dec21314725df34f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.248.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-248-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer: https://dev-authorisation.flyfreely.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: 4RxzJQk7HqT49jAIj+LD2ivi9w0wt4xyHQZNxVnAkCfcnZQNCwuIR8iaQ+u9sXE549rGqZSt4tz0E4MC52IOGA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Feb 2022 05:03:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 211092899458802 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 59ms
52ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/211092899458802?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3fe69526fd17018bbb6bc1845ca6ffbdcb18ec66bed1614a7fa0f97f5c761569

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: YKf73wCGxrF3WKG3jMUEDsB8FpMNxurVMnu8ZCbO7TMC0SY7nv1Qt5oG+mwHo/MgqErV4A+7vK9rr59i3K1CEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Feb 2022 05:03:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 63ms
33ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-826709362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 05:03:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=211092899458802&ev=PageView&dl=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&rl=&if=false&ts=1644815005637&sw=1600&sh=1200&ud[external_id]=ec62bd7165c5e3ae4084f2e427c4bec4&v=2.9.52&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1644815005636.492029499&it=1644815005553&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 14 Feb 2022 05:03:25 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/826709362/ 2 KB
2 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/826709362/?random=1644815005655&cv=9&fst=1644815005655&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&tiba=FlyFreely&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d88bd47c728735a6cb2b39de1712cd345e2642ce4fce08b4acb155353062b7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 05:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1031
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/826709362/ 42 B
548 B 41ms
18ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/826709362/?random=1644815005655&cv=9&fst=1644814800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&tiba=FlyFreely&async=1&fmt=3&is_vtc=1&random=1031347274&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/826709362/ 42 B
548 B 41ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/826709362/?random=1644815005655&cv=9&fst=1644814800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&tiba=FlyFreely&async=1&fmt=3&is_vtc=1&random=1031347274&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 05:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=196284&time=1644815005790&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D196284%26time%3D1644815005790%26url%3Dhttps%253A%252F%252Fdev-authorisation.flyfr...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=196284&time=1644815005790&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=196284&time=1644815005790&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&liSync=true&e_ipv6=AQKE8UHv-c27rgAAAX72nTmLks3OqqV50BlJWIQAb39...

0
155 B

302ms
110ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=196284&time=1644815005790&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&liSync=true&e_ipv6=AQKE8UHv-c27rgAAAX72nTmLks3OqqV50BlJWIQAb390sMyzlDZ9v19hXxi-Sl8jUpa-vEaGU3ZO0C9m8sle77YqhA3kSA
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:26 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: gKaXoIiO0xYAVp6nbCsAAA==

Redirect headers

date: Mon, 14 Feb 2022 05:03:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 847BF73B3BB9435FBDF01294D9AA5E83 Ref B: FRAEDGE0818 Ref C: 2022-02-14T05:03:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=196284&time=1644815005790&url=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&liSync=true&e_ipv6=AQKE8UHv-c27rgAAAX72nTmLks3OqqV50BlJWIQAb390sMyzlDZ9v19hXxi-Sl8jUpa-vEaGU3ZO0C9m8sle77YqhA3kSA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXX81YojUyClQXqSQg12w==

POST
H2 200 6 Show response
m.stripe.com/ Frame 8084 156 B
522 B 159ms
158ms XHR
application/json 34.209.192.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.192.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-192-116.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e021108db041eaccc3aa0c0a7ff558d17d71d4d0175b2083c47aec736dc144dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 05:03:26 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=211092899458802&ev=Microdata&dl=https%3A%2F%2Fdev-authorisation.flyfreely.io%2Flogin&rl=&if=false&ts=1644815007141&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22FlyFreely%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=ec62bd7165c5e3ae4084f2e427c4bec4&v=2.9.52&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1644815005636.492029499&it=1644815005553&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev-authorisation.flyfreely.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:03:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 14 Feb 2022 05:03:27 GMT

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dev-authorisation.flyfreely.io/	1970-01-20 01:36:47	Name: referral Value: %7B%22firstVisit%22%3A%222022-02-14T05%3A03%3A24.567Z%22%2C%22landingUrl%22%3A%22https%3A%2F%2Fdev-authorisation.flyfreely.io%2F%22%2C%22referralUrl%22%3A%22%22%7D
.flyfreely.io/	1970-01-20 18:24:47	Name: _ga Value: GA1.2.1349912676.1644815005
.flyfreely.io/	1970-01-20 00:55:01	Name: _gid Value: GA1.2.1567966284.1644815005
.flyfreely.io/	1970-01-20 09:39:11	Name: _hjSessionUser_1074220 Value: eyJpZCI6IjQ0NDY0OWU1LWRjMDktNWFhMC1hYzllLTlmNzQ1ZmYxYzQ1MSIsImNyZWF0ZWQiOjE2NDQ4MTUwMDQ5MTIsImV4aXN0aW5nIjpmYWxzZX0=
.flyfreely.io/	1970-01-20 00:53:36	Name: _hjFirstSeen Value: 1
dev-authorisation.flyfreely.io/	1970-01-20 00:53:35	Name: _hjIncludedInPageviewSample Value: 1
.flyfreely.io/	1970-01-20 00:53:36	Name: _hjSession_1074220 Value: eyJpZCI6ImE2YTRkMTAwLThmODctNDk5Mi1iOWI2LWQ1NGEwZDVlYmZhOCIsImNyZWF0ZWQiOjE2NDQ4MTUwMDQ5MjQsImluU2FtcGxlIjp0cnVlfQ==
.flyfreely.io/	1970-01-20 00:53:36	Name: _hjAbsoluteSessionInProgress Value: 0
.flyfreely.io/	1970-01-20 10:15:11	Name: __hstc Value: 203733263.ec62bd7165c5e3ae4084f2e427c4bec4.1644815005238.1644815005238.1644815005238.1
.flyfreely.io/	1970-01-20 10:15:11	Name: hubspotutk Value: ec62bd7165c5e3ae4084f2e427c4bec4
.flyfreely.io/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.flyfreely.io/	1970-01-20 00:53:36	Name: __hssc Value: 203733263.1.1644815005238
m.stripe.com/	1970-01-20 18:24:47	Name: m Value: 23d882ac-e2d1-41e9-8b7b-494f3c62919fa1fc79
.dev-authorisation.flyfreely.io/	1970-01-20 09:39:11	Name: __stripe_mid Value: 77d27b1e-e0d5-4f62-9fee-cb791b87365d4a118e
.dev-authorisation.flyfreely.io/	1970-01-20 00:53:36	Name: __stripe_sid Value: 79153319-9669-4584-86c2-095732a78027b15dfe
.flyfreely.io/	1970-01-20 00:53:35	Name: _gat Value: 1
dev-authorisation.flyfreely.io/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 9191ef3d-5e2e-4eb8-9ef9-ce03b609bd55
.hubspot.com/	1970-01-20 00:53:36	Name: __cf_bm Value: P5YhJEsgOIXrmkV8kPwYprkE0bdCutDTwAyLaCLhts8-1644815005-0-AStacNvRAPEWukhFLqHXxRT5bahTOXHqNHqZDU+lLECCBSqJMqaSrZSLxmqs2d1pH97x0eNycs2urZNgp+M8K30=
.flyfreely.io/	1970-01-20 03:03:11	Name: _gcl_au Value: 1.1.303792157.1644815006
.flyfreely.io/	1970-01-20 03:03:11	Name: _fbp Value: fb.1.1644815005636.492029499
.facebook.com/	1970-01-20 03:03:11	Name: fr Value: 0wqCcwsBjwfpPHNyP..BiCeKd...1.0.BiCeKd.
.doubleclick.net/	1970-01-20 00:53:35	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 01:36:47	Name: UserMatchHistory Value: AQI-V8T2JQkRGgAAAX72nTirBTrzMCTtvri3oJd-FeGf5PNNNKbuLLi4LsrHf74ENkKzMNugvqyFWQ
.linkedin.com/	1970-01-20 01:36:47	Name: AnalyticsSyncHistory Value: AQLGDXyqYpXN8AAAAX72nTirtGmFAy5uTABimH8hf06wWw_4CKebft9lP6uJLvdwRx7n5uRiPXvV1sCyYiAj1w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:25:28	Name: bcookie Value: "v=2&dba957dc-6db7-4b36-8aa9-ac8ae23adab6"
.linkedin.com/	1970-01-20 00:55:01	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2263:u=1:x=1:i=1644815005:t=1644901405:v=2:sig=AQGjOmgYjuGX4UjWM7ed9A-atgHv2kwL"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:25:28	Name: bscookie Value: "v=1&20220214050325e288ae7c-0052-45c9-8709-9cb2b825529dAQGHrzA-ytnLz95OmvihdxsMrHKvGmed"
.linkedin.com/	1970-01-20 18:09:52	Name: li_gc Value: MTswOzE2NDQ4MTUwMDU7MjswMjHrT8R/UXAGLyoisEbJHWMcsLY2aPnaY4GFwf45otW/2w==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dev-authorisation.flyfreely.io/webapi/user/organisations Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://dev-authorisation.flyfreely.io/webapi/user Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
connect.facebook.net
dev-authorisation.flyfreely.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
o128452.ingest.sentry.io
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
resources.usersnap.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
track.hubspot.com
vars.hotjar.com
widget.usersnap.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
108.157.4.102
108.157.4.12
108.174.10.14
142.250.186.130
143.204.98.93
151.101.0.176
2606:4700:3030::6815:2ec0
2606:4700::6811:44b0
2606:4700::6811:72b0
2606:4700::6811:cbcc
2606:4700::6811:d5cc
2606:4700::6811:edcc
2606:4700::6812:15bf
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:5f80:a::b212:e7d1
34.120.195.249
34.209.192.116
52.16.248.108
52.222.236.63
54.187.159.182
54.93.61.38
019a30e6fdaaa6da4800602cffe0ffe97b3ccf895716146e3fdeea51de821e8e
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0c028aaf164d6f33d917882e8ee8eb1329f990e8c6ebb81a2ac87ec31c9055a2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1313e766040033df914a0e16ecca6594aedafad5c96fd92f7f91f2b98d7826d6
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
3fe69526fd17018bbb6bc1845ca6ffbdcb18ec66bed1614a7fa0f97f5c761569
407a82e1ae1bd4eaea7cdd57be15a78bb9761ff5ee6b265ada18f34303ba57b2
43a68281c1d759e7214cb0c6699944953819e5a5bb78777e65fb87fecb6170f6
440336e08262bfa81a8d15e52d236a474c9455e84cebca5eccbd724c5c88526e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f5d55d4e28ebd45363ab6c37487583ab93f53e53be84657dc7ddba7bcb61336
5047f1e6270d0560e55a614449d6804eff807b631064d6a54fed4ec981cecd38
514e24395e4107ebc746b2a937927a8011456d7353c0ae5443e820b12c7ed574
54a9f57502fd1455793f00ff6761a427bdc947f5245b88379b93ef6b669f94b6
56dde46e7f9e885e2414a5c5d6ac1789e267ad38a9a2b3d31a3edfdbb059c9fd
5f90d8f41955fc5b768b6f242677c19259d754baec5c8ca4cf0b24350d5ff325
64e36983938066dda14f7e989bfb36d37721bc16b95374a21a2a86453b5677dd
663a1db71ddbd60d627a7908769394a5670ec341b8b38895923ab0f76ef2f378
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
76f754050e2c29ed1ee0e170536af6dfb5b48721068bc9fe786633289b024272
78a88b38cd5143f136506a09ddd5911e109b4960b41c59acaf84696b12cbe6f3
7cc0033315e203a9b3e41e56f8372b93c890b8137a6b47abcfc36909665c0f09
941b787e17cb44cc7f9adf9b01f106d4d75f9464d7600a2733d46263b295d6c0
983fa48569be0d72b3fe27ce64261e03b5d45cf8da85bd8173e9045dfca0b6c6
9c405c48d82ce7b077c4e101dd8286600093d4eedec5286aa3843df5f0391ea5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d03f1e3222487a45a38471f0fd3bbfa4cf8fe06b003d6e5b74c23446dea955c5
d88bd47c728735a6cb2b39de1712cd345e2642ce4fce08b4acb155353062b7d8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e021108db041eaccc3aa0c0a7ff558d17d71d4d0175b2083c47aec736dc144dd
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e812e5958f377af5da8ef9e9caaf71133c6a847976ed44b2dd1d21005500410f
e9408144a655e70fb72f0d139a614f7105b4447a11d10ae6ad5f18e805cf9810
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ed6eeb5dd9aae26c773433812fb389c99ce945e8ed57b82b97596911bb48947f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4
f88deb643f55e48a17dfea7cd33627868eedcf86c0dd3490f10f377587f52c2b
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

dev-authorisation.flyfreely.io Open in urlscan Pro 2606:4700:3030::6815:2ec0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

61 %IPv6

25 Domains

34 Subdomains

31 IPs

4 Countries

3062 kBTransfer

12265 kBSize

30 Cookies

2 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dev-authorisation.flyfreely.io Open in urlscan Pro
2606:4700:3030::6815:2ec0 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

61 %
IPv6

25
Domains

34
Subdomains

31
IPs

4
Countries

3062 kB
Transfer

12265 kB
Size

30
Cookies

57 HTTP transactions
1 data transactions