web.core-banking-2.staging.getampla.com Open in urlscan Pro
35.186.230.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://web.core-banking-2.staging.getampla.com/
Submission: On October 07 via api (October 7th 2023, 10:41:09 pm UTC) from US — Scanned from US

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 14 domains to perform 40 HTTP transactions. The main IP is 35.186.230.77, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is web.core-banking-2.staging.getampla.com.
TLS certificate: Issued by GTS CA 1D4 on September 7th 2023. Valid for: 3 months.

This is the only time web.core-banking-2.staging.getampla.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	35.186.230.77 35.186.230.77	15169 (GOOGLE) (GOOGLE)
1	52.85.61.58 52.85.61.58	16509 (AMAZON-02) (AMAZON-02)
1	172.65.255.172 172.65.255.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:23c... 2600:9000:23cb:8000:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.164.116.82 18.164.116.82	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21d... 2600:9000:21dd:ac00:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:9251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
2	52.20.167.62 52.20.167.62	14618 (AMAZON-AES) (AMAZON-AES)
2	54.243.87.191 54.243.87.191	14618 (AMAZON-AES) (AMAZON-AES)
1	54.235.212.140 54.235.212.140	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1901:0:c... 2600:1901:0:c072::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	15

13 35.186.230.77 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 77.230.186.35.bc.googleusercontent.com

web.core-banking-2.staging.getampla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiv2.core-banking-2.staging.getampla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-58.ewr53.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:8000:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-82.jfk50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:ac00:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9251 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.167.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-167-62.compute-1.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.243.87.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-87-191.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.212.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-212-140.compute-1.amazonaws.com

app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:c072:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

rum.browser-intake-us5-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

getampla.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	getampla.com web.core-banking-2.staging.getampla.com apiv2.core-banking-2.staging.getampla.com	1 MB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2397 ekr.zdassets.com — Cisco Umbrella Rank: 2723	221 KB
3	zendesk.com getampla.zendesk.com	1 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1044 heapanalytics.com — Cisco Umbrella Rank: 946	45 KB
2	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 17700	45 KB
2	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 418	65 KB
2	calendly.com assets.calendly.com — Cisco Umbrella Rank: 14328	20 KB
1	browser-intake-us5-datadoghq.com rum.browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 22727	310 B
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 18399	1 KB
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 15276	1 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1012
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	45 KB
1	hsforms.net js-eu1.hsforms.net — Cisco Umbrella Rank: 69943	175 KB
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 40730	5 KB
40	14

	Domain	Requested by
11	web.core-banking-2.staging.getampla.com	web.core-banking-2.staging.getampla.com
7	static.zdassets.com	web.core-banking-2.staging.getampla.com static.zdassets.com
3	getampla.zendesk.com	static.zdassets.com
2	heapanalytics.com	web.core-banking-2.staging.getampla.com
2	x.clearbitjs.com	tag.clearbitscripts.com
2	maps.googleapis.com	www.googletagmanager.com web.core-banking-2.staging.getampla.com
2	assets.calendly.com	www.googletagmanager.com
2	apiv2.core-banking-2.staging.getampla.com	web.core-banking-2.staging.getampla.com
1	rum.browser-intake-us5-datadoghq.com	web.core-banking-2.staging.getampla.com
1	app.clearbit.com	web.core-banking-2.staging.getampla.com
1	ekr.zdassets.com	web.core-banking-2.staging.getampla.com
1	tag.clearbitscripts.com	web.core-banking-2.staging.getampla.com
1	cdn.heapanalytics.com	web.core-banking-2.staging.getampla.com
1	cdn.pendo.io	web.core-banking-2.staging.getampla.com
1	www.googletagmanager.com	web.core-banking-2.staging.getampla.com
1	js-eu1.hsforms.net	web.core-banking-2.staging.getampla.com
1	js.verygoodvault.com	web.core-banking-2.staging.getampla.com
40	17

This site contains no links.

Subject Issuer	Validity	Valid
web.core-banking-2.staging.getampla.com GTS CA 1D4	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-02-28` - `2024-02-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.pendo.io Amazon RSA 2048 M02	`2023-06-30` - `2024-07-28`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
clearbitscripts.com Amazon RSA 2048 M01	`2023-06-11` - `2024-07-09`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
apiv2.core-banking-2.staging.getampla.com GTS CA 1D4	`2023-09-07` - `2023-12-06`	3 months	crt.sh
calendly.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
clearbitjs.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-16`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
clearbit.com Amazon RSA 2048 M03	`2023-09-18` - `2024-10-17`	a year	crt.sh
*.browser-intake-us5-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-23`	a year	crt.sh
getampla.zendesk.com Cloudflare Inc ECC CA-3	`2023-06-26` - `2024-06-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://web.core-banking-2.staging.getampla.com/
Frame ID: 26D0440807C69AC96FAE38845D145A81
Requests: 30 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Frame ID: 42DC99603977FE31FD5302843CEA9B07
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Ampla - Staging

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

40
Requests

100 %
HTTPS

40 %
IPv6

14
Domains

17
Subdomains

15
IPs

2
Countries

2029 kB
Transfer

8198 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
web.core-banking-2.staging.getampla.com/ 8 KB
3 KB 166ms
61ms Document
text/html 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

8ffcd79f7d4d2fb5b9526c0647f4ae798afe0a19b689efbde3609eff6ba59983

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'none';
content-type: text/html
date: Sat, 07 Oct 2023 22:41:03 GMT
etag: W/"6520448e-1f97"
expires: 0
last-modified: Fri, 06 Oct 2023 17:31:58 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK show.js Show response
js.verygoodvault.com/vgs-show/2.0.0/ 14 KB
5 KB 236ms
61ms Script
application/javascript 52.85.61.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-show/2.0.0/show.js
Requested by: Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-58.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5339ebc469e2cebc014a9a4e435a6f532634d27859904b4fcb342ea9795dfb0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: VWYyTETYLEwykeL81vndz0_ML5dK17qR
Content-Encoding: gzip
Via: 1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
Date: Sat, 07 Oct 2023 15:56:17 GMT
X-Amz-Cf-Pop: EWR53-P1
Age: 24457
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 25 May 2022 22:57:33 GMT
Server: AmazonS3
ETag: W/"39c98e0c8887b063f39aeb6ba0d4685a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 7xbP-0Ll6OgYTJEnATjKEKlXHCkhTI0NR0wZHZW5uIl7OMoEsh7Qtw==

GET
H2 200 v2.js Show response
js-eu1.hsforms.net/forms/embed/ 549 KB
175 KB 492ms
148ms Script
application/javascript 172.65.255.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsforms.net/forms/embed/v2.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a24e66d830ef814bbcc4553b662e0c2afe733f8f30fb4a86be6df577d146bec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding: br
age: 122
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3812/bundles/project-v2.js&cfRay=8129a3421e910363-CDG
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"84d6c03b19ba72ee08ca8c27dee147c2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3812/bundles/project-v2.js
date: Sat, 07 Oct 2023 22:41:03 GMT
x-amz-version-id: 4b09e6_AhU37WJHx62r2StyRWH0KMlOF
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
x-hubspot-correlation-id: d3de18b6-a1c6-4fc1-862e-c41b76aedd5f
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: d3de18b6-a1c6-4fc1-862e-c41b76aedd5f
last-modified: Fri, 22 Sep 2023 08:13:06 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOtRNMlmDKQ91lVwjR7iyMmADbASeNJDxc5lKnSMzYcbjsn5Ll0r2A3gtbgztPm8DjFGZ%2FWBXNvC9ZDqx51LfOAbh8qBMsy1CsPpxjnIc%2F1CAupUpolo5KPFtwZ401e7iQr48w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-797758f45b-8q8m9
cf-ray: 8129a63dfd670263-CDG
x-amz-cf-id: _MN79IM58CYY3jyYHF6cSCdiBByb3vQRUGGcbl3N9RuaLgHFQ3UlCQ==

GET
H2 200 file-f64b8fb8.js Show response
web.core-banking-2.staging.getampla.com/assets/ 612 KB
196 KB 66ms
65ms Script
application/javascript 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/file-f64b8fb8.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

8d6deb917d0c9b1ad2f4dec0beefa062e110ef16639624c806dda258eb0fef13

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://web.core-banking-2.staging.getampla.com/
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:03 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
via: 1.1 google
etag: W/"651dfe6d-990ec"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 vendor-a32aae4d.js Show response
web.core-banking-2.staging.getampla.com/assets/ 5 MB
1 MB 166ms
165ms Script
application/javascript 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/vendor-a32aae4d.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

7f48e82d43508b610d65462a983f02b936df5058a76a2b0d6364278b4601f2af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://web.core-banking-2.staging.getampla.com/
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:03 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
via: 1.1 google
etag: W/"651dfe6d-57e734"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 index.template-157db03d.css
web.core-banking-2.staging.getampla.com/assets/ 15 KB
1 KB 165ms
164ms Stylesheet
text/css 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/index.template-157db03d.css

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

157db03dbbec37be02dcffe06ebc1ba6ff02a406be0af5da13ef51b509d9867d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:03 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
via: 1.1 google
etag: W/"651dfe6d-3b4c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
45 KB 216ms
83ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P9HVDNC

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e170db33686956e748d65f80235d0b171138fe25a10777df9b6f557f5f03dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45473
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Oct 2023 22:41:03 GMT

GET
H2 403 pendo.js
cdn.pendo.io/agent/static// 0
0 335ms
67ms Script
application/xml 2600:9000:23cb:8000:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static//pendo.js
Requested by: Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:8000:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 heap-3999504568.js Show response
cdn.heapanalytics.com/js/ 128 KB
45 KB 342ms
149ms Script
application/javascript 18.164.116.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3999504568.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-82.jfk50.r.cloudfront.net

Software

nginx / Express

Resource Hash

1f32b6be9fc430ad6123419be99101bb1be6a7a22b72809cb694895d258d62b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
content-encoding: br
via: 1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: JFK50-P6
x-powered-by: Express
etag: W/"20081-1qffcFp9eyiIqwfe1UhGycU4PAc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: A3Ox_uukVKK0zY5QvhN-YUgaeZ6ctIg8WdDXngL_p5p_BX7Cr9IHgQ==

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/ 2 KB
1 KB 325ms
145ms Script
application/javascript 2600:9000:21dd:ac00:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/tags.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:ac00:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

39072bc4ce6d3f1230d13739e0401b7533c8d326035beee0fec33c962466e347

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: EWR53-C2
etag: W/"dac27e946f14e207fbcf47da2bf6d5a5"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: Zs3nFe9mrOz8IW_DTnurOtBsW_Jwb_Y06Eea-7oPqu3abaQB90HWWQ==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 122ms
43ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=64446992-cf68-45c2-b4bf-5df1b3405521

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/file-f64b8fb8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG72W2QZVQMR1RD
age: 23
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GoVnoy2qF9Dk8kQ+MdMhKfghn0mARE7l9EgbJdLnNNuU43oimKcqsqzdesH+K0MfnzCSaDN4yLTxUfwJSR/6zQ==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX%2B53nupdNlXMXMwVSqL%2FVtl1Ac6utWC%2Fbwk4meDyzQDD85Ti1U5gHgOPIqHxw%2BVrTmhrUQMTvnbVbzTu0O2UKWkx0x8gbCBkmnZWqMp2T8vgTSmNNSs85ox6lmh0C%2BpXjB2voA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 8129a6435e6a6da3-MIA

POST
H3 403 / Show response
apiv2.core-banking-2.staging.getampla.com/api/auth/token-refresh/ 73 B
95 B 151ms
83ms Fetch
application/json 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apiv2.core-banking-2.staging.getampla.com/api/auth/token-refresh/

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/vendor-a32aae4d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

gunicorn /

Resource Hash

16c4f4cb9a29a639f5f787b0a3c769933e4187fcbc582d1324f9ad9fe4881e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-datadog-sampling-priority: 1
content-type: application/json
Referer: https://web.core-banking-2.staging.getampla.com/
x-datadog-parent-id: 3366646458285792646
x-datadog-trace-id: 7431591673187443359
crossDomain: true

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: same-origin
server: gunicorn
vary: Cookie, origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://web.core-banking-2.staging.getampla.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73

OPTIONS
H2 200 /
apiv2.core-banking-2.staging.getampla.com/api/auth/token-refresh/ Frame 0
0 176ms
63ms Preflight
text/html 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apiv2.core-banking-2.staging.getampla.com/api/auth/token-refresh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 77.230.186.35.bc.googleusercontent.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,crossdomain,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method: POST
Origin: https://web.core-banking-2.staging.getampla.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, crossdomain, x-datadog-origin, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-trace-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://web.core-banking-2.staging.getampla.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 07 Oct 2023 22:41:04 GMT
server: gunicorn
vary: origin
via: 1.1 google

GET
H2 200 widget.css
assets.calendly.com/assets/external/ 2 KB
1 KB 214ms
145ms Stylesheet
text/css 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9HVDNC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcb209ef6d7ca07243d60aa46a83865255672006c403b988209cfbb6eacf88a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 281
cf-polished: origSize=3459
last-modified: Wed, 04 Oct 2023 20:49:48 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4818473200224c9f9497adef8d7685bc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 8129a6435aa3d9cd-MIA
expires: Sun, 08 Oct 2023 22:41:04 GMT

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 52 KB
19 KB 210ms
140ms Script
application/javascript 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9HVDNC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a158ad4fe74be96863bb9534899c4ba6625e478e4494d11b643540bfe30bcf38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 04 Oct 2023 20:49:48 GMT
cf-bgj: minify
server: cloudflare
age: 239
etag: W/"9150b7c4e4055e8484012f9edb2b0e2b"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 8129a6435aa4d9cd-MIA
expires: Sun, 08 Oct 2023 22:41:04 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 192 KB
65 KB 338ms
180ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAZkalIEPpi2VjuQWp7gNBL5BLyng5glXA&libraries=places

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9HVDNC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7fac653b40493532b55468a2a965c4b0adc9f00000f5eeeb567b6a04d7e96da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66351
x-xss-protection: 0

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/ 0
44 B 356ms
203ms Script
application/javascript 52.20.167.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.20.167.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-167-62.compute-1.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
content-length: 0

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/ 168 KB
45 KB 297ms
144ms Script
application/javascript 52.20.167.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.20.167.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-167-62.compute-1.amazonaws.com

Software

envoy /

Resource Hash

a1645e830734c6924905722cad7b50f616fa3544ebb0c60f5681477894d9a49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 178ms
57ms Image
image/gif 54.243.87.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3999504568&u=6065135928035772&v=810206564329597&s=3463614858827412&b=web&tv=4.0&z=0&h=%2F&d=web.core-banking-2.staging.getampla.com&t=Ampla%20Portal&ts=1696718464467&st=1696718464470

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.87.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-87-191.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 22:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 64446992-cf68-45c2-b4bf-5df1b3405521 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 230ms
157ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/64446992-cf68-45c2-b4bf-5df1b3405521

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/vendor-a32aae4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe2730f7a2658464930aa54b0c0f313d642c4004283f2f7fd1774d0ec9da2371

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 811161ec1c011ff6-SEA, 811161ec1c011ff6-SEA
x-runtime: 0.002911
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fe2730f7a2658464930aa54b0c0f313d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSi18wM38v2KqLk5mAbmteb59zsJ8F5egM3AfjbBIyxFwblO2S3olV%2FcC5HZZ2x8GG7QZyqZNZmcEXBq7thlUAkUTxq9BG13Q2ie9LxvZIpeocvOozR6pX%2BqjazRIQdSgMg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8129a6442889b3b9-MIA

GET
H3 200 index-b2bcf5d2.js Show response
web.core-banking-2.staging.getampla.com/assets/ 160 B
169 B 63ms
62ms Script
application/javascript 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/index-b2bcf5d2.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/file-f64b8fb8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

adbf9c58ed0327f273863f9e9b36f70a0bd8db2ba790f6239f3297a6d6effd56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
via: 1.1 google
etag: W/"651dfe6d-a0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 Home-38abb8a2.js Show response
web.core-banking-2.staging.getampla.com/assets/ 344 B
298 B 62ms
61ms Script
application/javascript 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/Home-38abb8a2.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/file-f64b8fb8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

4a8d87395a0173369f361c900c315a868ff7e2c3d51e800d9a9bea668b902e5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
via: 1.1 google
etag: W/"651dfe6d-158"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 42DC 453 KB
143 KB 57ms
56ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=64446992-cf68-45c2-b4bf-5df1b3405521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
x-amz-version-id: buuqfOo_4CCc42mcfHh3348fXV_AyXJg
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGEA960H2ZYQF44
age: 1529506
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: nw3jyuhiq3zL/h04RVNKDMzpavlZMPFzJXiZC5xtbC4ZLP8wNgKfpJUyfAiDJwTxU4G8dpyWlQs/4zNcj7R8Pg==
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"39c5d5a29a88c9c1a9f281848ad16b16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0iKeXHhXVPGnp6RNHK7UkCMmfyjb%2BYXnVzlH4NL%2F3h9YQO%2B%2BRElODjocGyvFQgzY2n%2Fr6KgS%2BmpzEpeD%2FlnKiFJ4tAO9jQZ8%2FaHr6KQGCcaiNGNl7QAwdP%2FocuFsrLnycR0iSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8129a645485a6da3-MIA
expires: Fri, 23 Aug 2024 03:43:40 GMT

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 309ms
139ms XHR
application/json 54.235.212.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/vendor-a32aae4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.235.212.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-235-212-140.compute-1.amazonaws.com

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.core-banking-2.staging.getampla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://web.core-banking-2.staging.getampla.com
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
access-control-allow-headers: Authorization, API-Version, Content-Type

POST
H2 202 rum Show response
rum.browser-intake-us5-datadoghq.com/api/v2/ 53 B
310 B 243ms
146ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.42.2%2Capi%3Afetch%2Cenv%3Acore-banking-2%2Cservice%3Aportal%2Cversion%3A1.0.0&dd-api-key=pube3c8a2a9576d10e1aa1e60a4c0456dd6&dd-evp-origin-version=4.42.2&dd-evp-origin=browser&dd-request-id=5c738310-c782-4024-ba3d-1ad4c0340fe0&batch_time=1696718464887

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/vendor-a32aae4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

3d012a5d398eb34d8e94b324635eaa2e5d983b39af8a7174601f1c50ecfcc19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.core-banking-2.staging.getampla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 07 Oct 2023 22:41:05 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
via: 1.1 google
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53

GET
H3 200 index-201f6be4.js Show response
web.core-banking-2.staging.getampla.com/assets/ 2 KB
859 B 62ms
60ms Script
application/javascript 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/index-201f6be4.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/file-f64b8fb8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a85d499750811d64b0a04b91df5c57a799d11a50b9d18bbeff96d97e519ea098

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
via: 1.1 google
etag: W/"651dfe6d-6fc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 LoginForm-b38d67d6.js Show response
web.core-banking-2.staging.getampla.com/assets/ 3 KB
1 KB 62ms
60ms Script
application/javascript 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/LoginForm-b38d67d6.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/file-f64b8fb8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e17be2985b59a4c4adcf66a767f5ad5eb7a49b70a2c4d177471576bd354367ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
via: 1.1 google
etag: W/"651dfe6d-bc3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 AlternativeDivider-13000f66.js Show response
web.core-banking-2.staging.getampla.com/assets/ 849 B
455 B 66ms
65ms Script
application/javascript 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/AlternativeDivider-13000f66.js

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/file-f64b8fb8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

86d1040c20443f889173ad3f9cca554633f0a582fa452737b3417db15577f9af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:04 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
via: 1.1 google
etag: W/"651dfe6d-351"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 58ms
58ms Image
image/gif 54.243.87.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3999504568&u=6065135928035772&v=1029562979158687&s=3463614858827412&b=web&tv=4.0&z=2&h=%2Flogin&d=web.core-banking-2.staging.getampla.com&t=Login%20%7C%20Ampla%20-%20Staging&ts=1696718464900&pr=%2F&sp=ts&sp=1696718464467&sp=d&sp=web.core-banking-2.staging.getampla.com&sp=h&sp=%2F&st=1696718464900

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.87.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-87-191.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 22:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 204ms
77ms XHR
application/json 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/vendor-a32aae4d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://web.core-banking-2.staging.getampla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://web.core-banking-2.staging.getampla.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 42DC 16 KB
3 KB 45ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
x-amz-version-id: Gb950S5306bStT2XGhy0_xYQToJJizIu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGFCQBHX2R67P0J
age: 1529507
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yIOYrQ96pp64obfm1LTovK0DJbNc7LaNeE3Umnw4bLCENTcGqficcT4MIZnM29JZclBbgJezI6hkdZ+iqmAt9Q==
last-modified: Thu, 24 Aug 2023 03:43:43 GMT
server: cloudflare
etag: W/"8f649b5684cbdc6de706c3ee378b158a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqCg8lFrsVwHQ4Xy1O0gdLPMAve9diUyQindnIFfJs4P1G5jZsb2%2BNHRlLstxzKDzWisNLFXa6KgfjeaZf5QUmlM%2BwKFH1rrfWY9I9JuCWBr%2BzrZq0bGNuiiTwC1x1wdrGhRICo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8129a646b9a06da3-MIA
expires: Fri, 23 Aug 2024 03:43:42 GMT

GET
H2 200 web-widget-4852-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 42DC 139 KB
47 KB 48ms
46ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
x-amz-version-id: nYMPFR.iqtfU72nwkjhPOt8gBbfBzGZl
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGCP8S6B2XHPP58
age: 212977
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: AuT+oKybN4nB5Mvkx1hJIyPo2uNmw4h+GFcZ09JrDffOSm6DbgfQvsDA+ZajPKAAAef06dsu/WA=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"537006977bee3c56b5a5b9900b593d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PHXOk%2FIfTFaA8h2yA4tjo2n7q6KaoZG7Mk7AyebFIZWs4got3m90jOQFfen%2BWfL%2B73pdWS%2BHY5lV8c%2B642KD1JMSrXvi0gDfBqy0gdvvF8kHmKF%2BXRNp3V7%2FMNX0kE%2F%2FJ39rOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8129a646b9a46da3-MIA
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-519-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 42DC 24 KB
8 KB 54ms
52ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
x-amz-version-id: lxotykkgECMc9LkwVmT9pOhbgN52rwSH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG72XJPEW4JMDN4
age: 1529507
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 2kgVXUeI+LLMX0KuXsoryuDh55Xjg21expXscynwc9n5FAenGqev/mg0NAlydBUqQMvIqPoBrXqqGHN2vQI/pg==
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3geASrrKGCTMgjTOxKl0I025VIUgW5Ji00ibWpNmOkdhFTz3GG66%2FoInotQIZS0AjxxpkVnmijv5PydsR5WJogoXhyWAN9t%2B%2BV6R3NJDuAFp3QJgJcDA5%2Fp%2B3zZniZM082ipy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8129a646b9a66da3-MIA
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-5178-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 42DC 24 KB
7 KB 46ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
x-amz-version-id: sSav_AkeQS.PdbhOQG5COPnxKLj812h0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGF6PT32R8YMS8S
age: 1529507
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: NSY4T048+NQRvNU8ja/Apr+VseXa2q35oaApR0zVm+H09wYr5Z2Iv5vRUDeyK6tOi9oUmu3ZH/hY12+LBIXTUA==
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB67PZ5A9QDCe5OYduHTQDVd2POOrFECU78TvD9HyVG%2FkivJni4UftTu0od7EmgVrpZV7hFbrq84vInvYRTKhjls8yFbkHSzXvjvgq627z6HppnE%2FvsqCyDuWkt34ZE3CMbyw9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8129a646b9a76da3-MIA
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-9535-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 42DC 15 KB
6 KB 47ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
x-amz-version-id: TQwoJrATHBNX6IVnB55aFvI.RS16xjhS
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG8KVT4FPM8SWEZ
age: 1529507
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: TWy0LkjQaQd67RZpp1XgdCwQeqJ/aDt5pnCQ7KbF+E6qWm7IHD0tMT1plIcs/g1wAJdzsDEAxi2Bcq7jKLM49A==
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"e3df43ad3700a0c6a03da6179cd57460"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2L0Xfn2OTxorqD1LKwH3Pfo7k4tHIjaMOKe7KUJmhWD9Gqvs06FGZE4hk9fNDrFcIyVMAgOv%2FBbJx7DjgPHvu863%2FlmmEB3ZfcJwkFduuKGU7wZHtJgRi44c05eK8M1S2k4EG94%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8129a646b9a86da3-MIA
expires: Fri, 23 Aug 2024 03:43:40 GMT

GET
H3 200 noto-sans-latin-400-normal-88f00438.woff2
web.core-banking-2.staging.getampla.com/assets/ 13 KB
13 KB 60ms
60ms Font
font/woff2 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/noto-sans-latin-400-normal-88f00438.woff2

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/index.template-157db03d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://web.core-banking-2.staging.getampla.com/assets/index.template-157db03d.css
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
content-security-policy: frame-ancestors 'none';
via: 1.1 google
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
etag: "651dfe6d-323c"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12860

GET
H3 200 noto-sans-latin-500-normal-efc3c8a0.woff2
web.core-banking-2.staging.getampla.com/assets/ 13 KB
13 KB 60ms
59ms Font
font/woff2 35.186.230.77
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web.core-banking-2.staging.getampla.com/assets/noto-sans-latin-500-normal-efc3c8a0.woff2

Requested by

Host: web.core-banking-2.staging.getampla.com
URL: https://web.core-banking-2.staging.getampla.com/assets/index.template-157db03d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.230.77 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

77.230.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

efc3c8a0ed2a9f798cae16417b7832147de397ebf1f8fb6cd4462f240605198e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://web.core-banking-2.staging.getampla.com/assets/index.template-157db03d.css
Origin: https://web.core-banking-2.staging.getampla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
content-security-policy: frame-ancestors 'none';
via: 1.1 google
last-modified: Thu, 05 Oct 2023 00:08:13 GMT
server: nginx
etag: "651dfe6d-3330"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13104

OPTIONS
H2 204 pv
getampla.zendesk.com/frontendevents/ Frame 0
0 200ms
88ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getampla.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://web.core-banking-2.staging.getampla.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8129a647dd21da23-MIA
date: Sat, 07 Oct 2023 22:41:05 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAa8aazlEJ4JJShH46fzp7GAmmUio6RzKyw18FXFPqiYxCdcGi%2FLasvRylvoWZUVCV2Y6q6W0iNpfa7OBW1pS2r4F8wY4d6jXu1nNFRtKvxDlHZDGYgwVIJaGwKrnVR5epKqtuwU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 8129a647dd21da23-MIA
x-zendesk-zorg: yes

POST
H2 200 pv
getampla.zendesk.com/frontendevents/ Frame 42DC 0
0 82ms
82ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getampla.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25I7Uoy2Tx9VHCWFq%2FOzImCKb15ablY0rc3Zx33N9mrolx8%2FHq%2Blj6dNMYTMOpdrqYH5CpGLNbngju9CgfLKVIeoGW8Hey%2BlCML%2BZ3tb0PbnxKACIdkrJ9%2Bfkg0zwX2eFyiP%2BFZO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8129a6486df7da23-MIA
content-length: 0
x-request-id: 8129a6486df7da23-MIA

GET
H2 200 config Show response
getampla.zendesk.com/embeddable/ Frame 42DC 884 B
1 KB 224ms
113ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getampla.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533d9ac435c17ccc333f755b2b8a9eaacfb1120df75122e20b994b2c975cffe7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:41:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5f964646b6-6j87r
x-cached: MISS
x-request-id: 8129a647dd23da23-MIA
x-runtime: 0.002500
last-modified: Sat, 07 Oct 2023 02:19:37 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55vQd8GmLIxHDF1sbHaFWGGWFa91AdB20R9H0eLEZlA%2Bb1VercrroBIVrht3eXA0Bd2FX4YNieaBxxVHl%2BWdV%2BSLulaTszm3CGb%2FVmk7qQbCy5u%2BlrFxWUyK7%2Fjxp2xlZ4RYTimn"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8129a647dd23da23-MIA

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.getampla.com/	1970-01-20 15:18:40	Name: _hp2_ses_props.3999504568 Value: %7B%22ts%22%3A1696718464467%2C%22d%22%3A%22web.core-banking-2.staging.getampla.com%22%2C%22h%22%3A%22%2F%22%7D
.calendly.com/	1970-01-20 15:18:40	Name: __cf_bm Value: 2Ud7zfceOr1.bTBh21ttuLkPxDj0wHh9xlLF1Ux0GpI-1696718464-0-Ae1BQfEvIq/WSbtrEb5w4wdUA8PuZdXcoc0FTBSgJPMhCY0xqe63ORiRd5TiQt83s2FkVZXmSPvoYhT74XHIysI=
.getampla.com/	1970-01-21 00:04:14	Name: cb_user_id Value: null
.getampla.com/	1970-01-21 00:04:14	Name: cb_group_id Value: null
.getampla.com/	1970-01-21 00:04:14	Name: cb_anonymous_id Value: %2273584ee5-e380-4047-bd95-ce537c1183cb%22
.getampla.com/	1970-01-21 00:46:36	Name: _hp2_id.3999504568 Value: %7B%22userId%22%3A%226065135928035772%22%2C%22pageviewId%22%3A%221029562979158687%22%2C%22sessionId%22%3A%223463614858827412%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
web.core-banking-2.staging.getampla.com/	1970-01-20 15:18:39	Name: _dd_s Value: rum=1&id=b1ff25fa-249f-4378-99e4-d12c6bd632b6&created=1696718464409&expire=1696719364409

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.pendo.io/agent/static//pendo.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://apiv2.core-banking-2.staging.getampla.com/api/auth/token-refresh/ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiv2.core-banking-2.staging.getampla.com
app.clearbit.com
assets.calendly.com
cdn.heapanalytics.com
cdn.pendo.io
ekr.zdassets.com
getampla.zendesk.com
heapanalytics.com
js-eu1.hsforms.net
js.verygoodvault.com
maps.googleapis.com
rum.browser-intake-us5-datadoghq.com
static.zdassets.com
tag.clearbitscripts.com
web.core-banking-2.staging.getampla.com
www.googletagmanager.com
x.clearbitjs.com
104.16.51.111
104.18.72.113
172.65.255.172
18.164.116.82
2600:1901:0:c072::
2600:9000:21dd:ac00:7:d7d6:3c40:93a1
2600:9000:23cb:8000:1f:aa31:7740:93a1
2606:4700:4400::ac40:9251
2607:f8b0:4006:80c::200a
2607:f8b0:4006:824::2008
35.186.230.77
52.20.167.62
52.85.61.58
54.235.212.140
54.243.87.191
0e170db33686956e748d65f80235d0b171138fe25a10777df9b6f557f5f03dd1
157db03dbbec37be02dcffe06ebc1ba6ff02a406be0af5da13ef51b509d9867d
16c4f4cb9a29a639f5f787b0a3c769933e4187fcbc582d1324f9ad9fe4881e69
1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346
1f32b6be9fc430ad6123419be99101bb1be6a7a22b72809cb694895d258d62b9
21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694
39072bc4ce6d3f1230d13739e0401b7533c8d326035beee0fec33c962466e347
3d012a5d398eb34d8e94b324635eaa2e5d983b39af8a7174601f1c50ecfcc19e
4a8d87395a0173369f361c900c315a868ff7e2c3d51e800d9a9bea668b902e5b
4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d
533d9ac435c17ccc333f755b2b8a9eaacfb1120df75122e20b994b2c975cffe7
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
7f48e82d43508b610d65462a983f02b936df5058a76a2b0d6364278b4601f2af
7fac653b40493532b55468a2a965c4b0adc9f00000f5eeeb567b6a04d7e96da1
86d1040c20443f889173ad3f9cca554633f0a582fa452737b3417db15577f9af
87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8d6deb917d0c9b1ad2f4dec0beefa062e110ef16639624c806dda258eb0fef13
8ffcd79f7d4d2fb5b9526c0647f4ae798afe0a19b689efbde3609eff6ba59983
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a158ad4fe74be96863bb9534899c4ba6625e478e4494d11b643540bfe30bcf38
a1645e830734c6924905722cad7b50f616fa3544ebb0c60f5681477894d9a49f
a24e66d830ef814bbcc4553b662e0c2afe733f8f30fb4a86be6df577d146bec2
a85d499750811d64b0a04b91df5c57a799d11a50b9d18bbeff96d97e519ea098
adbf9c58ed0327f273863f9e9b36f70a0bd8db2ba790f6239f3297a6d6effd56
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5339ebc469e2cebc014a9a4e435a6f532634d27859904b4fcb342ea9795dfb0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e17be2985b59a4c4adcf66a767f5ad5eb7a49b70a2c4d177471576bd354367ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc3c8a0ed2a9f798cae16417b7832147de397ebf1f8fb6cd4462f240605198e
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
fcb209ef6d7ca07243d60aa46a83865255672006c403b988209cfbb6eacf88a6
fe2730f7a2658464930aa54b0c0f313d642c4004283f2f7fd1774d0ec9da2371

web.core-banking-2.staging.getampla.com Open in urlscan Pro 35.186.230.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

40 %IPv6

14 Domains

17 Subdomains

15 IPs

2 Countries

2029 kBTransfer

8198 kBSize

7 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

web.core-banking-2.staging.getampla.com Open in urlscan Pro
35.186.230.77 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

40 %
IPv6

14
Domains

17
Subdomains

15
IPs

2
Countries

2029 kB
Transfer

8198 kB
Size

7
Cookies

40 HTTP transactions
0 data transactions