urlscan.io logo urlscan.io
SecurityTrails logo

password-screen-mobile.flexbase.app Open in urlscan Pro
2a03:b0c0:3:d0::143f:a001  Public Scan

Go To Rescan Add Verdict Report
URL: https://password-screen-mobile.flexbase.app/
Submission: On May 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 41 HTTP transactions. The main IP is 2a03:b0c0:3:d0::143f:a001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is password-screen-mobile.flexbase.app.
TLS certificate: Issued by R3 on May 27th 2022. Valid for: 3 months.
This is the only time password-screen-mobile.flexbase.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 143.204.98.31 16509 (AMAZON-02)
2 143.204.98.93 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 18.64.103.28 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 108.157.4.7 16509 (AMAZON-02)
3 2a03:2880:f11... 32934 (FACEBOOK)
2 34.255.23.179 16509 (AMAZON-02)
1 52.208.29.128 16509 (AMAZON-02)
4 151.101.194.217 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 54.86.9.34 14618 (AMAZON-AES)
1 1 108.157.4.103 16509 (AMAZON-02)
3 143.204.98.9 16509 (AMAZON-02)
1 99.83.219.81 16509 (AMAZON-02)
41 20
6    2a03:b0c0:3:d0::143f:a001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
password-screen-mobile.flexbase.app
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    143.204.98.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net
cdn.plaid.com
2    143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.64.103.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-28.txl50.r.cloudfront.net
script.hotjar.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net
vars.hotjar.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    34.255.23.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-23-179.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    52.208.29.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-29-128.eu-west-1.compute.amazonaws.com
ws2.hotjar.com
4    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    54.86.9.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-9-34.compute-1.amazonaws.com
events.launchdarkly.com
1    108.157.4.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-103.dus51.r.cloudfront.net
widget.intercom.io
3    143.204.98.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-9.fra50.r.cloudfront.net
js.intercomcdn.com
1    99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
8 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1909
events.launchdarkly.com — Cisco Umbrella Rank: 1477
1 KB
7 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 584
script.hotjar.com — Cisco Umbrella Rank: 713
vars.hotjar.com — Cisco Umbrella Rank: 832
in.hotjar.com — Cisco Umbrella Rank: 1585
ws2.hotjar.com — Cisco Umbrella Rank: 50935
68 KB
6 flexbase.app
password-screen-mobile.flexbase.app
9 MB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 320
www.linkedin.com — Cisco Umbrella Rank: 560
px4.ads.linkedin.com — Cisco Umbrella Rank: 5318
3 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2447
130 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
476 B
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2433
api-iam.intercom.io — Cisco Umbrella Rank: 2642
3 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
114 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 15269
73 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 760
3 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1297
41 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
68 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
1 KB
41 15
Domain Requested by
6 password-screen-mobile.flexbase.app password-screen-mobile.flexbase.app
4 events.launchdarkly.com password-screen-mobile.flexbase.app
4 app.launchdarkly.com password-screen-mobile.flexbase.app
3 js.intercomcdn.com widget.intercom.io
3 www.facebook.com password-screen-mobile.flexbase.app
2 fonts.gstatic.com fonts.googleapis.com
2 in.hotjar.com script.hotjar.com
password-screen-mobile.flexbase.app
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net password-screen-mobile.flexbase.app
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 static.hotjar.com password-screen-mobile.flexbase.app
www.googletagmanager.com
2 cdn.plaid.com password-screen-mobile.flexbase.app
cdn.plaid.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 ws2.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com password-screen-mobile.flexbase.app
1 www.linkedin.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 snap.licdn.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 www.googletagmanager.com password-screen-mobile.flexbase.app
1 fonts.googleapis.com password-screen-mobile.flexbase.app
41 23

This site contains no links.

Subject Issuer Validity Valid
password-screen-mobile.flexbase.app
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-06 -
2022-06-04		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
events.launchdarkly.com
Amazon		 2021-09-19 -
2022-10-17		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.intercom.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://password-screen-mobile.flexbase.app/
Frame ID: 72080E404A435848C0063A61DE269224
Requests: 33 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: A677E0D16D6E5EBC2496FDEAA759E7A7
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3a78045b.js
Frame ID: 94CE76E991E32846F69D6891472C8A91
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flexbase

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

41
Requests

95 %
HTTPS

45 %
IPv6

15
Domains

23
Subdomains

20
IPs

3
Countries

9815 kB
Transfer

16012 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2898857&time=1653684605113&url=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2898857%26time%3D1653684605113%26url%3Dhttps%253A%252F%252Fpassword-screen-mobile.flexbase.app%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2898857&time=1653684605113&url=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2898857&time=1653684605113&url=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F&liSync=true&e_ipv6=AQKOtgeU0Vo4cQAAAYEHSJX9ctAKkflSischvRwAIzgEwtMAZCghQGzuQtEiULSAeGUmTMKtOFW0IQ
Request Chain 32
  • https://widget.intercom.io/widget/fysqur9z HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
password-screen-mobile.flexbase.app/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:b0c0:3:d0::143f:a001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
40946a1b46b19ab0fb2122667d4ada7113505461ab146e82aa9699cd9b567259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 27 May 2022 20:50:04 GMT
etag
"6529601771fd59ef8f0a4dd9d4360519-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01G43MH3GKJP0J8NWCE3WE50S7
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;700&family=Titillium+Web:wght@400;700&display=swap
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4985f9bc0936b23426cb95ce738d2c69f9a7a5c7850420406f0174565be34029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 27 May 2022 20:50:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 27 May 2022 20:50:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 May 2022 20:50:04 GMT
index.css
password-screen-mobile.flexbase.app/src/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://password-screen-mobile.flexbase.app/src/index.css
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:b0c0:3:d0::143f:a001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
40946a1b46b19ab0fb2122667d4ada7113505461ab146e82aa9699cd9b567259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id
01G43MH3NQYY436R60QTHMGZ0K
date
Fri, 27 May 2022 20:50:04 GMT
content-encoding
br
server
Netlify
age
0
etag
"6529601771fd59ef8f0a4dd9d4360519-ssl-df"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a40bccb1c0f66459f283126bdbaa3c94e5e1bb11c11e904f364a3e6280c7cbe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
jggAcJa.XOc8xTJey0WlXu0u7IvOaEbL
content-encoding
gzip
etag
W/"b5d0a0d1da5029c3fa85537007957743"
age
13014
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-request-id
4A0PZYQPNSNQD543
x-amz-id-2
dDsfPfiHepc6PsWSPWstV3GOF7CMTjPouBfjwkOCoel1fbPHwFl0PUQXHFY9xLNIR+x13RuTcp8=
last-modified
Thu, 26 May 2022 16:37:30 GMT
server
AmazonS3
date
Fri, 27 May 2022 17:13:11 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
NLfpT1DhdQU2J4kI2k3mEjA6qW0jrrpWa6saZeGX_xl6el-5KrPDVA==
main.1e2081fd.js
password-screen-mobile.flexbase.app/static/js/ 		14 MB
9 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://password-screen-mobile.flexbase.app/static/js/main.1e2081fd.js
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:b0c0:3:d0::143f:a001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
455a278eed84010b2a6ae4bb9e5de8022aa841902571babcc107a90c1135accb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id
01G43MH3VCFFE4NTC14NBAXB3A
date
Fri, 27 May 2022 20:50:04 GMT
content-encoding
br
server
Netlify
age
2
etag
"14e0a7cd1af4e2f97cb8b2ddc7064813-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
main.0ba7bcbe.css
password-screen-mobile.flexbase.app/static/css/ 		43 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://password-screen-mobile.flexbase.app/static/css/main.0ba7bcbe.css
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:b0c0:3:d0::143f:a001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
b7cb6c49d3ec8988ea9e9ec3a82357149cdad09067cc1694c149b40b2f8d0a02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id
01G43MH3NRZHABEKWVP053M5TZ
date
Fri, 27 May 2022 20:50:04 GMT
content-encoding
br
server
Netlify
age
0
etag
"60f94f51dd85daac8e50781071dcf670-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
hotjar-2328754.js
static.hotjar.com/c/ 		0
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2328754.js?sv=6
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-93.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:04 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
etag
W/d41d8cd98f00b204e9800998ecf8427e
x-cache-hit
1
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
1U2RdDJSRkLWBE3QV7GQZa3RYCjtG83-0ezOV43UHkBoUg7gFjDESg==
link-dynamic-loader.js
cdn.plaid.com/link/2.0.1336/ 		0
42 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/2.0.1336/link-dynamic-loader.js
Requested by
Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
twi6dsFIDgdrqN1V2dw61oqQkPUfrlI.
content-encoding
gzip
etag
W/"18225b2eba84b3103b461ba84b54998e"
age
13011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 26 May 2022 16:37:30 GMT
server
AmazonS3
date
Fri, 27 May 2022 17:13:14 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KWw0SoS16kxjwsOBmk0EhmbDXRM3OcoejNZavfYGjV4vLZdM80wjjA==
gtm.js
www.googletagmanager.com/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MTJK9FZ
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44aad6aa72d8e91b4fbbf48d0ca8be761e1fa2df82315414f6ade43decdb6cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68718
x-xss-protection
0
last-modified
Fri, 27 May 2022 18:56:13 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 27 May 2022 20:50:04 GMT
optimize.js
www.googleoptimize.com/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-K2GRBQG
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJK9FZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db18cf43134c7d3da01c6a7ca6bc13d46cf35271f7449d5440460f2c2d9e52df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41287
x-xss-protection
0
expires
Fri, 27 May 2022 20:50:05 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJK9FZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1857
date
Fri, 27 May 2022 20:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 27 May 2022 22:19:08 GMT
hotjar-2328562.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2328562.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJK9FZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-93.fra50.r.cloudfront.net
Software
/
Resource Hash
2dbc2f4bfa09dfbb8e7d6fdd261100331ab61f90422f2413934f540a1dc6486d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:05 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/dc546bb603b263d3cf3eba6301ece15a
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
j4HL5cRyNUvHjjjwQB4xf0cFOYVTg-OfUfx1UGT3GqZctXoWLEY-4g==
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTJK9FZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 20:50:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=17402
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
h0pky2Mufz9XcW2+hgheFu7XXIVfyl4FPKli/ZTm2p3nVUqBJj5i+4/BSB6UmllZkx4SUCqjoaJPV5WKogWZBg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 27 May 2022 20:50:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.7a321ecb93fde9f07226.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7a321ecb93fde9f07226.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2328562.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-28.txl50.r.cloudfront.net
Software
/
Resource Hash
ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
291838
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63914
access-control-allow-origin
*
last-modified
Tue, 24 May 2022 11:46:00 GMT
etag
"913be037dec49b596e1cf5ff932a2a6e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d2182626bf7a31d463bb4b9335724f24.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
JfohoySOBhNgi8w9_ehs2exW4Lh7a0aQtpz86GbU8l6FaJL0v2LzsA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2898857&time=1653684605113&url=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2898857%26time%3D1653684605113%26url%3Dhttps%253A%252F%252Fpassword-screen-mobile...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2898857&time=1653684605113&url=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2898857&time=1653684605113&url=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F&liSync=true&e_ipv6=AQKOtgeU0Vo4cQAAAYEHSJX9ctAKkflSischvRwAIz...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2898857&time=1653684605113&url=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F&liSync=true&e_ipv6=AQKOtgeU0Vo4cQAAAYEHSJX9ctAKkflSischvRwAIzgEwtMAZCghQGzuQtEiULSAeGUmTMKtOFW0IQ
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/new-login?path=/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:06 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CA3F06DBBABC4B10A1CB2241741A7D4D Ref B: FRAEDGE1211 Ref C: 2022-05-27T20:50:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgBHON5OjhDG2zu+a9jw==
x-li-fabric
prod-lor1

Redirect headers

date
Fri, 27 May 2022 20:50:05 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 32FC92067DBB437DB0F4E6B63860633B Ref B: FRAEDGE1210 Ref C: 2022-05-27T20:50:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2898857&time=1653684605113&url=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F&liSync=true&e_ipv6=AQKOtgeU0Vo4cQAAAYEHSJX9ctAKkflSischvRwAIzgEwtMAZCghQGzuQtEiULSAeGUmTMKtOFW0IQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgBHOJvN6uxI845HtjNw==
224952885315139
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/224952885315139?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
124eaa752ba185b65d616c25e03007bdb36ddd575a0ae7878a9b9c3435ff951f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
hAv4NP/jrFWjG5KiLxgpQ88eXyGrGY2spyhUaFjVazEgGO/hi7VmqfJ4WCI5V3QE7VXd7wGo2tRb51pvwJJV/g==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 27 May 2022 20:50:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1653684605226
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=265519470&t=pageview&_s=1&dl=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F&ul=en-us&de=UTF-8&dt=Flexbase&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=11500986&gjid=606106454&cid=1618338838.1653684605&tid=UA-150388230-2&_gid=1486735508.1653684605&_r=1&gtm=2wg5p1MTJK9FZ&z=2071272443
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://password-screen-mobile.flexbase.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 20:50:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://password-screen-mobile.flexbase.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame A677 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2328562.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-7.dus51.r.cloudfront.net
Software
/
Resource Hash
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer
https://password-screen-mobile.flexbase.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3837659
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 10:49:06 GMT
etag
"1635635016e428baa170305e9282c34a"
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
vary
Accept-Encoding
via
1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
x-amz-cf-id
Xq9-XBSNJD-Wdss2SwK8u53fx-Hart6uwhbu56KPxQSL5TP6kh6s_g==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=224952885315139&ev=PageView&dl=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2F&rl=&if=false&ts=1653684605692&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653684605691.1653945384&it=1653684605119&coo=false&exp=p0&rqm=GET
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 27 May 2022 20:50:05 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2328562/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2328562/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7a321ecb93fde9f07226.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.23.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-23-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468

Request headers

Referer
https://password-screen-mobile.flexbase.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 27 May 2022 20:50:05 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
content
ws2.hotjar.com/api/v2/sites/2328562/recordings/ 		66 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws2.hotjar.com/api/v2/sites/2328562/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7a321ecb93fde9f07226.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-29-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
811488d419f3110a1909431f5b16f0d1bbf89b9fd16d14e4590f5827bdbb5013

Request headers

Referer
https://password-screen-mobile.flexbase.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 27 May 2022 20:50:06 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
607c57ef77d6c10bd197b7a6
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/607c57ef77d6c10bd197b7a6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://password-screen-mobile.flexbase.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 27 May 2022 20:50:06 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4065-HHN
x-timer
S1653684606.456558,VS0,VE95
607c57ef77d6c10bd197b7a6
app.launchdarkly.com/sdk/goals/ 		2 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/607c57ef77d6c10bd197b7a6
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/static/js/main.1e2081fd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://password-screen-mobile.flexbase.app/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.19.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
MISS
access-control-max-age
300
date
Fri, 27 May 2022 20:50:06 GMT
content-length
26
x-served-by
cache-hhn4065-HHN
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1653684607.571793,VS0,VE272
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk2ZDc4MGEwLWRkZmUtMTFlYy1iNGQ0LTlmN2YyYTc0ODQ0YSJ9
app.launchdarkly.com/sdk/evalx/607c57ef77d6c10bd197b7a6/users/ 		292 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/607c57ef77d6c10bd197b7a6/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk2ZDc4MGEwLWRkZmUtMTFlYy1iNGQ0LTlmN2YyYTc0ODQ0YSJ9
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/static/js/main.1e2081fd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e4277c78eb8007dfaca61827ebcce90eaa9a67610cdfa84e190e2cc4d17bca5

Request headers

Referer
https://password-screen-mobile.flexbase.app/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.19.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:07 GMT
content-encoding
gzip
vary
Authorization, Accept-Encoding
age
0
x-cache
MISS
content-length
130
x-served-by
cache-hhn4074-HHN, cache-hhn4065-HHN
access-control-allow-origin
*
x-timer
S1653684607.839192,VS0,VE636
etag
"30dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk2ZDc4MGEwLWRkZmUtMTFlYy1iNGQ0LTlmN2YyYTc0ODQ0YSJ9
app.launchdarkly.com/sdk/evalx/607c57ef77d6c10bd197b7a6/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/607c57ef77d6c10bd197b7a6/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6Ijk2ZDc4MGEwLWRkZmUtMTFlYy1iNGQ0LTlmN2YyYTc0ODQ0YSJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://password-screen-mobile.flexbase.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 27 May 2022 20:50:06 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4065-HHN
x-timer
S1653684606.456659,VS0,VE362
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=224952885315139&ev=PageView&dl=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2Fnew-login%3Fpath%3D%2F&rl=&if=false&ts=1653684606390&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1653684605691.1653945384&it=1653684605119&coo=false&exp=p0&rqm=GET
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/new-login?path=/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 27 May 2022 20:50:06 GMT
phone.5255a2d696dc121113ef.png
password-screen-mobile.flexbase.app/static/media/ 		521 KB
521 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://password-screen-mobile.flexbase.app/static/media/phone.5255a2d696dc121113ef.png
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/new-login?path=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:b0c0:3:d0::143f:a001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
d2d59fbfd789f297ee0f860735effaf990aca7efcde8a349c2859f4969307c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/new-login?path=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id
01G43MH5EKMRH6HVT6QY44FMRH
date
Fri, 27 May 2022 20:50:06 GMT
server
Netlify
age
0
etag
"c08dc5fe734cc798e71401c511d95f40-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
533237
backgroundLogin.2c8cd55eba6ba330d86d3b357a3ac274.svg
password-screen-mobile.flexbase.app/static/media/ 		2 KB
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://password-screen-mobile.flexbase.app/static/media/backgroundLogin.2c8cd55eba6ba330d86d3b357a3ac274.svg
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/new-login?path=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:b0c0:3:d0::143f:a001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
b858fd2472d419be42bc431d8427fc74cad12bfe74cfbb5c36e54061308298ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/new-login?path=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id
01G43MH5EKV11E9RHB9FEZDJ2W
date
Fri, 27 May 2022 20:50:06 GMT
content-encoding
br
server
Netlify
age
0
etag
"3e0d81d1a6f030748340a3c51d5424de-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
622
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;700&family=Titillium+Web:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://password-screen-mobile.flexbase.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 23 May 2022 12:43:04 GMT
x-content-type-options
nosniff
age
374822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 12:43:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;700&family=Titillium+Web:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://password-screen-mobile.flexbase.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 23 May 2022 11:07:47 GMT
x-content-type-options
nosniff
age
380539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 11:07:47 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2328562/ 		147 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2328562/visit-data?sv=6
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/static/js/main.1e2081fd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.23.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-23-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468

Request headers

Referer
https://password-screen-mobile.flexbase.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 27 May 2022 20:50:06 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
607c57ef77d6c10bd197b7a6
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/607c57ef77d6c10bd197b7a6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.9.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-9-34.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://password-screen-mobile.flexbase.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 27 May 2022 20:50:07 GMT
strict-transport-security
max-age=31536000
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/fysqur9z
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-9.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959a7cac15a1f9682765d12707e81ed9dfe3c19fca44449755c6b9fff50b8604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 27 May 2022 20:49:59 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 14:34:54 GMT
server
AmazonS3
age
8
etag
"c65aa2265ef217e67b5b5348a5d7b16e"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6152
x-amz-cf-id
POqWP45927iHvOXKKMIdGS1AacEvkr7DfcliLzrEkE1MbrsBxBN91Q==

Redirect headers

date
Thu, 03 Feb 2022 10:14:34 GMT
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
server
AmazonS3
age
9801333
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
VtpdegktYB97fDgwvKIKJ60mXDbi1SWCfnCrtSDt7wlznSTgFlcl4A==
607c57ef77d6c10bd197b7a6
events.launchdarkly.com/events/diagnostic/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/607c57ef77d6c10bd197b7a6
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/static/js/main.1e2081fd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.9.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-9-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://password-screen-mobile.flexbase.app/
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.19.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 May 2022 20:50:07 GMT
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
strict-transport-security
max-age=31536000
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
frame-modern.3a78045b.js
js.intercomcdn.com/ Frame 94CE 		314 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.3a78045b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/fysqur9z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-9.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
543ebc1d715f63c1da3be659c2b3d98eba61eda89687ced5b4736cc9c65492f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 27 May 2022 20:34:58 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 14:33:41 GMT
server
AmazonS3
age
910
etag
"aeef7575d8cffffaa337eb1d4c400ef9"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
85286
x-amz-cf-id
xN_fiyGaR4wTPkvSTMC6EeILOACJvTjYevLVpZg_9V5Mufcagc0TXw==
vendor-modern.cad3c854.js
js.intercomcdn.com/ Frame 94CE 		129 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.cad3c854.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/fysqur9z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-9.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
048339dbc6b0c1f487d9a9f9b3870b48623722eee383463d5ba945a3c14d051e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 27 May 2022 20:11:09 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 14:09:51 GMT
server
AmazonS3
age
2339
etag
"ad4a00363718d01f4831b4c36c32874f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
40095
x-amz-cf-id
AgHeUc3f3aiAOoy7_WDDDjkSbWPJ6ZWdLO7ibZ1uf75cNpv126BuyA==
ping
api-iam.intercom.io/messenger/web/ Frame 94CE 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3a78045b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
3e02e429911d91e60acf2c252d52b77d2d47eeec7326021c79bfde45e331a855
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 27 May 2022 20:50:07 GMT
content-encoding
gzip
x-ami-version
ami-0b6a6480dd0a84b5c
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0005orgr3qfo7t075c3g
x-runtime
0.280926
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"3e02e429911d91e60acf2c252d52b77d"
x-ratelimit-remaining
13332
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://password-screen-mobile.flexbase.app
x-intercom-version
4ee0f5c0584bbe60589c1af2faee13a52a0cc418
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1653684610
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=224952885315139&ev=Microdata&dl=https%3A%2F%2Fpassword-screen-mobile.flexbase.app%2Fnew-login%3Fpath%3D%2F&rl=&if=false&ts=1653684607385&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Flexbase%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1653684605691.1653945384&it=1653684605119&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://password-screen-mobile.flexbase.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 20:50:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 27 May 2022 20:50:07 GMT
607c57ef77d6c10bd197b7a6
events.launchdarkly.com/events/bulk/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/607c57ef77d6c10bd197b7a6
Requested by
Host: password-screen-mobile.flexbase.app
URL: https://password-screen-mobile.flexbase.app/static/js/main.1e2081fd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.9.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-9-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://password-screen-mobile.flexbase.app/
X-LaunchDarkly-Payload-ID
984df400-ddfe-11ec-b4d4-9f7f2a74844a
X-LaunchDarkly-Event-Schema
3
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.19.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 27 May 2022 20:50:09 GMT
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
strict-transport-security
max-age=31536000
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
607c57ef77d6c10bd197b7a6
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/607c57ef77d6c10bd197b7a6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.9.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-9-34.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://password-screen-mobile.flexbase.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 27 May 2022 20:50:08 GMT
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| hj object| _hjSettings function| Intercom object| Plaid object| webpackJsonpPlaid object| __core-js_shared__ object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins function| lintrk boolean| _already_called_lintrk object| google_optimize object| gaGlobal object| gaData object| regeneratorRuntime object| __SENTRY__ object| core object| process function| __intercomAssignLocation

21 Cookies

Domain/Path Name / Value
.flexbase.app/ Name: _gcl_au
Value: 1.1.1271137604.1653684605
.flexbase.app/ Name: _ga
Value: GA1.2.1618338838.1653684605
.flexbase.app/ Name: _gid
Value: GA1.2.1486735508.1653684605
.flexbase.app/ Name: _gat_UA-150388230-2
Value: 1
.flexbase.app/ Name: _fbp
Value: fb.1.1653684605691.1653945384
.flexbase.app/ Name: _hjSessionUser_2328562
Value: eyJpZCI6IjU2MThiOWViLTI3NjMtNWY1ZC05OWZmLWUyYWI4NWMxZmYwYiIsImNyZWF0ZWQiOjE2NTM2ODQ2MDU3NjYsImV4aXN0aW5nIjpmYWxzZX0=
.flexbase.app/ Name: _hjFirstSeen
Value: 1
password-screen-mobile.flexbase.app/ Name: _hjIncludedInSessionSample
Value: 1
.flexbase.app/ Name: _hjSession_2328562
Value: eyJpZCI6IjA1NGU3OGIwLTUxZjUtNDU4NS1iZDljLTlhOTE0NzA2YzIzOSIsImNyZWF0ZWQiOjE2NTM2ODQ2MDU3ODQsImluU2FtcGxlIjp0cnVlfQ==
password-screen-mobile.flexbase.app/ Name: _hjIncludedInPageviewSample
Value: 1
.flexbase.app/ Name: _hjAbsoluteSessionInProgress
Value: 0
.linkedin.com/ Name: UserMatchHistory
Value: AQLKL7BS0891EgAAAYEHSJNOOK6r9ZltAbYplLyzdZRngotKKSGovnPgdmGSMvZpkAMzgXy-GPeQ4w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQI-Zm-IaRxNVQAAAYEHSJNOmYdhkdWfPkMAoENrAKPbT3vBx0lnv9Rsc0M-4KSNvfO8MYdYiHvYtFvw-IYrVg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c78ffe83-38b6-49a3-8e9e-f3b33766c743"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2680:u=1:x=1:i=1653684605:t=1653771005:v=2:sig=AQESrxtRuWBplZlISEEfT4sDx79ocASX"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202205272050053984798c-e56d-447e-8d3f-d2e482b246e1AQGlAohIR9M0uhSUvHa-G9fH8eltmO8c"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTM2ODQ2MDU7MjswMjFjzvEruylqhM4zHDmEopz0CTtVNSOrwmQGLIa0b4DEhg==
.flexbase.app/ Name: intercom-id-fysqur9z
Value: 6d6b9e22-c79e-4c97-a170-94b6baa18e47
.flexbase.app/ Name: intercom-session-fysqur9z
Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
app.launchdarkly.com
cdn.plaid.com
connect.facebook.net
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
js.intercomcdn.com
password-screen-mobile.flexbase.app
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
vars.hotjar.com
widget.intercom.io
ws2.hotjar.com
www.facebook.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
108.157.4.103
108.157.4.7
13.107.42.14
143.204.98.31
143.204.98.9
143.204.98.93
151.101.194.217
18.64.103.28
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:803::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200a
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:b0c0:3:d0::143f:a001
34.255.23.179
52.208.29.128
54.86.9.34
99.83.219.81
048339dbc6b0c1f487d9a9f9b3870b48623722eee383463d5ba945a3c14d051e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124eaa752ba185b65d616c25e03007bdb36ddd575a0ae7878a9b9c3435ff951f
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
2dbc2f4bfa09dfbb8e7d6fdd261100331ab61f90422f2413934f540a1dc6486d
3e02e429911d91e60acf2c252d52b77d2d47eeec7326021c79bfde45e331a855
40946a1b46b19ab0fb2122667d4ada7113505461ab146e82aa9699cd9b567259
44aad6aa72d8e91b4fbbf48d0ca8be761e1fa2df82315414f6ade43decdb6cd4
455a278eed84010b2a6ae4bb9e5de8022aa841902571babcc107a90c1135accb
4985f9bc0936b23426cb95ce738d2c69f9a7a5c7850420406f0174565be34029
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
543ebc1d715f63c1da3be659c2b3d98eba61eda89687ced5b4736cc9c65492f7
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
811488d419f3110a1909431f5b16f0d1bbf89b9fd16d14e4590f5827bdbb5013
959a7cac15a1f9682765d12707e81ed9dfe3c19fca44449755c6b9fff50b8604
9e4277c78eb8007dfaca61827ebcce90eaa9a67610cdfa84e190e2cc4d17bca5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a40bccb1c0f66459f283126bdbaa3c94e5e1bb11c11e904f364a3e6280c7cbe7
b7cb6c49d3ec8988ea9e9ec3a82357149cdad09067cc1694c149b40b2f8d0a02
b858fd2472d419be42bc431d8427fc74cad12bfe74cfbb5c36e54061308298ce
d2d59fbfd789f297ee0f860735effaf990aca7efcde8a349c2859f4969307c0e
db18cf43134c7d3da01c6a7ca6bc13d46cf35271f7449d5440460f2c2d9e52df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615