accounts.falcon.io Open in urlscan Pro
2606:4700::6812:128d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon...
Submission: On February 03 via api (February 3rd 2021, 9:37:06 pm UTC) from US

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2606:4700::6812:128d, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts.falcon.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on February 15th 2020. Valid for: 2 years.

This is the only time accounts.falcon.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700::68... 2606:4700::6812:128d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:138d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

7 2606:4700::6812:128d (United States)

ASN13335 (CLOUDFLARENET, US)

accounts.falcon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:138d (United States)

ASN13335 (CLOUDFLARENET, US)

www.falcon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	falcon.io accounts.falcon.io www.falcon.io	366 KB
8	1

	Domain	Requested by
7	accounts.falcon.io	accounts.falcon.io
1	www.falcon.io	accounts.falcon.io
8	2

This site contains links to these domains. Also see Links.

Domain
www.falcon.io

Subject Issuer	Validity	Valid
*.falcon.io DigiCert SHA2 High Assurance Server CA	`2020-02-15` - `2022-02-23`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon.io&response_type=code&kc_idp_hint=daf-saml)
Frame ID: 2EFE54B29C3B2D8D7DB1691E2DC9374A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

366 kB
Transfer

481 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.falcon.io/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.falcon.io/webinars/instagram-experiments/
Title: Register Now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request auth Show response
accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/ 13 KB
4 KB 74ms
43ms Document
text/html 2606:4700::6812:128d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon.io&response_type=code&kc_idp_hint=daf-saml)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:128d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd04a07aa5dddd46973f37430b83d1ce2d42043fd82a39d72726edbfe2b91fa9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; form-action https://* http://localhost capacitor://localhost https://localhost:3000; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.falcon.io
:scheme: https
:path: /auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon.io&response_type=code&kc_idp_hint=daf-saml)
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 21:36:48 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dea71f6666fdb32be0ce998f9ef42eab41612388208; expires=Fri, 05-Mar-21 21:36:48 GMT; path=/; domain=.falcon.io; HttpOnly; SameSite=Lax AUTH_SESSION_ID=4402c094-51c9-45f6-a195-dce3e50185e4.falcon-keycloak-falcon-keycloak-5; Version=1; Path=/auth/realms/falcon/; Secure; HttpOnly KC_RESTART=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiYTA3ZDk4Mi1iOTA4LTQ3MTEtYjllMy1jMTMyNjc1NTM4ZDIifQ.eyJjaWQiOiJmYWxjb24iLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2FwcC5mYWxjb24uaW8iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJpc3MiOiJodHRwczovL2FjY291bnRzLmZhbGNvbi5pby9hdXRoL3JlYWxtcy9mYWxjb24iLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYXBwLmZhbGNvbi5pbyIsImtjX2lkcF9oaW50IjoiZGFmLXNhbWwpIn19.l9mMyJP3BO0X3nJQeNVcwQHIXaNNhPVitgmyj4wZpxA; Version=1; Path=/auth/realms/falcon/; Secure; HttpOnly __cflb=02DiuEcJwKvacTLLQ4bNkA1sUiaqKKsncZVh33E9mdXmv; SameSite=Lax; path=/; expires=Thu, 04-Feb-21 20:36:48 GMT; HttpOnly
vary: Accept-Encoding Origin
cache-control: no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; form-action https://* http://localhost capacitor://localhost https://localhost:3000; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
x-robots-tag: none
x-content-type-options: nosniff
content-language: en
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
feature-policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; usb 'none'; sync-xhr 'none';
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-origin: https://accounts.falcon.io
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, origin, x-requested-with, If-Modified-Since
access-control-allow-methods: GET, OPTIONS, POST, PUT
x-falcon-request-id: 625c60af71372bebf2c5f8a990160e9e
server-timing: request;desc="Request Time";dur=0.005;
timing-allow-origin: SAMEORIGIN
expect-ct: max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
cf-cache-status: DYNAMIC
cf-request-id: 080b6ca91f00002484360ff000000001
server: cloudflare
cf-ray: 61bf4a21ce532484-FRA
content-encoding: br

GET
H2 200 login-5f17efae5a6f25bf3dd1.css
accounts.falcon.io/auth/resources/wrsnu/login/falcon/ 124 KB
20 KB 59ms
57ms Stylesheet
text/css 2606:4700::6812:128d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/login-5f17efae5a6f25bf3dd1.css

Requested by

Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon.io&response_type=code&kc_idp_hint=daf-saml)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:128d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8ab0c439471c792958afd263b01c2a9a14493407bf7c37637f665fe106031d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://.falcon.io https://.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon.io&response_type=code&kc_idp_hint=daf-saml)
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 21:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-falcon-request-id: 47540d2ed7210e9279db916ea9f1ee59
access-control-allow-methods: GET, OPTIONS, POST, PUT
server-timing: request;desc="Request Time";dur=0.004;
x-xss-protection: 1; mode=block
timing-allow-origin: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css;charset=UTF-8
access-control-allow-origin: https://accounts.falcon.io
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
feature-policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; usb 'none'; sync-xhr 'none';
content-security-policy: base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-request-id: 080b6ca94f0000248426b5c000000001
access-control-allow-credentials: true
cf-ray: 61bf4a221f0d2484-FRA
access-control-allow-headers: Authorization, Content-Type, origin, x-requested-with, If-Modified-Since
expires: Thu, 04 Feb 2021 01:36:49 GMT

GET
H2 200 falcon-wing-black.svg
accounts.falcon.io/auth/resources/wrsnu/login/falcon/img/ 642 B
1 KB 35ms
34ms Image
image/svg+xml 2606:4700::6812:128d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/img/falcon-wing-black.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:128d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81146fa7e40d3b8097498630958b0a711b67654a57190b56d71403079c5b3cc2

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://.falcon.io https://.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon.io&response_type=code&kc_idp_hint=daf-saml)
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 21:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-falcon-request-id: 49b83d4b6ca2a32fad6425eb5d095f7f
access-control-allow-methods: GET, OPTIONS, POST, PUT
server-timing: request;desc="Request Time";dur=0.003;
x-xss-protection: 1; mode=block
timing-allow-origin: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: https://accounts.falcon.io
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
feature-policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; usb 'none'; sync-xhr 'none';
content-security-policy: base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-request-id: 080b6ca95000002484739ed000000001
access-control-allow-credentials: true
cf-ray: 61bf4a221f172484-FRA
access-control-allow-headers: Authorization, Content-Type, origin, x-requested-with, If-Modified-Since
expires: Thu, 04 Feb 2021 01:36:49 GMT

GET
H2 200 google.png
accounts.falcon.io/auth/resources/wrsnu/login/falcon/img/ 2 KB
2 KB 36ms
36ms Image
image/png 2606:4700::6812:128d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/img/google.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:128d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d382aea88f9c3cc757f203991c78e496d075e3fd25c6b89ce0bcd082cf7a730c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://.falcon.io https://.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon.io&response_type=code&kc_idp_hint=daf-saml)
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 21:36:49 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-falcon-request-id: cf7aa7cad95d5d294f544112d2633d05
server-timing: request;desc="Request Time";dur=0.004;
vary: Origin, Accept-Encoding
content-length: 1772
x-xss-protection: 1; mode=block
timing-allow-origin: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, POST, PUT
content-type: image/png
access-control-allow-origin: https://accounts.falcon.io
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
feature-policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; usb 'none'; sync-xhr 'none';
content-security-policy: base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-request-id: 080b6ca950000024844991e000000001
accept-ranges: bytes
cf-ray: 61bf4a221f192484-FRA
access-control-allow-headers: Authorization, Content-Type, origin, x-requested-with, If-Modified-Since
access-control-allow-credentials: true
expires: Thu, 04 Feb 2021 01:36:49 GMT

GET
H2 200 login.bundle-bf3ca80a0a405a80b687.js Show response
accounts.falcon.io/auth/resources/wrsnu/login/falcon/ 6 KB
2 KB 70ms
69ms Script
text/javascript 2606:4700::6812:128d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/login.bundle-bf3ca80a0a405a80b687.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:128d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

422c85aeff9370df5cd02ec23ab2718a969cb81350fb689536d809f291262792

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://.falcon.io https://.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.falcon.io/auth/realms/falcon/protocol/openid-connect/auth?client_id=falcon&redirect_uri=https://app.falcon.io&response_type=code&kc_idp_hint=daf-saml)
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 21:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-falcon-request-id: a914fe30a13f2fc1092b0bb44a446ca2
access-control-allow-methods: GET, OPTIONS, POST, PUT
server-timing: request;desc="Request Time";dur=0.003;
x-xss-protection: 1; mode=block
timing-allow-origin: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://accounts.falcon.io
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
feature-policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; usb 'none'; sync-xhr 'none';
content-security-policy: base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-request-id: 080b6ca94f000024849a2de000000001
access-control-allow-credentials: true
cf-ray: 61bf4a221f142484-FRA
access-control-allow-headers: Authorization, Content-Type, origin, x-requested-with, If-Modified-Since
expires: Thu, 04 Feb 2021 01:36:49 GMT

GET
H2 200 loginscreen Show response
www.falcon.io/wpjson/settings/ 534 B
3 KB 110ms
80ms XHR
application/json 2606:4700::6812:138d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.falcon.io/wpjson/settings/loginscreen

Requested by

Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/login.bundle-bf3ca80a0a405a80b687.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:138d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

5aba5f52bbfdfba9c5ae2eec79748a3dffaffa04aa7c87ac2d00064fa4b95cd6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob:; img-src 'self' data: http: https: wss: .gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .googletagmanager.com .googleapis.com .marketo.com .stripe.com .cookielaw.org .bizible.com .google-analytics.com .driftt.com .jquery.com .g2crowd.com .marketo.net .clearbit.com .convertflow.co convertflow.co .hotjar.com .mktoresp.com .googleadservices.com .licdn.com .adroll.com .facebook.net .facebook.com .ads-twitter.com .twitter.com .bing.com .g.doubleclick.net .adroll.mgr.consensu.org .google.com giphy.com .giphy.com .youtube.com .instagram.com .angularjs.org .wistia.com calendly.com .calendly.com .salesloft.com .getapp.com .capterra.com d3pkntwtp2ukl5.cloudfront.net .unbounce.com .driftqa.com .ampproject.org .onetrust.com .youtube-nocookie.com .doubleclick.net; style-src 'self' 'unsafe-inline' http: https: wss: fonts.googleapis.com; font-src 'self' data: http: https: wss: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' .googletagmanager.com .googleapis.com .marketo.com .stripe.com .cookielaw.org .bizible.com .google-analytics.com .driftt.com .jquery.com .g2crowd.com .marketo.net .clearbit.com .convertflow.co convertflow.co .hotjar.com .mktoresp.com .googleadservices.com .licdn.com .adroll.com .facebook.net .facebook.com .ads-twitter.com .twitter.com .bing.com .g.doubleclick.net .adroll.mgr.consensu.org .google.com giphy.com .giphy.com .youtube.com .instagram.com .angularjs.org .wistia.com calendly.com .calendly.com .salesloft.com .getapp.com .capterra.com d3pkntwtp2ukl5.cloudfront.net .unbounce.com .driftqa.com .ampproject.org .onetrust.com .youtube-nocookie.com .doubleclick.net; connect-src 'self' http: https: wss: .googletagmanager.com .googleapis.com .marketo.com .stripe.com .cookielaw.org .bizible.com .google-analytics.com .driftt.com .jquery.com .g2crowd.com .marketo.net .clearbit.com .convertflow.co convertflow.co .hotjar.com .mktoresp.com .googleadservices.com .licdn.com .adroll.com .facebook.net .facebook.com .ads-twitter.com .twitter.com .bing.com .g.doubleclick.net .adroll.mgr.consensu.org .google.com giphy.com .giphy.com .youtube.com .instagram.com .angularjs.org .wistia.com calendly.com .calendly.com .salesloft.com .getapp.com .capterra.com d3pkntwtp2ukl5.cloudfront.net .unbounce.com .driftqa.com .ampproject.org .onetrust.com .youtube-nocookie.com .doubleclick.net; frame-ancestors 'self'; worker-src 'self' blob:; media-src 'self' blob: http: https: wss: *.driftqa.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.falcon.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Wed, 03 Feb 2021 21:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-cacheable: SHORT
x-powered-by: WP Engine
x-cache: HIT: 3
expires: Thu, 04 Feb 2021 01:36:49 GMT
allow: GET
x-xss-protection: 1; mode=block
x-cache-group: normal
content-security-policy: default-src 'self' blob:; img-src 'self' data: http: https: wss: *.gravatar.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.googleapis.com *.marketo.com *.stripe.com *.cookielaw.org *.bizible.com *.google-analytics.com *.driftt.com *.jquery.com *.g2crowd.com *.marketo.net *.clearbit.com *.convertflow.co convertflow.co *.hotjar.com *.mktoresp.com *.googleadservices.com *.licdn.com *.adroll.com *.facebook.net *.facebook.com *.ads-twitter.com *.twitter.com *.bing.com *.g.doubleclick.net *.adroll.mgr.consensu.org *.google.com giphy.com *.giphy.com *.youtube.com *.instagram.com *.angularjs.org *.wistia.com calendly.com *.calendly.com *.salesloft.com *.getapp.com *.capterra.com d3pkntwtp2ukl5.cloudfront.net *.unbounce.com *.driftqa.com *.ampproject.org *.onetrust.com *.youtube-nocookie.com *.doubleclick.net; style-src 'self' 'unsafe-inline' http: https: wss: fonts.googleapis.com; font-src 'self' data: http: https: wss: fonts.googleapis.com themes.googleusercontent.com; frame-src 'self' *.googletagmanager.com *.googleapis.com *.marketo.com *.stripe.com *.cookielaw.org *.bizible.com *.google-analytics.com *.driftt.com *.jquery.com *.g2crowd.com *.marketo.net *.clearbit.com *.convertflow.co convertflow.co *.hotjar.com *.mktoresp.com *.googleadservices.com *.licdn.com *.adroll.com *.facebook.net *.facebook.com *.ads-twitter.com *.twitter.com *.bing.com *.g.doubleclick.net *.adroll.mgr.consensu.org *.google.com giphy.com *.giphy.com *.youtube.com *.instagram.com *.angularjs.org *.wistia.com calendly.com *.calendly.com *.salesloft.com *.getapp.com *.capterra.com d3pkntwtp2ukl5.cloudfront.net *.unbounce.com *.driftqa.com *.ampproject.org *.onetrust.com *.youtube-nocookie.com *.doubleclick.net; connect-src 'self' http: https: wss: *.googletagmanager.com *.googleapis.com *.marketo.com *.stripe.com *.cookielaw.org *.bizible.com *.google-analytics.com *.driftt.com *.jquery.com *.g2crowd.com *.marketo.net *.clearbit.com *.convertflow.co convertflow.co *.hotjar.com *.mktoresp.com *.googleadservices.com *.licdn.com *.adroll.com *.facebook.net *.facebook.com *.ads-twitter.com *.twitter.com *.bing.com *.g.doubleclick.net *.adroll.mgr.consensu.org *.google.com giphy.com *.giphy.com *.youtube.com *.instagram.com *.angularjs.org *.wistia.com calendly.com *.calendly.com *.salesloft.com *.getapp.com *.capterra.com d3pkntwtp2ukl5.cloudfront.net *.unbounce.com *.driftqa.com *.ampproject.org *.onetrust.com *.youtube-nocookie.com *.doubleclick.net; frame-ancestors 'self'; worker-src 'self' blob:; media-src 'self' blob: http: https: wss: *.driftqa.com;
access-control-allow-headers: Authorization, X-Requested-With
referrer-policy: origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
cache-control: public, max-age=14400
x-wp-doingitwrong: register_rest_route (since 5.5.0; The REST API route definition for <code>settings/loginscreen</code> is missing the required <code>permission_callback</code> argument. For REST API routes that are intended to be public, use <code>__return_true</code> as the permission callback.)
cf-request-id: 080b6ca9b700004a929a218000000001
cf-ray: 61bf4a22ba6b4a92-FRA
link: <https://www.falcon.io/wpjson/>; rel="https://api.w.org/"
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 login-page-bg2.jpg
accounts.falcon.io/auth/resources/wrsnu/login/falcon/img/ 313 KB
313 KB 47ms
47ms Image
image/jpeg 2606:4700::6812:128d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/img/login-page-bg2.jpg

Requested by

Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/login-5f17efae5a6f25bf3dd1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:128d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efbdfd4d4e49624058d0f10923ffad24b9368763de12cc08ee62468b383f6fab

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://.falcon.io https://.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/login-5f17efae5a6f25bf3dd1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 21:36:49 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-falcon-request-id: 4f2e2a4edd04b7db48396308937f6561
server-timing: request;desc="Request Time";dur=0.005;
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
timing-allow-origin: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, POST, PUT
content-type: image/jpeg
access-control-allow-origin: https://accounts.falcon.io
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
feature-policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; usb 'none'; sync-xhr 'none';
content-security-policy: base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-request-id: 080b6caa09000024842f833000000001
access-control-allow-credentials: true
cf-ray: 61bf4a2349742484-FRA
access-control-allow-headers: Authorization, Content-Type, origin, x-requested-with, If-Modified-Since
expires: Thu, 04 Feb 2021 01:36:49 GMT

GET
H2 200 falcon.ttf
accounts.falcon.io/auth/resources/wrsnu/login/falcon/fonts/ 21 KB
21 KB 35ms
35ms Font
application/octet-stream 2606:4700::6812:128d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/fonts/falcon.ttf?wg934q

Requested by

Host: accounts.falcon.io
URL: https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/login-5f17efae5a6f25bf3dd1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:128d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52540bcec449a5833a3e666cf1ab9778ab83915d271278577fdf427e9be3ca69

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://.falcon.io https://.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://accounts.falcon.io
Referer: https://accounts.falcon.io/auth/resources/wrsnu/login/falcon/login-5f17efae5a6f25bf3dd1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 21:36:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-falcon-request-id: b7c475a768afb42976e572399b8798a1
server-timing: request;desc="Request Time";dur=0.003;
x-xss-protection: 1; mode=block
timing-allow-origin: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=0, report-uri="https://falconsre.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, OPTIONS, POST, PUT
content-type: application/octet-stream
access-control-allow-origin: https://accounts.falcon.io
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
feature-policy: camera 'none'; microphone 'none'; geolocation 'none'; accelerometer 'none'; encrypted-media 'none'; gyroscope 'none'; magnetometer 'none'; midi 'none'; payment 'none'; usb 'none'; sync-xhr 'none';
content-security-policy: base-uri 'self'; default-src 'none'; form-action 'self' https://app.falcon.io https://graph.facebook.com https://facebook.com https://www.facebook.com https://accounts.google.com https://api.twitter.com https://www.linkedin.com; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://*.flcn.io https://*.falconsocial.com https://localhost:3000; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
cf-request-id: 080b6caa0b000024844992c000000001
access-control-allow-credentials: true
cf-ray: 61bf4a2349782484-FRA
access-control-allow-headers: Authorization, Content-Type, origin, x-requested-with, If-Modified-Since
expires: Thu, 04 Feb 2021 01:36:49 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.falcon.io/	1970-01-19 16:36:20	Name: __cfduid Value: dea71f6666fdb32be0ce998f9ef42eab41612388208
accounts.falcon.io/	1970-01-19 15:54:31	Name: __cflb Value: 02DiuEcJwKvacTLLQ4bNkA1sUiaqKKsncZVh33E9mdXmv
accounts.falcon.io/auth/realms/falcon/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiYTA3ZDk4Mi1iOTA4LTQ3MTEtYjllMy1jMTMyNjc1NTM4ZDIifQ.eyJjaWQiOiJmYWxjb24iLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2FwcC5mYWxjb24uaW8iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJpc3MiOiJodHRwczovL2FjY291bnRzLmZhbGNvbi5pby9hdXRoL3JlYWxtcy9mYWxjb24iLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYXBwLmZhbGNvbi5pbyIsImtjX2lkcF9oaW50IjoiZGFmLXNhbWwpIn19.l9mMyJP3BO0X3nJQeNVcwQHIXaNNhPVitgmyj4wZpxA
accounts.falcon.io/auth/realms/falcon/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 4402c094-51c9-45f6-a195-dce3e50185e4.falcon-keycloak-falcon-keycloak-5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; form-action https://* http://localhost capacitor://localhost https://localhost:3000; script-src 'self' 'unsafe-inline'; connect-src 'self' https://www.falcon.io; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; frame-src 'self'; frame-ancestors https://*.falcon.io https://localhost:3000 https://localhost:4200; report-uri https://falcon.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.falcon.io
www.falcon.io
2606:4700::6812:128d
2606:4700::6812:138d
422c85aeff9370df5cd02ec23ab2718a969cb81350fb689536d809f291262792
52540bcec449a5833a3e666cf1ab9778ab83915d271278577fdf427e9be3ca69
5aba5f52bbfdfba9c5ae2eec79748a3dffaffa04aa7c87ac2d00064fa4b95cd6
81146fa7e40d3b8097498630958b0a711b67654a57190b56d71403079c5b3cc2
d382aea88f9c3cc757f203991c78e496d075e3fd25c6b89ce0bcd082cf7a730c
efbdfd4d4e49624058d0f10923ffad24b9368763de12cc08ee62468b383f6fab
f8ab0c439471c792958afd263b01c2a9a14493407bf7c37637f665fe106031d1
fd04a07aa5dddd46973f37430b83d1ce2d42043fd82a39d72726edbfe2b91fa9

accounts.falcon.io Open in urlscan Pro 2606:4700::6812:128d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

100 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

366 kBTransfer

481 kBSize

4 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

accounts.falcon.io Open in urlscan Pro
2606:4700::6812:128d Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

366 kB
Transfer

481 kB
Size

4
Cookies

8 HTTP transactions
0 data transactions