sundayapp.io
Open in
urlscan Pro
34.107.245.192
Public Scan
Effective URL: https://sundayapp.io/
Submission: On April 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 14th 2024. Valid for: 3 months.
This is the only time sundayapp.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 34.107.245.192 34.107.245.192 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
4 | 151.101.66.132 151.101.66.132 | 54113 (FASTLY) (FASTLY) | |
2 | 52.89.214.102 52.89.214.102 | 16509 (AMAZON-02) (AMAZON-02) | |
15 | 4 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.245.107.34.bc.googleusercontent.com
sundayapp.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-214-102.us-west-2.compute.amazonaws.com
api2.amplitude.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
sundayapp.io
sundayapp.io |
905 KB |
6 |
amplitude.com
api.lab.amplitude.com — Cisco Umbrella Rank: 4102 api2.amplitude.com — Cisco Umbrella Rank: 1163 |
2 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
8 | sundayapp.io |
sundayapp.io
|
4 | api.lab.amplitude.com |
sundayapp.io
|
2 | api2.amplitude.com |
sundayapp.io
|
15 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
sundayapp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sundayapp.io R3 |
2024-03-14 - 2024-06-12 |
3 months | crt.sh |
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-11-29 - 2024-12-30 |
a year | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2024-01-31 - 2025-03-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sundayapp.io/
Frame ID: 180031463D1AC16FEBD1D18EB7707075
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
sunday - pay fasterPage URL History Show full URLs
-
http://sundayapp.io/
HTTP 307
https://sundayapp.io/ Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sundayapp.io/
HTTP 307
https://sundayapp.io/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sundayapp.io/ Redirect Chain
|
28 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
sundayapp.io/config/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-CcMFKzRs.js
sundayapp.io/assets/ |
488 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-C6IQLpmV.js
sundayapp.io/assets/ |
2 MB 666 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-BtI-TTbZ.css
sundayapp.io/assets/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
vardata
api.lab.amplitude.com/sdk/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vardata
api.lab.amplitude.com/sdk/v2/ |
2 KB 675 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en_US-B3Ti6nNo.js
sundayapp.io/assets/ |
63 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vardata
api.lab.amplitude.com/sdk/v2/ |
2 KB 593 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.png
sundayapp.io/ |
4 KB 4 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
home-page-image.png
sundayapp.io/images/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
b1572f6d-e892-4556-ab3e-24cc092f745c
https://sundayapp.io/ |
2 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vardata
api.lab.amplitude.com/sdk/v2/ |
2 KB 622 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
httpapi
api2.amplitude.com/2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
httpapi
api2.amplitude.com/2/ |
94 B 309 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| sundayEnv function| fallbackCopyTextToClipboard function| copyTextToClipboard function| getNowUtc number| loadStart object| scanId object| ssid object| pwd object| brandColor object| accentColor object| logo object| brandLogo object| logoToken string| url function| sendEvent function| clearImmediate function| setImmediate object| DD_LOGS string| __reactRouterVersion object| __REACT_INTL_CONTEXT__ object| DD_RUM object| analyticsConnectorInstances number| coldStartIsAt number| coldStartTime boolean| networkWasSlowOnAppStartup boolean| slowNetwork3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sundayapp.io/ | Name: AMP_MKTG_b86256eb50 Value: JTdCJTdE |
|
.sundayapp.io/ | Name: AMP_b86256eb50 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJmMGYzNzcyOS1mNzQ3LTQzOTktYjZkOC0yMDkxMTQwYzhhNjElMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzE0NDc1NTIwMDQyJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcxNDQ3NTUyMDEyOCUyQyUyMmxhc3RFdmVudElkJTIyJTNBMyUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA== |
|
sundayapp.io/ | Name: _dd_s Value: logs=1&id=9f0ae298-9750-4224-9f37-fd136c9578b7&created=1714475520030&expire=1714476420032&rum=1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | child-src 'self' blob: ; connect-src 'self' https://api.lab.amplitude.com/ https://api2.amplitude.com/ https://m.stripe.com/ https://r.stripe.com/ https://js.checkout.com/framesv2/log https://*.logs.datadoghq.eu/ https://*.browser-intake-datadoghq.eu/ https://browser-intake-datadoghq.eu/ https://firestore.googleapis.com/ https://firebasestorage.googleapis.com/v0/b/ https://firebase.googleapis.com/v1alpha/projects/ https://firebaselogging-pa.googleapis.com/v1/firelog/legacy/log https://firebaseinstallations.googleapis.com/v1/projects/ https://firebaseremoteconfig.googleapis.com/v1/projects/ https://securetoken.googleapis.com/v1/token https://www.googleapis.com/identitytoolkit/v3/relyingparty/ https://identitytoolkit.googleapis.com/v1/ https://*.smartlook.com https://*.smartlook.cloud https://www.google-analytics.com/ https://auth.alpha.sundayapp.xyz/ https://sunday-eu-alpha.eu.auth0.com/ https://auth.sundayapp.io/ https://sunday-eu-production.eu.auth0.com/ https://edge.api.flagsmith.com/ https://play.google.com/ https://*.fptls.com https://*.fptls2.com https://*.fptls3.com https://google.com/pay https://www.google.com/pay https://pay.google.com/ https://api.sundayapp.io https://api.vpos.sundayapp.io https://api.refresh-bill.sundayapp.io https://api.payment.sundayapp.io https://api.voucher.sundayapp.io https://api.billing.sundayapp.io https://api.receipt.sundayapp.io https://api.user-account.sundayapp.io https://api.venue-feedback.sundayapp.io https://api.loyalty-dispatcher.sundayapp.io https://api.consent-manager.sundayapp.io https://api.menu-back-end.sunday.cloud https://api.payment-terminal.sunday.cloud https://fp.sundayapp.io https://grpc.vpos.sundayapp.io https://webhooks.sundayapp.io/b2c-analytics/ingest https://api.paygreen.fr/ https://api.checkout.com/tokens ; default-src 'self' ; font-src https://fonts.gstatic.com/ https://fonts.googleapis.com/ ; frame-src * ; img-src 'self' data: https://www.google.com/images/cleardot.gif https://firebasestorage.googleapis.com/v0/b/ https://storage.googleapis.com/public-sunday-production/ blob: https://s.gravatar.com/ https://cdn.auth0.com/avatars/ https://*.googleusercontent.com/ https://*.wp.com/cdn.auth0.com/avatars/ https://www.gstatic.com/ https://media.zelty.fr https://*.amazonaws.com/ http://*.amazonaws.com/ https://api.sundayapp.io https://api.menu-back-end.sunday.cloud https://storage.googleapis.com/menu-pictures-sunday-production/ ; object-src 'none' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.polyfill.io/v2/ https://js.stripe.com/ https://www.googletagmanager.com/gtag/ https://apis.google.com/ https://pay.google.com/gp/p/js/pay.js https://core.spreedly.com/iframe/iframe-v1.min.js https://cdn.checkout.com/js/framesv2.min.js https://www.google.com/maps/api/js/ https://www.gstatic.com/ https://fpnpmcdn.net/ https://*.smartlook.com https://*.smartlook.cloud https://pgjs.paygreen.fr/ ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com/ ; worker-src 'self' blob: ; |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.lab.amplitude.com
api2.amplitude.com
sundayapp.io
151.101.66.132
34.107.245.192
52.89.214.102
052c11b87b04d9eee2a52d16127f94f4681c7de06d1ac1cad7d18655f388702b
2ed2d4ea6aa968a07bf1b97e14b169ad37027695cc52083efd6427cb57b1cfed
360f9425dfa218adc3f0f8c0825cd1965f7697cb0c0f4c4e0586c09efc1562c8
3706d49759ddf1931ec448987de679a422a53bc75bae6dfcc8c3ca18a48a5518
48b2078a991154e618cbed828168a0c54333cf0e279681f962f6bf4dad1b8283
58763412c3a28933886d961ee282e33be311ebb239509e94b7de687316937d5d
9d4186c055b4294fa5d1ef01124a3db06e6002b903f8790aa5a6e24fa161b669
c551197e95c55d1c8331ec050fdb920727d24a070cc1f00ccf95c34e16fc5cbb
c876b5fa85a4028e9fd390749c41a988e8b14e257ec27f6b68458fbbe83143cb
e3cfc9d571a5224bc07c014b6cf769e23aa5d2956a4409d8a744372c2ab43785
fa6adeee205895c3580998f65f4c286ccd9f12a8b754add3984ad937e2d6534c