Flock Safety: 80.000 Kameras – das geheime Überwachungsnetz der US-Polizei

Kommentare
, , , ,
2

Ich hab mich mal ein wenig bei „Flock Safety“ umgeschaut. Ich muss sagen, dass ich schon lange nicht mehr solch ein Chaos-Netzwerk gesehen habe!!

:laughing:

Wer sich drüber beschweren will, loggt sich am Besten direkt über das Admin Panel in deren internes System ein…!

flocksafetysupport.zendesk.com
:443
LOGIN_PAGE
WAF
As of03. Mai 202604:43 UTC
Summary
Software	
Cloudflare Load Balancer
Cloudflare Waf
Vercel Next.Js
3 Total Endpoints	
443 / HTTP
443 / HTTP /access
443 / HTTP /auth/v...
Certificate Information
Browser Trust	
Trusted
Subject DN	
CN=zendesk.com
Issuer DN	
C=US, O=Let's Encrypt, CN=E8
All Names	
*.zendesk.com
zendesk.com
HTTP and Application Details
CVEs0
Raw Data
HTTP 443 / TCP
216.198.54.2
3 Endpoints
URI	
https://flocksafetysupport.zendesk.com/
Path	/
Effective URI	
https://flocksafetysupport.zendesk.com/auth/v3/signin
Redirect Chain	
https://flocksafetysupport.zendesk.com/
https://flocksafetysupport.zendesk.com/access
https://flocksafetysupport.zendesk.com/auth/v3/signin
Headers	

HTTP/1.1 301 Moved Permanently
location: https://flocksafetysupport.zendesk.com/access?brand_id=46291143568027&theme=hc
zendesk-route: /
CF-RAY: 9f5c9a8e6c800974-HKG
via: zorg
Set-Cookie: _zendesk_authenticated=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; HttpOnly; SameSite=None
Set-Cookie: _zendesk_session=N5xoO9a6m9xXWrDQdVNQbGLA%2BvRdHO%2FbDcXCKXg4hyMhSsnlylsW%2B%2BeO9j10PkykPZJnZoGwaeFhsqSUI%2Fw0HbPbIy0Xwygu%2FzrA0A7KEEua0doGma4xiMLzO3vGeLNhWN4u8PSYzlAdx2EIVEdSFr9QLi%2FgKlDZC%2Biv5yrv3o5GF2diD2Xox6NWvFdDVlq%2BewXmoJ2oyl1yBUL6jDYXqBnq3K4tWdoSxD%2BgTjjevgsngsfVWD1LofV2ok0TkNokUz2Y8EvdKnJ7e7jq6hnjbknAlpm710Rlgz5%2BjCjT5pD3yv1w0Zik%2FvsfUN%2FfV%2FTY56wGi0rELJe%2BDtzxQ1xYI4IVc7M6yAIq6WJpOI%2F%2Bh7Z6t3QDzWRFWeL1%2BOhGRsjR4eBWgj8LaKF4q4f4PW9aDpq8HwQR78bz--Hc9hHsTBh5FXvQqP--X9zuHhx5ZgBdeJ5E9dQzhA%3D%3D; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: __cf_bm=VYO._tqxg6j492mRoFG3pu2fZtRbDynAiFQvduVxs4M-1777783395-1.0.1.1-CYFup85quy4H83wKUktncJQ0Zr.UPjx40h_FgnUFipWk1UAvMGub9s2FL3L377AnHBoE0ECMSB0IX72xFT9a1eMZKvnWrjzaEze7ALoKO.5Gdwcli.VYh7afPhivMRK1; path=/; expires=Sun, 03-May-26 05:13:15 GMT; domain=.zendesk.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=bOTlJFLUDq7p8OO9d1Ckw8No0sU0gxkEu4_WSBnSAZg-1777783395948-0.0.1.1-604800000; path=/; domain=.zendesk.com; HttpOnly; Secure; SameSite=None
Transfer-Encoding: chunked
set-cookie: _zendesk_shared_session=-NWlVaFNBek82TTUxbnpGYVhZbHpibUR6blhjU3JKaEw4eko0NS9ScDVlQllEdWdpcXpsYnB0OUJqWHFnbTFFTW1aZDd0aS83aElteElYS25NUlJIbGp1ZndiUlkzQ2o5bUU5Wk1DNXdyWktWQWtQaXlKZVFuQXZjTjRjTDdWSVg3eE9sR1dhbnk3RHZEWE42dEtpU0lRPT0tLXhYOFBKR0g4dVppTDNqT1hyMmhaRnc9PQ%3D%3D--f07a3a1e69c208c28e91b68111e830b16850a4a0; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
x-envoy-decorator-operation: /
cache-control: no-cache
Date: <REDACTED>
x-request-id: 9f5c9a8e6c800974-IAD
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
x-envoy-upstream-service-time: 70
Connection: keep-alive
x-xss-protection: 1; mode=block
x-zendesk-origin-server: classic-app-server-84c5c6d84c-fbhf4
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
content-security-policy: frame-ancestors 'self' ;
x-runtime: 0.066001
strict-transport-security: max-age=31536000; includeSubDomains
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vtmqfvbst5kcXiaovuUKyOx6Qi1Mq0VBT1uuhc5qU4lGJeOGTQhF02QlHo9ncTmz432xdbHjqdHPS5WnqNo6zSrkn9uP1mGdCh0kSfkgfZrdE95DqY7L3kidoG5k%2FyPdiHliAnJUrmd15H%2B1gzJcqA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
x-zendesk-zorg: yes
vary: Accept

URI	
https://flocksafetysupport.zendesk.com/access
Path	/access
Effective URI	
https://flocksafetysupport.zendesk.com/auth/v3/signin
Redirect Chain	
https://flocksafetysupport.zendesk.com/access
https://flocksafetysupport.zendesk.com/auth/v3/signin
Headers	

HTTP/1.1 302 Found
cache-control: no-cache
zendesk-route: /access
Date: <REDACTED>
location: https://flocksafetysupport.zendesk.com/auth/v3/signin?role=end_user
set-cookie: _zendesk_shared_session=-SXJlNC9VMUtqYmNtS2NzbTF1a1NVZHVlTlQ2ZXVVYVM1TVlzV1VxSDZtbHdkNDZTS1BPVXI3V1FjL3lpdkY4SlUyRDVlbGFVU1RYQ29XYXEyYllIcU5RejljaWVlUjFVaWFtYVNYcEZnUXZ2WGZlSUFyUk82bnNLTmtyQUVkRDlrWkl5NjlBMXVodTJ6RDd2MlVqTkhRPT0tLWY4ZEhUK2JnTDVQRVdLMnNzOFlsaWc9PQ%3D%3D--8d7e38396129976ce86129234620b38e8ccea925; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _zendesk_authenticated=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; HttpOnly; SameSite=None
Set-Cookie: _zendesk_session=Xs4TRh5K1FtAxPA%2B4iG4ZN9FVkuBKwrp%2BxhIMp4pypiaWqTKh5PYfhifHiDzRgYeBg77M6KclHjMuAmUXeJ3jXuksN8FRimPKp9IWX%2Fy1rniSqnI5u%2BvFYtah0LrXnYN84a%2FyppYfEwXsqB%2FP80ratS4pFHwdkqef4%2F3%2FtU0ROJ4isOPdX9P6vwSPJRkWsnwVhGnfiY4FgpHFQNmsXC%2BbL9mIFwUI4Y%2BXKY290sinN957cZAaVvRCwa8qpYOQ4d6iYqd%2Bld9vpcG%2FAd8olccVaAHpirfZ2Gmx%2BWki2q%2FGfqsPjL0%2FFcFEA6evGjl3%2Ba%2Fz7XEfekYV4fjEQNSxwMzPoWB0aNRgtVYW70gku92elvUpTm4Yrid0BFBLt7b7Wq%2Bqd47%2BmrEJDzNPTxgfXQZXuDeczSLoK12gwPBBJQu6bZkhqjbUtStaaqxIopAvVSc9G6j%2F8NbKN3TAA6kqD%2FuIGobV2ENRfh91kxW6y0S0xZt7iok9SH5YxhmUlK%2FhlfX--lpvd8LLFV0NTocRQ--QoeeJJmWx%2FjP8MKJ5epJiA%3D%3D; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: __cf_bm=MkieKShcdCVRRisUPFuI0SbLrtf7jpu_V6tgl8KR.70-1777783401-1.0.1.1-pGhLgQ8xpeEQlSmEFUpKaSil..xb7C452xElhE1CZ3sZSEGldZOnPGeGvzW2avlADjFQbJt6SW8mjQMQfcvMBLF7322tkAaAFPo.UFOppPqklX1kzIbNJtBqx6kEXaSr; path=/; expires=Sun, 03-May-26 05:13:21 GMT; domain=.zendesk.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=n3GRv1Imps9e.mUPRyLNre_LshgCQ7pBawr.JMUMEUc-1777783401047-0.0.1.1-604800000; path=/; domain=.zendesk.com; HttpOnly; Secure; SameSite=None
x-request-id: 9f5c9aab6dc18ca6-HKG
x-runtime: 0.032135
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-zendesk-origin-server: classic-app-server-84c5c6d84c-p5ssn
x-xss-protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuO1QyItgta4cIWn%2BYwKFvXKdVK5lv2DjbjbSNy8WwKNjYLF7RgYNBfJVPc9QZs%2B1Cj7MUpD5D2i8xIdZ1QHgPFsVFG1x3tAEtVmmuFiAfD2O%2FUzwplYLc8laehBf9klohhDXu5jwU%2FWNplqvQ%2BluA%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept
Transfer-Encoding: chunked
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
x-envoy-decorator-operation: /access
zendesk-service: classic
x-envoy-upstream-service-time: 36
Server: cloudflare
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
content-security-policy: frame-ancestors 'self' ;
x-zendesk-zorg: yes
CF-RAY: 9f5c9aab6dc18ca6-HKG
Connection: keep-alive
via: zorg

URI	
https://flocksafetysupport.zendesk.com/auth/v3/signin
Path	/auth/v3/signin
Body Hash	29d4148ff660e461276621953286c3121dee1a4fc4ad00802ab98365fdcd99e5
HTML Title	
Sign in to Flock Safety
Headers	

HTTP/1.1 200 OK
strict-transport-security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
cross-origin-opener-policy: same-origin
Set-Cookie: _zendesk_session=QpbvckzhN1LCj56%2B16yoYPNczxenm%2BwVeB6VM9M%2BuZMFcm2gDj4zlQXoc1no51EjMXzxcPf%2F7UkHCbRg8zxZfjDHZZUOVh5wbkJGtX1eVpjecqJ6uY8Jfi3rslRMumwkLTGZS71uX45ICdmnMfEZuAkpOcoOYxoUIuyYZ0ySVK31Q4fkIO4ZfydJz%2F27lYzk8RmVcliYJw%2BLsbPJG2liOde8a%2B%2FgrfC4I3aVGAotqc%2FZq0eWdcyRvffvQUrwLxXlWIU3Mf8a4maZTlqZAVhQlgzClAV9kmvjVFLtvDBVOxcRK2d9pqeoSJk4nWuK127loIbclBgQ92LMKxTUb66I2gAKmWaSm0EZWHOcCaZHPiLHLORSfZreBIAiREZ%2B8Z9LxYxjNygL5mrd3ufyhjoEBSFdOugeDrlFGa4dpr1DXjcwdwKYJxJ00lkLJ%2FhgKUGoE9olfNQ58LilYVj%2BRn%2ByouxZlflLSF02FlaKQNUmFN3eIwgCiMJxpK2Y2kfccVwChNdVOQUfdA94ymWp%2BOeJkTilnAcEdDmuk7oUosYDF2PUDbmZJcuJ2%2FSjJDVulnfqdRgQgmY7h9HgKbQfsyh%2F8RLcfNZzVR8io1xcETAYn0Q%3D--LUrXgwWNywYWCpZ5--LPQfKbEpghiOHknqAfoiYQ%3D%3D; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: _zendesk_login_session=Fe26.2*1*49aa481df9e2e8cb399bfd502adce1a74fe47f2de0fb349df2a19435fba1b017*TbvT5EhgPDuzg1rRrzcO-A*h2LG52frxoKU2sBq3-8WL8t6_6oXWOPWVpAf41za4Mc4-NKuhrtrrPO83ylPrH3PYyjJxN6DW7ylLLo5oI7DanyEPRyb7YTi7Zgd7PXItnr-zINPhwyUI9Yk8-_p3WO8*1777783763280*f036932d513e271ae11b4d5fa09d7338e84a3318c19bbdbc94d93b81a6bf2f12*61Iz_ufZxpeFIF_6UTfotNb4_jFW-EsBZKXa7Rtylc8~2; Max-Age=300; Path=/; HttpOnly; Secure; SameSite=Strict
Set-Cookie: __cf_bm=pu9TRqVTYvp9vkGN8yv3tFVbNSF2qdHKtKMGNQHmBnk-1777783403-1.0.1.1-6CRWfqITCGB9EwbIchqj_EILddHp_Xze9aLOmNOzoDCnoeg4q4PVVxic0Wct7nFdCSNLqh.OJ.O0E7xu7lMdTbHXiNkxkpH77DG7eoPvEUIxoJLXx4Obt6gqpOdIPKEy; path=/; expires=Sun, 03-May-26 05:13:23 GMT; domain=.zendesk.com; HttpOnly; Secure; SameSite=None
Set-Cookie: _cfuvid=zTST3KyMRf1oG29GnnaBs3V2YvMVsqlJqz42.MyOaYg-1777783403398-0.0.1.1-604800000; path=/; domain=.zendesk.com; HttpOnly; Secure; SameSite=None
Date: <REDACTED>
cf-cache-status: DYNAMIC
x-powered-by: Next.js
x-envoy-decorator-operation: /auth/v3
vary: Accept-Encoding
x-envoy-upstream-service-time: 154
Content-Type: text/html; charset=utf-8
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-frame-options: DENY
Transfer-Encoding: chunked
zendesk-ep: 5
x-zendesk-zorg: yes
Server: cloudflare
CF-RAY: 9f5c9abc6f85108a-HKG
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Qvt93LBaFYvAMP%2FGLXfxNFJQiqmc9OS5qShZLujqKe%2FYym4hz9JQkwvbxKfiJmV4To6mmbvmc9%2FgKBc29wUuwWLLCQsz3J4ranI%2FRIsaB4fKXd1THdFXflXUBnL3oJ%2BA%2FkmEUm9RtfHjOeG5LAEnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-security-policy: form-action 'self'
Connection: keep-alive
via: zorg
x-request-id: 9f5c9abc6f85108a-IAD
zendesk-service: login-ui-service
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
set-cookie: _zendesk_shared_session=-VGpnRUtuZ3NVMTNvYThHWXU2U2F4eGJWUUZwWXF2SGFjNGNvd1N5QUhBU3F2NHhLWFZ5b0Z3dUlRZEZwU25DN09pZ0RLbHJSSmpEbys2ektMby9lNlJJZVlVT0dmWFBoMExLMnI5cW05akhrOXNWUTliZGc0TnJqcHlyRlFmV3hiN3poaVkvLzlXSXZNSTlwTVNjYVpneUFGT3o1L1U3cFlQSjF4OGlwZXF4OEV3NE95VS9ocGEvZGNEekttc2oyNkZrS1Z1c2JYRXQ1VFRZZVcxV0VPbWR3YXV1bnpqOVZSVlRCRW9vRjQ4dGttejd2blJBa0hyZlBvbFcxemg5SWFRUmRxY0tyZXZ0Z1FCUVgzNGROWTVZd3VLK05PKy9KdG45ZklSb3hJWVFoSFAxTlVKaVN1ZGViY2VnSEpyZHNENE5VT0tLcTRnckNDdVZnVjBENy9IZE1aV1FYeHY5dkF2azZ3UTBpY1MwSE94NTB4WlVhS3VRK2poa01iUDJ5OVJjb2RTTlNYc1cxVzB1UnlHVldWeTNwUGIrZjVZQWlqekxGRU1EeGN0TT0tLTFQQ0pRSG93Vk5PMVo2YVVBTHpRSGc9PQ%3D%3D--49a0993fc0a01d3b17f83249c2977fc05988260e; path=/; secure; HttpOnly; SameSite=None

Response Body

Sieht dann ungefähr so aus:

1
11600×779 6.62 KB

Hier noch der Link zur int. Cam-Suche (ALPR):

h**p://66.51.99.34:25566/

Sieht dann ungefähr so aus:

0
01600×779 432 KB

Hier noch weitere Daten, Querverweise, weltweite Anbindungen an das interne System, sowie noch einiges andere lustiges… Leider kann ich nur einen kleinen Teil hier ins Forum laden, weil die schiere Masse einfach so groß ist…

:wink:

https://platform.censys.io/search?q=%22Flock+Safety%22

2 „Gefällt mir“