urlscan.io logo urlscan.io
SecurityTrails logo

accounts.falcon.io Open in urlscan Pro
2606:4700::6812:f2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.falcon.io/ls/click?upn=kdREpAkUbEhXypZpxkF6-2F5eqzwYghv3YtRKAbVS1xH4-3DPVQM_YQMICjGpuYFrvNIvA9S-2BbWgNQZtQ...
Effective URL: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp....
Submission: On February 24 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 29 HTTP transactions. The main IP is 2606:4700::6812:f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts.falcon.io. The Cisco Umbrella rank of the primary domain is 244302.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 8th 2023. Valid for: a year.
This is the only time accounts.falcon.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.78.252.64 16509 (AMAZON-02)
8 18.66.122.129 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
29 7
14    2606:4700::6812:f2 (United States)

ASN13335 (CLOUDFLARENET, US)
link.falcon.io
app.falcon.io
accounts.falcon.io
1    54.78.252.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-252-64.eu-west-1.compute.amazonaws.com
frontend-importmap.apps.aws.live.brandwatch.net
8    18.66.122.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-129.fra60.r.cloudfront.net
cdn.falcon.io
3    2606:4700::6811:ba58 (United States)

ASN13335 (CLOUDFLARENET, US)
falcon.report-uri.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o98544.ingest.sentry.io
Apex Domain
Subdomains		 Transfer
22 falcon.io
link.falcon.io
app.falcon.io — Cisco Umbrella Rank: 259175
accounts.falcon.io — Cisco Umbrella Rank: 244302
cdn.falcon.io — Cisco Umbrella Rank: 281043
1 MB
3 report-uri.com
falcon.report-uri.com
2 KB
1 sentry.io
o98544.ingest.sentry.io — Cisco Umbrella Rank: 440630
275 B
1 gstatic.com
fonts.gstatic.com
11 KB
1 brandwatch.net
frontend-importmap.apps.aws.live.brandwatch.net — Cisco Umbrella Rank: 443445
2 KB
29 5
Domain Requested by
11 accounts.falcon.io accounts.falcon.io
8 cdn.falcon.io app.falcon.io
cdn.falcon.io
3 falcon.report-uri.com app.falcon.io
2 app.falcon.io
1 o98544.ingest.sentry.io cdn.falcon.io
1 fonts.gstatic.com app.falcon.io
1 frontend-importmap.apps.aws.live.brandwatch.net app.falcon.io
1 link.falcon.io 1 redirects
29 8

This site contains links to these domains. Also see Links.

Domain
www.brandwatch.com
Subject Issuer Validity Valid
falcon.io
Cloudflare Inc ECC CA-3		 2023-01-08 -
2024-01-07		 a year crt.sh
frontend-importmap.apps.aws.live.brandwatch.net
R3		 2023-01-09 -
2023-04-09		 3 months crt.sh
cdn.falcon.io
Amazon		 2022-11-23 -
2023-12-21		 a year crt.sh
*.report-uri.com
E1		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.ingest.sentry.io
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp.falcon.io%2F&state=bdf655aa-ecb0-4f6d-858a-50e744289933&response_mode=fragment&response_type=code&scope=openid&nonce=399ae510-18db-4dad-b3a8-1ddd4f6592ce
Frame ID: 49A96ED05C7C261C5D7A010F191D3ED8
Requests: 22 HTTP requests in this frame

Frame: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 371432FFD7DFAA3EF2960E3274305C64
Requests: 4 HTTP requests in this frame

Frame: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/login-status-iframe.html
Frame ID: AD025B3B1910FBE24F18FA6531693433
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to Social Media Management

Page URL History Show full URLs

  1. https://link.falcon.io/ls/click?upn=kdREpAkUbEhXypZpxkF6-2F5eqzwYghv3YtRKAbVS1xH4-3DPVQM_YQMICjGpuY... HTTP 302
    https://app.falcon.io/ Page URL
  2. https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_ur... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

29
Requests

93 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

1132 kB
Transfer

3265 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.falcon.io/ls/click?upn=kdREpAkUbEhXypZpxkF6-2F5eqzwYghv3YtRKAbVS1xH4-3DPVQM_YQMICjGpuYFrvNIvA9S-2BbWgNQZtQIRU3jlSzjHGtAmICUd0PyUzx2vrhXEuIt3V3dO0fSDO7ZBWQGJG2PxiZ7H8jE-2B0ovX3cbV5GOHspJ2zsaZgD9g-2FfWWGDRcVqw9Cs5e3ZQEElvPqvSnrgVy6TEf7h4NnxaFgiYJJCFI0NIBkJcr9eK00OQGFHVpgzRGOTeLYOG4C7b9FApCWRQn4GbCiIIz4FnCvQlAHCsgHcREM7azaZmUSTFlMLgI105N6abaStshHbaS9q1xttsa9rQWVK9i2xWfkNPrMQi-2BsTCb8-3D HTTP 302
    https://app.falcon.io/ Page URL
  2. https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp.falcon.io%2F&state=bdf655aa-ecb0-4f6d-858a-50e744289933&response_mode=fragment&response_type=code&scope=openid&nonce=399ae510-18db-4dad-b3a8-1ddd4f6592ce Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://link.falcon.io/ls/click?upn=kdREpAkUbEhXypZpxkF6-2F5eqzwYghv3YtRKAbVS1xH4-3DPVQM_YQMICjGpuYFrvNIvA9S-2BbWgNQZtQIRU3jlSzjHGtAmICUd0PyUzx2vrhXEuIt3V3dO0fSDO7ZBWQGJG2PxiZ7H8jE-2B0ovX3cbV5GOHspJ2zsaZgD9g-2FfWWGDRcVqw9Cs5e3ZQEElvPqvSnrgVy6TEf7h4NnxaFgiYJJCFI0NIBkJcr9eK00OQGFHVpgzRGOTeLYOG4C7b9FApCWRQn4GbCiIIz4FnCvQlAHCsgHcREM7azaZmUSTFlMLgI105N6abaStshHbaS9q1xttsa9rQWVK9i2xWfkNPrMQi-2BsTCb8-3D HTTP 302
  • https://app.falcon.io/

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.falcon.io/
Redirect Chain
  • https://link.falcon.io/ls/click?upn=kdREpAkUbEhXypZpxkF6-2F5eqzwYghv3YtRKAbVS1xH4-3DPVQM_YQMICjGpuYFrvNIvA9S-2BbWgNQZtQIRU3jlSzjHGtAmICUd0PyUzx2vrhXEuIt3V3dO0fSDO7ZBWQGJG2PxiZ7H8jE-2B0ovX3cbV5GOHsp...
  • https://app.falcon.io/
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad05813ab377b5b2fcc3e4293c7e2af1ac72015a913e16019ef0edf5e768644d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; form-action https://messenger-apps.intercom.io https://*.statuspage.io; default-src 'self' https://cdn.falcon.io; script-src 'nonce-fd637a716122367166de57400a49bea8' 'strict-dynamic' 'self' data: https://cdn.falcon.io https://accounts.falcon.io https://frontend-importmap.apps.aws.live.brandwatch.net https://assets.brandwatch.com https://cdnjs.cloudflare.com https://fast.wistia.com https://*.googleapis.com https://*.cloudfront.net https://cdn.segment.com https://cdn.cookielaw.org https://code.jquery.com https://connect.facebook.net https://fast.appcues.com https://*.google-analytics.com https://cdn.mxpnl.com https://www.gstatic.com https://www.youtube.com https://*.ytimg.com https://widget.intercom.io https://www.photoeditorsdk.com https://api.photoeditorsdk.com https://js.intercomcdn.com https://s3.eu-central-1.amazonaws.com https://www.instagram.com https://static.filestackapi.com https://js.driftt.com; worker-src blob:; child-src blob:; connect-src 'self' blob: https://accounts.falcon.io https://cdn.falcon.io https://assets.brandwatch.com https://proxy.falcon.io https://www.falcon.io wss://app.falcon.io https://*.intercom.io wss://*.intercom.io https://uploads.intercomcdn.com https://api.appcues.net wss://api.appcues.net https://fast.appcues.com https://api.segment.io https://api-js.mixpanel.com https://api-eu.mixpanel.com https://js.intercomcdn.com https://www.google-analytics.com https://*.sentry.io https://api.photoeditorsdk.com https://falconsocial.zendesk.com https://api.instagram.com https://www.instagram.com https://cdn.filestackcontent.com https://*.filestackapi.com https://s3.amazonaws.com https://falcon-advertise-exports.s3.eu-central-1.amazonaws.com https://falcon-advertise-images.s3.eu-central-1.amazonaws.com https://falcon-advertise-videos.s3.eu-central-1.amazonaws.com https://cdn.cookielaw.org https://*.onetrust.com https://*.licdn.com https://cdn.segment.com https://www.tiktok.com; img-src * data: blob:; style-src 'self' 'unsafe-inline' https://cdn.falcon.io https://*.googleapis.com https://fast.appcues.com https://static.filestackapi.com https://optanon.blob.core.windows.net; font-src 'self' data: https://cdn.falcon.io https://fonts.gstatic.com https://s3.eu-central-1.amazonaws.com https://js.intercomcdn.com; frame-src 'self' blob: https://accounts.falcon.io https://fast.wistia.com https://fast.wistia.net https://intercom-sheets.com https://staticxx.facebook.com https://my.appcues.com https://www.youtube.com https://www.facebook.com https://www.instagram.com https://falcon-insights.brandwatch.com https://authz.nc.sandbox.pandium.com https://authz.nc.pandium.io https://imp.sandbox.pandium.com https://imp.pandium.io https://www.tiktok.com https://embedded.eu1.tray.io https://platform.twitter.com; media-src * data: blob:; frame-ancestors https://app.falcon.io; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
no-cache, must-revalidate
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
79e7abe4bca40e6c-AMS
content-encoding
br
content-security-policy
base-uri 'self'; form-action https://messenger-apps.intercom.io https://*.statuspage.io; default-src 'self' https://cdn.falcon.io; script-src 'nonce-fd637a716122367166de57400a49bea8' 'strict-dynamic' 'self' data: https://cdn.falcon.io https://accounts.falcon.io https://frontend-importmap.apps.aws.live.brandwatch.net https://assets.brandwatch.com https://cdnjs.cloudflare.com https://fast.wistia.com https://*.googleapis.com https://*.cloudfront.net https://cdn.segment.com https://cdn.cookielaw.org https://code.jquery.com https://connect.facebook.net https://fast.appcues.com https://*.google-analytics.com https://cdn.mxpnl.com https://www.gstatic.com https://www.youtube.com https://*.ytimg.com https://widget.intercom.io https://www.photoeditorsdk.com https://api.photoeditorsdk.com https://js.intercomcdn.com https://s3.eu-central-1.amazonaws.com https://www.instagram.com https://static.filestackapi.com https://js.driftt.com; worker-src blob:; child-src blob:; connect-src 'self' blob: https://accounts.falcon.io https://cdn.falcon.io https://assets.brandwatch.com https://proxy.falcon.io https://www.falcon.io wss://app.falcon.io https://*.intercom.io wss://*.intercom.io https://uploads.intercomcdn.com https://api.appcues.net wss://api.appcues.net https://fast.appcues.com https://api.segment.io https://api-js.mixpanel.com https://api-eu.mixpanel.com https://js.intercomcdn.com https://www.google-analytics.com https://*.sentry.io https://api.photoeditorsdk.com https://falconsocial.zendesk.com https://api.instagram.com https://www.instagram.com https://cdn.filestackcontent.com https://*.filestackapi.com https://s3.amazonaws.com https://falcon-advertise-exports.s3.eu-central-1.amazonaws.com https://falcon-advertise-images.s3.eu-central-1.amazonaws.com https://falcon-advertise-videos.s3.eu-central-1.amazonaws.com https://cdn.cookielaw.org https://*.onetrust.com https://*.licdn.com https://cdn.segment.com https://www.tiktok.com; img-src * data: blob:; style-src 'self' 'unsafe-inline' https://cdn.falcon.io https://*.googleapis.com https://fast.appcues.com https://static.filestackapi.com https://optanon.blob.core.windows.net; font-src 'self' data: https://cdn.falcon.io https://fonts.gstatic.com https://s3.eu-central-1.amazonaws.com https://js.intercomcdn.com; frame-src 'self' blob: https://accounts.falcon.io https://fast.wistia.com https://fast.wistia.net https://intercom-sheets.com https://staticxx.facebook.com https://my.appcues.com https://www.youtube.com https://www.facebook.com https://www.instagram.com https://falcon-insights.brandwatch.com https://authz.nc.sandbox.pandium.com https://authz.nc.pandium.io https://imp.sandbox.pandium.com https://imp.pandium.io https://www.tiktok.com https://embedded.eu1.tray.io https://platform.twitter.com; media-src * data: blob:; frame-ancestors https://app.falcon.io; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
content-type
text/html; charset=utf-8
date
Fri, 24 Feb 2023 10:55:53 GMT
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
link
</silent-check-sso.js>; rel=preload; as=script, <https://accounts.falcon.io/auth/js/keycloak.min.js>; rel=preload; as=script
permissions-policy
accelerometer=(), autoplay=(self), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
request;desc="Request Time";dur=0.003;
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
https://cdn.falcon.io, https://accounts.falcon.io, https://frontend-importmap.apps.aws.live.brandwatch.net SAMEORIGIN
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-falcon-request-id
e169d4cf4eddef2d8dfd0bd88fdff2f6
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
79e7abe14e4c0e6c-AMS
content-type
text/html; charset=utf-8
date
Fri, 24 Feb 2023 10:55:52 GMT
location
https://app.falcon.io/
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
silent-check-sso.js
app.falcon.io/ 		52 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.falcon.io/silent-check-sso.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493393ae5ee5da0924717eb5f3eab762d4505b3c488ff021fac0e9f0874a5084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.falcon.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-falcon-request-id
a251f203d857005192bcd2a1ff85acaf
server-timing
request;desc="Request Time";dur=0.002;
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 22:43:21 GMT
server
cloudflare
etag
W/"63f7ec09-34"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://app.falcon.io
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
cf-ray
79e7abe59e300e6c-AMS
keycloak.min.js
accounts.falcon.io/auth/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/js/keycloak.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c2731e40bdfd585de425b47fb9f7eeb80652807bdac2e4314fb23d5d43161e6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.falcon.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
content-security-policy
base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
x-falcon-request-id
33bc2a69f08b7e74dc7b90dfe0b957e8
server-timing
request;desc="Request Time";dur=0.003;
content-length
13930
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 24 Feb 2023 10:55:53 GMT
server
cloudflare
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
no-cache, must-revalidate, no-transform, no-store
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
cf-ray
79e7abe5ce760e6c-AMS
bootstrap.js
frontend-importmap.apps.aws.live.brandwatch.net/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-importmap.apps.aws.live.brandwatch.net/bootstrap.js
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.78.252.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-252-64.eu-west-1.compute.amazonaws.com
Software
bw-ingress/0.0.2 /
Resource Hash
260d0f3c28d78860d5194852d404592263e539c20e76635fbf5ecd5225fed174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.falcon.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
bw-ingress/0.0.2
etag
W/"5ae-5H7pHkvr3mA6JyHCHaMT0crFUW0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-store
feature-policy
vibrate 'self'; camera 'none'; microphone 'none'; geolocation 'none'; speaker 'none'; payment 'none'; gyroscope 'none'; magnetometer 'none'
content-length
1454
x-xss-protection
1; mode=block
styles.f2df71e11471b2fd.css
cdn.falcon.io/html-client/ 		470 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.falcon.io/html-client/styles.f2df71e11471b2fd.css
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
/
Resource Hash
8c267256adcd8c969863792ca3e9652c56b923752d918bb977d8bd71ed2f64da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.falcon.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 11:54:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
342055
x-cache
Hit from cloudfront
x-falcon-request-id
a8df7b7691c20ed1da0edbb44593d4ff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Feb 2023 11:47:25 GMT
etag
W/"63f35dcd-7582e"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, immutable, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
x-amz-cf-id
JE1Hs6XOv76lVPibHqavMEKAJKMFlaK8lsyN3QFHsBxFp2E7d6qdqg==
runtime.aa1733fc84a5ac7a.js
cdn.falcon.io/html-client/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.falcon.io/html-client/runtime.aa1733fc84a5ac7a.js
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
/
Resource Hash
378e93ebc981f020f857bd94e687a8947cfbd57dbb25ec86fab9a868688b09ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Origin
https://app.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:43:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
83550
x-cache
Hit from cloudfront
x-falcon-request-id
79bc8555a591922aac41859013f71a95
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 11:33:42 GMT
etag
W/"63f74f16-1e0e"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, immutable, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
x-amz-cf-id
shdritVbkx-_cwBA4SAEjR1-Mu-j3SisiJdFZtlMWva61RBLNfDTPg==
polyfills.7ef114ccb98ebb8a.js
cdn.falcon.io/html-client/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.falcon.io/html-client/polyfills.7ef114ccb98ebb8a.js
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
/
Resource Hash
f7be423e4800e304a82e1609c701b270f3679da5730c4d5851de150af2534744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Origin
https://app.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 07:26:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
790171
x-cache
Hit from cloudfront
x-falcon-request-id
e921764cdbcc5339fb13e78c1fd6d736
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Feb 2023 07:22:42 GMT
etag
W/"63ec8842-87b4"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, immutable, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
x-amz-cf-id
mgqN8IqcBkWMxpQ19KPOd5QU1PnRcqLjeEY4oY7GndJBGatlFRWrmw==
vendor.d7a10d438d18fa35.js
cdn.falcon.io/html-client/ 		1 MB
338 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.falcon.io/html-client/vendor.d7a10d438d18fa35.js
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
/
Resource Hash
facadf733b0951d11ad1760547bdc0401ba29995ee121edcd9f803dab2243f21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Origin
https://app.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 09:23:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
610367
x-cache
Hit from cloudfront
x-falcon-request-id
450b5942c174f10034319c501d6e0d31
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 17 Feb 2023 09:18:48 GMT
etag
W/"63ef4678-1104cf"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, immutable, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
x-amz-cf-id
_tOfKppQMLcycVUYtulbjX6LUBX5wk9jUGQwW1DG_ZHHj07VUqJCrA==
main.2a8d1971b3f4143a.js
cdn.falcon.io/html-client/ 		971 KB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.falcon.io/html-client/main.2a8d1971b3f4143a.js
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
/
Resource Hash
b2a91a501615555f09de101d2c7a28f5bc5eccef7938451748c6ac63abcadc50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Origin
https://app.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 23:03:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
42729
x-cache
Hit from cloudfront
x-falcon-request-id
38d71bc773f7af50d0b2cbb81e8dbd0b
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 22:43:21 GMT
etag
W/"63f7ec09-f2ae4"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, immutable, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
x-amz-cf-id
GmawKJ9g-QzTTcbkhWxswyfVRgGIGlJD-NJTqs54Hp6597QTphpOrg==
enforce
falcon.report-uri.com/r/t/csp/ 		0
612 B 		Other
General
Check archive.org
Download Go to
Full URL
https://falcon.report-uri.com/r/t/csp/enforce
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://app.falcon.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 24 Feb 2023 10:55:53 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
79e7abe61dc20b07-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.falcon.io/
Origin
https://app.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 06:55:05 GMT
x-content-type-options
nosniff
age
360048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2024 06:55:05 GMT
/
o98544.ingest.sentry.io/api/1303710/envelope/ 		2 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o98544.ingest.sentry.io/api/1303710/envelope/?sentry_key=ce5441ef32db486c9651b2715eb3be2e&sentry_version=7&sentry_client=sentry.javascript.angular%2F7.31.1
Requested by
Host: cdn.falcon.io
URL: https://cdn.falcon.io/html-client/polyfills.7ef114ccb98ebb8a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.falcon.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 24 Feb 2023 10:55:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
common.efdaf58122bbe9c8.js
cdn.falcon.io/html-client/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.falcon.io/html-client/common.efdaf58122bbe9c8.js
Requested by
Host: cdn.falcon.io
URL: https://cdn.falcon.io/html-client/runtime.aa1733fc84a5ac7a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
/
Resource Hash
388d366de847dd8a7ab8b25b1255a88b6a3a91bbc0476812f021eeb7b29b57a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Origin
https://app.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:43:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
83550
x-cache
Hit from cloudfront
x-falcon-request-id
49eddc78859233a3e00dfa6cb406a3da
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 11:33:42 GMT
etag
W/"63f74f16-15a48"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, immutable, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
x-amz-cf-id
c_SIdpgqNDKRDhNoHySG8-yP6pR-TuvNMJpHxxwZ7jyvOjSeUhcFnw==
3639.e722133d950b2363.js
cdn.falcon.io/html-client/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.falcon.io/html-client/3639.e722133d950b2363.js
Requested by
Host: cdn.falcon.io
URL: https://cdn.falcon.io/html-client/runtime.aa1733fc84a5ac7a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
/
Resource Hash
356d2500f845aa5dc2d2f149909f934d050f19fa664bcf91dfbcd77343727d64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Origin
https://app.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 10:41:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
346492
x-cache
Hit from cloudfront
x-falcon-request-id
494a16b444503d96294520d059862175
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Feb 2023 10:34:47 GMT
etag
W/"63f34cc7-2d4e"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, immutable, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
x-amz-cf-id
sOffL5WLWgrDErs2IvDAlMB1LrEbHivl9cSqzk2Zy1D42pvJLporNg==
3328.127c8f07e9f4fe4a.js
cdn.falcon.io/html-client/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.falcon.io/html-client/3328.127c8f07e9f4fe4a.js
Requested by
Host: cdn.falcon.io
URL: https://cdn.falcon.io/html-client/runtime.aa1733fc84a5ac7a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
/
Resource Hash
f0fd592b42fc378b74bae0e6e391f7da721f5fa4c000f29c125d7e4cd3ed088d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Origin
https://app.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 03:46:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
2617746
x-cache
Hit from cloudfront
x-falcon-request-id
a3d59dd55e9981d6ecf0992e944889f5
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 24 Jan 2023 16:07:26 GMT
etag
W/"63d0023e-4a0"
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://app.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, immutable, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, X-Falcon-Session, Content-Type, X-Requested-With, falconMobileAppVersion
x-amz-cf-id
IV0lvBVIpDl5P4p0ipp17mbFgHAgf_kR6EEmz80AnI4Ntjah5iSeCQ==
step1.html
accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/3p-cookies/ Frame 3714 		955 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/js/keycloak.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
access-control-allow-methods
GET, OPTIONS, POST, PUT
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
no-cache, must-revalidate, no-transform, no-store
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
79e7abe8ec260e6c-AMS
content-encoding
gzip
content-security-policy
default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
content-type
text/html;charset=utf-8
date
Fri, 24 Feb 2023 10:55:53 GMT
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
p3p
CP="This is not a P3P policy!"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
request;desc="Request Time";dur=0.003;
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
SAMEORIGIN
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-falcon-request-id
bb0f334ff8bc07c9093149e7f7d4ad47
x-robots-tag
none
x-xss-protection
1; mode=block
enforce
falcon.report-uri.com/r/t/csp/ Frame 3714 		0
0
step2.html
accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/3p-cookies/ Frame 3714 		1 KB
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/3p-cookies/step2.html
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/3p-cookies/step1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/3p-cookies/step1.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
access-control-allow-methods
GET, OPTIONS, POST, PUT
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
no-cache, must-revalidate, no-transform, no-store
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
79e7abe95cd30e6c-AMS
content-encoding
gzip
content-security-policy
default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
content-type
text/html;charset=utf-8
date
Fri, 24 Feb 2023 10:55:53 GMT
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
p3p
CP="This is not a P3P policy!"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
request;desc="Request Time";dur=0.002;
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
SAMEORIGIN
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-falcon-request-id
c0e012724f9dfd8f0cda65918a94bc9b
x-robots-tag
none
x-xss-protection
1; mode=block
enforce
falcon.report-uri.com/r/t/csp/ Frame 3714 		0
0
login-status-iframe.html
accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/ Frame AD02 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/login-status-iframe.html
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/js/keycloak.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47cbcc6949e5ba078838f3dbd370d606e1c4a5113f896ddce5e662086bd18958
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
access-control-allow-methods
GET, OPTIONS, POST, PUT
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
no-cache, must-revalidate, no-transform, no-store
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
79e7abe9edda0e6c-AMS
content-encoding
gzip
content-security-policy
default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
content-type
text/html;charset=utf-8
date
Fri, 24 Feb 2023 10:55:53 GMT
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
p3p
CP="This is not a P3P policy!"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
request;desc="Request Time";dur=0.003;
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
SAMEORIGIN
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-falcon-request-id
5081836952bfc95e44b5197c1a829df1
x-robots-tag
none
x-xss-protection
1; mode=block
enforce
falcon.report-uri.com/r/t/csp/ Frame AD02 		0
598 B 		Other
General
Check archive.org
Download Go to
Full URL
https://falcon.report-uri.com/r/t/csp/enforce
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://accounts.falcon.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 24 Feb 2023 10:55:54 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
79e7abea79e20a51-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
init
accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/login-status-iframe.html/ Frame AD02 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/login-status-iframe.html/init?client_id=falcon&origin=https%3A%2F%2Fapp.falcon.io
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/login-status-iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/login-status-iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
x-falcon-request-id
1ac86d7134f6149e911da10a13559a69
server-timing
request;desc="Request Time";dur=0.002;
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cf-apo-via
origin,host
cf-ray
79e7abea8edb0e6c-AMS
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
timing-allow-origin
SAMEORIGIN
Primary Request auth
accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/ 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp.falcon.io%2F&state=bdf655aa-ecb0-4f6d-858a-50e744289933&response_mode=fragment&response_type=code&scope=openid&nonce=399ae510-18db-4dad-b3a8-1ddd4f6592ce
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/js/keycloak.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c07122dd8b5aa7e50ff884ac30561e8807a2b986400ed376ae7c6ec02123db8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.falcon.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
access-control-allow-methods
GET, OPTIONS, POST, PUT
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
no-store, must-revalidate, max-age=0
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
79e7abeaffb40e6c-AMS
content-encoding
br
content-language
en
content-security-policy
default-src 'none'; form-action https://*:* http://localhost capacitor://localhost https://localhost:3000 io.falcon.engage.ionic://* dk.ios.falconsocial://* dk.android.falconsocial://* com.falconsocial.ios.publish://* com.falconsocial.android.publish://*; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
content-type
text/html;charset=utf-8
date
Fri, 24 Feb 2023 10:55:54 GMT
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
request;desc="Request Time";dur=0.005;
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
SAMEORIGIN
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-falcon-request-id
05f00bb2afdc923b3b0458e976df136f
x-robots-tag
none
x-xss-protection
1; mode=block
login.bundle.js
accounts.falcon.io/auth/resources/0mn5v/login/falcon/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/login.bundle.js
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp.falcon.io%2F&state=bdf655aa-ecb0-4f6d-858a-50e744289933&response_mode=fragment&response_type=code&scope=openid&nonce=399ae510-18db-4dad-b3a8-1ddd4f6592ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcecdde2f839c0d18007bf2c654f772294ef1c52275689b826b0903a5223cf55
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp.falcon.io%2F&state=bdf655aa-ecb0-4f6d-858a-50e744289933&response_mode=fragment&response_type=code&scope=openid&nonce=399ae510-18db-4dad-b3a8-1ddd4f6592ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-cache-status
HIT
age
5
content-encoding
br
x-falcon-request-id
e310b26a6514f6b64658cc3868e9317c
server-timing
request;desc="Request Time";dur=0.003;
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 24 Feb 2023 10:55:49 GMT
server
cloudflare
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
access-control-allow-credentials
true
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
cf-ray
79e7abeb78be0e6c-AMS
expires
Fri, 24 Feb 2023 14:55:54 GMT
login.css
accounts.falcon.io/auth/resources/0mn5v/login/falcon/ 		150 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/login.css
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp.falcon.io%2F&state=bdf655aa-ecb0-4f6d-858a-50e744289933&response_mode=fragment&response_type=code&scope=openid&nonce=399ae510-18db-4dad-b3a8-1ddd4f6592ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44be372502132188b37f4c4b7af4f81dffb3c02685a761dcd35b2cfff753af1d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp.falcon.io%2F&state=bdf655aa-ecb0-4f6d-858a-50e744289933&response_mode=fragment&response_type=code&scope=openid&nonce=399ae510-18db-4dad-b3a8-1ddd4f6592ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-cache-status
HIT
age
5
content-encoding
br
x-falcon-request-id
34e25311c6c90704ee0f328d4acaaf68
server-timing
request;desc="Request Time";dur=0.002;
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 24 Feb 2023 10:55:49 GMT
server
cloudflare
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT
content-type
text/css;charset=UTF-8
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
access-control-allow-credentials
true
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
cf-ray
79e7abeb78c00e6c-AMS
expires
Fri, 24 Feb 2023 14:55:54 GMT
enforce
falcon.report-uri.com/r/t/csp/ 		0
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://falcon.report-uri.com/r/t/csp/enforce
Requested by
Host: app.falcon.io
URL: https://app.falcon.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://accounts.falcon.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 24 Feb 2023 10:55:54 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
79e7abeb8bd40a51-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
bw.svg
accounts.falcon.io/auth/resources/0mn5v/login/falcon/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/img/bw.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07320ebc108f86e6285c2072bc5a18d063e1c548ddf50e48c75c7a5ef7f85154
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https%3A%2F%2Fapp.falcon.io%2F&state=bdf655aa-ecb0-4f6d-858a-50e744289933&response_mode=fragment&response_type=code&scope=openid&nonce=399ae510-18db-4dad-b3a8-1ddd4f6592ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-cache-status
HIT
age
5
content-encoding
br
x-falcon-request-id
0c691fd45f08b89224b6def8f5abc5f0
server-timing
request;desc="Request Time";dur=0.002;
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 24 Feb 2023 10:55:49 GMT
server
cloudflare
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT
content-type
image/svg+xml
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
access-control-allow-credentials
true
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
cf-ray
79e7abebd9420e6c-AMS
expires
Fri, 24 Feb 2023 14:55:54 GMT
Roboto-Regular.ttf
accounts.falcon.io/auth/resources/0mn5v/login/falcon/fonts/ 		164 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/fonts/Roboto-Regular.ttf
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/login.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/login.css
Origin
https://accounts.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-cache-status
HIT
age
4
x-falcon-request-id
2c9172789f7fd280c72416ba8c8f832c
server-timing
request;desc="Request Time";dur=0.003;
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 24 Feb 2023 10:55:50 GMT
server
cloudflare
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT
content-type
application/octet-stream
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
access-control-allow-credentials
true
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
cf-ray
79e7abebd9470e6c-AMS
expires
Fri, 24 Feb 2023 14:55:54 GMT
Roboto-Bold.ttf
accounts.falcon.io/auth/resources/0mn5v/login/falcon/fonts/ 		163 KB
164 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/fonts/Roboto-Bold.ttf
Requested by
Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/login.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.falcon.io/auth/resources/0mn5v/login/falcon/login.css
Origin
https://accounts.falcon.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:55:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-cache-status
HIT
age
4
x-falcon-request-id
e06600d4489049b0b980d5f80e5e0391
server-timing
request;desc="Request Time";dur=0.001;
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 24 Feb 2023 10:55:50 GMT
server
cloudflare
expect-ct
max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST, PUT
content-type
application/octet-stream
access-control-allow-origin
https://accounts.falcon.io
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
access-control-allow-credentials
true
timing-allow-origin
SAMEORIGIN
access-control-allow-headers
Authorization, Content-Type, origin, x-requested-with, If-Modified-Since, falconMobileAppVersion
cf-ray
79e7abebd94e0e6c-AMS
expires
Fri, 24 Feb 2023 14:55:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
falcon.report-uri.com
URL
https://falcon.report-uri.com/r/t/csp/enforce
Domain
falcon.report-uri.com
URL
https://falcon.report-uri.com/r/t/csp/enforce

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

6 Cookies

Domain/Path Name / Value
accounts.falcon.io/auth/realms/falcon/ Name: AUTH_SESSION_ID
Value: 6824f8cb-b408-4e52-a91f-0abf8ba996b4.falcon-keycloak-falcon-keycloak-1
accounts.falcon.io/auth/realms/falcon/ Name: AUTH_SESSION_ID_LEGACY
Value: 6824f8cb-b408-4e52-a91f-0abf8ba996b4.falcon-keycloak-falcon-keycloak-1
accounts.falcon.io/auth/realms/falcon/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiYTA3ZDk4Mi1iOTA4LTQ3MTEtYjllMy1jMTMyNjc1NTM4ZDIifQ.eyJjaWQiOiJmYWxjb24iLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2FwcC5mYWxjb24uaW8vIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL2FjY291bnRzLmZhbGNvbi5pby9hdXRoL3JlYWxtcy9mYWxjb24iLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYXBwLmZhbGNvbi5pby8iLCJzdGF0ZSI6ImJkZjY1NWFhLWVjYjAtNGY2ZC04NThhLTUwZTc0NDI4OTkzMyIsIm5vbmNlIjoiMzk5YWU1MTAtMThkYi00ZGFkLWIzYTgtMWRkZDRmNjU5MmNlIiwicmVzcG9uc2VfbW9kZSI6ImZyYWdtZW50In19.IQaceVNAzphcz5IhsMuQakP3xrxn1SeOkCRRQMaf_FM
.falcon.io/ Name: __cf_bm
Value: l_VDP7XDjz_6nGb.POBEyBRogWYBXE3ZVmuWBJMF3Hc-1677236152-0-ASCYEapncsnCNLIQ2I+lqD/8MbNMCB9tW7YlILDf3MhuBxo0fDNfIKEcpi1IGF/0KcQzFifUUBQgxUI8Noos99k=
app.falcon.io/ Name: __cflb
Value: 02DiuGV7hpeto8BhgM2z5q7kP8BpL8gcG2qHEDwrYZjvC
accounts.falcon.io/ Name: __cflb
Value: 02DiuEcJwKvacTLLQ4bNkA1sUiaqKKsnbrtnj2uvnQivx

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; form-action https://messenger-apps.intercom.io https://*.statuspage.io; default-src 'self' https://cdn.falcon.io; script-src 'nonce-fd637a716122367166de57400a49bea8' 'strict-dynamic' 'self' data: https://cdn.falcon.io https://accounts.falcon.io https://frontend-importmap.apps.aws.live.brandwatch.net https://assets.brandwatch.com https://cdnjs.cloudflare.com https://fast.wistia.com https://*.googleapis.com https://*.cloudfront.net https://cdn.segment.com https://cdn.cookielaw.org https://code.jquery.com https://connect.facebook.net https://fast.appcues.com https://*.google-analytics.com https://cdn.mxpnl.com https://www.gstatic.com https://www.youtube.com https://*.ytimg.com https://widget.intercom.io https://www.photoeditorsdk.com https://api.photoeditorsdk.com https://js.intercomcdn.com https://s3.eu-central-1.amazonaws.com https://www.instagram.com https://static.filestackapi.com https://js.driftt.com; worker-src blob:; child-src blob:; connect-src 'self' blob: https://accounts.falcon.io https://cdn.falcon.io https://assets.brandwatch.com https://proxy.falcon.io https://www.falcon.io wss://app.falcon.io https://*.intercom.io wss://*.intercom.io https://uploads.intercomcdn.com https://api.appcues.net wss://api.appcues.net https://fast.appcues.com https://api.segment.io https://api-js.mixpanel.com https://api-eu.mixpanel.com https://js.intercomcdn.com https://www.google-analytics.com https://*.sentry.io https://api.photoeditorsdk.com https://falconsocial.zendesk.com https://api.instagram.com https://www.instagram.com https://cdn.filestackcontent.com https://*.filestackapi.com https://s3.amazonaws.com https://falcon-advertise-exports.s3.eu-central-1.amazonaws.com https://falcon-advertise-images.s3.eu-central-1.amazonaws.com https://falcon-advertise-videos.s3.eu-central-1.amazonaws.com https://cdn.cookielaw.org https://*.onetrust.com https://*.licdn.com https://cdn.segment.com https://www.tiktok.com; img-src * data: blob:; style-src 'self' 'unsafe-inline' https://cdn.falcon.io https://*.googleapis.com https://fast.appcues.com https://static.filestackapi.com https://optanon.blob.core.windows.net; font-src 'self' data: https://cdn.falcon.io https://fonts.gstatic.com https://s3.eu-central-1.amazonaws.com https://js.intercomcdn.com; frame-src 'self' blob: https://accounts.falcon.io https://fast.wistia.com https://fast.wistia.net https://intercom-sheets.com https://staticxx.facebook.com https://my.appcues.com https://www.youtube.com https://www.facebook.com https://www.instagram.com https://falcon-insights.brandwatch.com https://authz.nc.sandbox.pandium.com https://authz.nc.pandium.io https://imp.sandbox.pandium.com https://imp.pandium.io https://www.tiktok.com https://embedded.eu1.tray.io https://platform.twitter.com; media-src * data: blob:; frame-ancestors https://app.falcon.io; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.falcon.io
app.falcon.io
cdn.falcon.io
falcon.report-uri.com
fonts.gstatic.com
frontend-importmap.apps.aws.live.brandwatch.net
link.falcon.io
o98544.ingest.sentry.io
falcon.report-uri.com
18.66.122.129
2606:4700::6811:ba58
2606:4700::6812:f2
2a00:1450:4001:802::2003
34.120.195.249
54.78.252.64
07320ebc108f86e6285c2072bc5a18d063e1c548ddf50e48c75c7a5ef7f85154
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
260d0f3c28d78860d5194852d404592263e539c20e76635fbf5ecd5225fed174
356d2500f845aa5dc2d2f149909f934d050f19fa664bcf91dfbcd77343727d64
378e93ebc981f020f857bd94e687a8947cfbd57dbb25ec86fab9a868688b09ac
388d366de847dd8a7ab8b25b1255a88b6a3a91bbc0476812f021eeb7b29b57a1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44be372502132188b37f4c4b7af4f81dffb3c02685a761dcd35b2cfff753af1d
47cbcc6949e5ba078838f3dbd370d606e1c4a5113f896ddce5e662086bd18958
493393ae5ee5da0924717eb5f3eab762d4505b3c488ff021fac0e9f0874a5084
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7c07122dd8b5aa7e50ff884ac30561e8807a2b986400ed376ae7c6ec02123db8
8c267256adcd8c969863792ca3e9652c56b923752d918bb977d8bd71ed2f64da
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
9c2731e40bdfd585de425b47fb9f7eeb80652807bdac2e4314fb23d5d43161e6
ad05813ab377b5b2fcc3e4293c7e2af1ac72015a913e16019ef0edf5e768644d
b2a91a501615555f09de101d2c7a28f5bc5eccef7938451748c6ac63abcadc50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
f0fd592b42fc378b74bae0e6e391f7da721f5fa4c000f29c125d7e4cd3ed088d
f7be423e4800e304a82e1609c701b270f3679da5730c4d5851de150af2534744
facadf733b0951d11ad1760547bdc0401ba29995ee121edcd9f803dab2243f21
fcecdde2f839c0d18007bf2c654f772294ef1c52275689b826b0903a5223cf55