Submitted URL: http://capital-1.staging.getampla.com/
Effective URL: https://web.capital-1.staging.getampla.com/
Submission: On September 16 via api from US — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 43 HTTP transactions. The main IP is 34.36.7.203, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is web.capital-1.staging.getampla.com.
TLS certificate: Issued by GTS CA 1D4 on August 16th 2023. Valid for: 3 months.
This is the only time web.capital-1.staging.getampla.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 34.36.7.203 396982 (GOOGLE-CL...)
1 18.66.147.20 16509 (AMAZON-02)
1 172.65.255.172 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 18.239.69.37 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 44.206.27.110 14618 (AMAZON-AES)
2 18.158.205.16 16509 (AMAZON-02)
7 104.18.72.113 13335 (CLOUDFLAR...)
1 3.127.196.46 16509 (AMAZON-02)
1 104.18.70.113 13335 (CLOUDFLAR...)
1 2600:1901:0:c... 15169 (GOOGLE)
5 104.16.53.111 13335 (CLOUDFLAR...)
1 34.120.195.249 396982 (GOOGLE-CL...)
43 17
Apex Domain
Subdomains
Transfer
15 getampla.com
capital-1.staging.getampla.com
web.capital-1.staging.getampla.com
apiv2.capital-1.staging.getampla.com
2 MB
8 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2396
ekr.zdassets.com — Cisco Umbrella Rank: 2695
221 KB
5 zendesk.com
getampla.zendesk.com
1 KB
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 999
heapanalytics.com — Cisco Umbrella Rank: 902
45 KB
2 clearbitjs.com
x.clearbitjs.com — Cisco Umbrella Rank: 13574
45 KB
2 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 425
65 KB
2 calendly.com
assets.calendly.com — Cisco Umbrella Rank: 14303
20 KB
1 sentry.io
o374532.ingest.sentry.io
373 B
1 browser-intake-us5-datadoghq.com
rum.browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 22402
301 B
1 clearbit.com
app.clearbit.com — Cisco Umbrella Rank: 13805
1 KB
1 clearbitscripts.com
tag.clearbitscripts.com — Cisco Umbrella Rank: 15118
1 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 1008
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
45 KB
1 hsforms.net
js-eu1.hsforms.net — Cisco Umbrella Rank: 68634
175 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 42380
5 KB
43 15
Domain Requested by
11 web.capital-1.staging.getampla.com web.capital-1.staging.getampla.com
7 static.zdassets.com web.capital-1.staging.getampla.com
static.zdassets.com
5 getampla.zendesk.com static.zdassets.com
2 apiv2.capital-1.staging.getampla.com web.capital-1.staging.getampla.com
2 x.clearbitjs.com tag.clearbitscripts.com
2 heapanalytics.com web.capital-1.staging.getampla.com
2 maps.googleapis.com www.googletagmanager.com
web.capital-1.staging.getampla.com
2 assets.calendly.com www.googletagmanager.com
2 capital-1.staging.getampla.com 2 redirects
1 o374532.ingest.sentry.io web.capital-1.staging.getampla.com
1 rum.browser-intake-us5-datadoghq.com web.capital-1.staging.getampla.com
1 ekr.zdassets.com web.capital-1.staging.getampla.com
1 app.clearbit.com web.capital-1.staging.getampla.com
1 tag.clearbitscripts.com web.capital-1.staging.getampla.com
1 cdn.heapanalytics.com web.capital-1.staging.getampla.com
1 cdn.pendo.io web.capital-1.staging.getampla.com
1 www.googletagmanager.com web.capital-1.staging.getampla.com
1 js-eu1.hsforms.net web.capital-1.staging.getampla.com
1 js.verygoodvault.com web.capital-1.staging.getampla.com
43 19

This site contains no links.

Subject Issuer Validity Valid
web.capital-1.staging.getampla.com
GTS CA 1D4
2023-08-16 -
2023-11-14
3 months crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02
2023-02-28 -
2024-02-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-16 -
2024-05-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
cdn.pendo.io
Amazon RSA 2048 M02
2023-06-30 -
2024-07-28
a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01
2023-06-29 -
2024-07-27
a year crt.sh
clearbitscripts.com
Amazon RSA 2048 M01
2023-06-11 -
2024-07-09
a year crt.sh
calendly.com
Cloudflare Inc ECC CA-3
2023-04-09 -
2024-04-08
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
heapanalytics.com
Amazon RSA 2048 M02
2022-12-09 -
2024-01-07
a year crt.sh
clearbitjs.com
Amazon RSA 2048 M01
2023-03-17 -
2024-04-14
a year crt.sh
zdassets.com
Cloudflare Inc ECC CA-3
2022-11-10 -
2023-11-09
a year crt.sh
apiv2.capital-1.staging.getampla.com
GTS CA 1D4
2023-08-16 -
2023-11-14
3 months crt.sh
clearbit.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
*.browser-intake-us5-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-21 -
2024-07-23
a year crt.sh
getampla.zendesk.com
Cloudflare Inc ECC CA-3
2023-06-26 -
2024-06-25
a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-25 -
2024-08-24
a year crt.sh

This page contains 2 frames:

Primary Page: https://web.capital-1.staging.getampla.com/
Frame ID: D062F9A3739D45D98E25BA39C0455645
Requests: 31 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Frame ID: 23D54A184A41B3D233212D26299BB64D
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Login | Ampla - Staging

Page URL History Show full URLs

  1. http://capital-1.staging.getampla.com/ HTTP 301
    https://capital-1.staging.getampla.com/ HTTP 307
    https://web.capital-1.staging.getampla.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • https://assets\.calendly\.com/assets/external/widget\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

43
Requests

100 %
HTTPS

35 %
IPv6

15
Domains

19
Subdomains

17
IPs

3
Countries

2206 kB
Transfer

8815 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capital-1.staging.getampla.com/ HTTP 301
    https://capital-1.staging.getampla.com/ HTTP 307
    https://web.capital-1.staging.getampla.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
web.capital-1.staging.getampla.com/
Redirect Chain
  • http://capital-1.staging.getampla.com/
  • https://capital-1.staging.getampla.com/
  • https://web.capital-1.staging.getampla.com/
8 KB
3 KB
Document
General
Full URL
https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a8108b319a0880de55610c7ed64d65ab98ac002d56eb4fce4157bc01284b8a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
frame-ancestors 'none';
content-type
text/html
date
Sat, 16 Sep 2023 09:19:05 GMT
etag
W/"65038f11-1e44"
last-modified
Thu, 14 Sep 2023 22:54:09 GMT
server
nginx
vary
Accept-Encoding
via
1.1 google
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 09:19:05 GMT
location
https://web.capital-1.staging.getampla.com/
show.js
js.verygoodvault.com/vgs-show/2.0.0/
14 KB
5 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-show/2.0.0/show.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-20.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5339ebc469e2cebc014a9a4e435a6f532634d27859904b4fcb342ea9795dfb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
VWYyTETYLEwykeL81vndz0_ML5dK17qR
Content-Encoding
gzip
Via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
Date
Sat, 16 Sep 2023 00:06:01 GMT
X-Amz-Cf-Pop
FRA60-P4
Age
33185
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 25 May 2022 22:57:33 GMT
Server
AmazonS3
ETag
W/"39c98e0c8887b063f39aeb6ba0d4685a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
T-BpU4hJOfblVCWozC1Ct5oHJp-teEtH88UXFGIm8XZc-YGae86zSQ==
v2.js
js-eu1.hsforms.net/forms/embed/
549 KB
175 KB
Script
General
Full URL
https://js-eu1.hsforms.net/forms/embed/v2.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9f1014f144a4af02d14a563710cd3b3fb127722f1dfd41eb508c044ab6c600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-encoding
br
age
4
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3743/bundles/project-v2.js&cfRay=807806805a769180-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"fc9f9ca03604c6639deb31cadd8f0204"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3743/bundles/project-v2.js
date
Sat, 16 Sep 2023 09:19:05 GMT
x-amz-version-id
8EqyKjYHb4u0zerM354I626cY2cdphQv
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
x-hubspot-correlation-id
f7eff0cf-2ad9-49a8-a6ba-b1ce9c1d3f0e
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
f7eff0cf-2ad9-49a8-a6ba-b1ce9c1d3f0e
last-modified
Tue, 12 Sep 2023 10:36:12 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhVTOIxHpOdKSkkThYtNpZ7dRBefjVcM3lr%2FKK9NI%2BT6NLh7aOwfDqLYPsLAXvxtt0UFfEkmYZmz96VC47WEtNykUQ8WmCeY7DIYEFEUZqH4PSv0Vq%2BSfWUnfaFdkXuVhCrL9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5b45bc9bc5-w8lzh
cf-ray
8078069e2a0a0394-FRA
x-amz-cf-id
eSjKnNU7-nKA56EDDgaqeDKXyQZpM-qAyWPG0sSGhmofLtPo8EprIw==
file-1c584b44.js
web.capital-1.staging.getampla.com/assets/
773 KB
269 KB
Script
General
Full URL
https://web.capital-1.staging.getampla.com/assets/file-1c584b44.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3afe88c7182ecacddf553d7ea53eefcd71c322c6987cee26e91d761363515582
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://web.capital-1.staging.getampla.com/
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:05 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
via
1.1 google
etag
W/"64f89cab-c1511"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vendor-c529b49a.js
web.capital-1.staging.getampla.com/assets/
6 MB
1 MB
Script
General
Full URL
https://web.capital-1.staging.getampla.com/assets/vendor-c529b49a.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f35ff24d23c7558e5a9f2d963e2cf3a5ed817602bf609e9a7be99c25b86d29c8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://web.capital-1.staging.getampla.com/
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:05 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
via
1.1 google
etag
W/"64f89cab-5ef2df"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.template-0d281d4b.css
web.capital-1.staging.getampla.com/assets/
23 KB
3 KB
Stylesheet
General
Full URL
https://web.capital-1.staging.getampla.com/assets/index.template-0d281d4b.css
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0d281d4b3d29a7c0d79148229a48cbe5d4f411c5bfc47df5bc0cd8b65fc14d18
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:05 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
via
1.1 google
etag
W/"64f89cab-5c37"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/
114 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P9HVDNC
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f50fe6b8a6b2c9ea9e15e5c8a73cfca5f209da75677566bc93e36f9f196428c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45313
x-xss-protection
0
last-modified
Sat, 16 Sep 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 16 Sep 2023 09:19:06 GMT
pendo.js
cdn.pendo.io/agent/static//
0
0
Script
General
Full URL
https://cdn.pendo.io/agent/static//pendo.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b200:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

heap-3999504568.js
cdn.heapanalytics.com/js/
128 KB
45 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-3999504568.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-37.ams58.r.cloudfront.net
Software
nginx / Express
Resource Hash
60da62f6900061600b774909d8377aea8c5437501e4de0a8ac0f0e056fd9c896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:18:46 GMT
content-encoding
br
via
1.1 dc216c6741e47caf45c9d347f1061c8e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
AMS58-P4
age
20
x-powered-by
Express
etag
W/"20087-vFDrZRL7DasB7j5TvS4RgdwtycE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YgdY7Lgo1OD2DHVxdwN5hvcJJvtX_8VOeBiGnSR0lS_BLzFSoY0SMw==
tags.js
tag.clearbitscripts.com/v1/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/
2 KB
1 KB
Script
General
Full URL
https://tag.clearbitscripts.com/v1/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/tags.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ea00:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
39072bc4ce6d3f1230d13739e0401b7533c8d326035beee0fec33c962466e347
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-response-flags
-
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
server
envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
etag
W/"dac27e946f14e207fbcf47da2bf6d5a5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
private, max-age=600
x-amz-cf-id
NxQBAHhYiyNldEVo6POEQNjkqd8n9Q9d3h_DW_k2UNR8nRQYE20mPg==
widget.css
assets.calendly.com/assets/external/
2 KB
1 KB
Stylesheet
General
Full URL
https://assets.calendly.com/assets/external/widget.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9HVDNC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcb209ef6d7ca07243d60aa46a83865255672006c403b988209cfbb6eacf88a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
255
cf-polished
origSize=3459
last-modified
Wed, 06 Sep 2023 20:37:21 GMT
cf-bgj
minify
server
cloudflare
etag
W/"4818473200224c9f9497adef8d7685bc"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=300
cf-ray
807806a05b839a18-FRA
expires
Sun, 17 Sep 2023 09:19:06 GMT
widget.js
assets.calendly.com/assets/external/
52 KB
19 KB
Script
General
Full URL
https://assets.calendly.com/assets/external/widget.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9HVDNC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a158ad4fe74be96863bb9534899c4ba6625e478e4494d11b643540bfe30bcf38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 17:26:57 GMT
cf-bgj
minify
server
cloudflare
age
92
etag
W/"9150b7c4e4055e8484012f9edb2b0e2b"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=300
cf-ray
807806a05b849a18-FRA
expires
Sun, 17 Sep 2023 09:19:06 GMT
js
maps.googleapis.com/maps/api/
190 KB
65 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAZkalIEPpi2VjuQWp7gNBL5BLyng5glXA&libraries=places
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9HVDNC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ae14418a24ddbc6447b1ee21380fcd218cd0b47ffbd9b11fef9a984b4debba96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65729
x-xss-protection
0
h
heapanalytics.com/
37 B
261 B
Image
General
Full URL
https://heapanalytics.com/h?a=3999504568&u=6007073852327066&v=5471144936915589&s=136133731284326&b=web&tv=4.0&z=0&h=%2F&d=web.capital-1.staging.getampla.com&t=Ampla%20Portal&ts=1694855946251&st=1694855946255
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 09:19:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
destinations.min.js
x.clearbitjs.com/v2/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/
0
44 B
Script
General
Full URL
https://x.clearbitjs.com/v2/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/destinations.min.js
Requested by
Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-205-16.eu-central-1.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-response-flags
-
server
envoy
content-type
application/javascript;charset=utf-8
cache-control
private, max-age=600
content-length
0
tracking.min.js
x.clearbitjs.com/v2/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/
168 KB
45 KB
Script
General
Full URL
https://x.clearbitjs.com/v2/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/tracking.min.js
Requested by
Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_f9271fd1cb1c7bc6be2bd7dbc781332c/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-205-16.eu-central-1.compute.amazonaws.com
Software
envoy /
Resource Hash
a1645e830734c6924905722cad7b50f616fa3544ebb0c60f5681477894d9a49f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-response-flags
-
server
envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
private, max-age=600
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=64446992-cf68-45c2-b4bf-5df1b3405521
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/file-1c584b44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:06 GMT
x-amz-version-id
hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
TDMX7FKV107EPGGF
age
37
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
mEfdnHG+4ET9FRTmDfKIS9KIphFr6cE7h0qgEQh3SSJ2Xe72azrgYiHC2WUZuGsOGb8murwKyAaI/5BNPwNdrQ==
last-modified
Wed, 09 Aug 2023 01:01:02 GMT
server
cloudflare
etag
W/"42d94c325a0b012e41f9c3907853625a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUw7Vo9RFzg1M6cDLKO4fHMYs11lQtzEGyD1SCs9iDIp8S6ATx3vIUQtOYL5IcLfN6iNEChA8DM1l0oKXzXwE9usdkvRiPfcAJhOXgY22T7EmgW4mf66sq%2BFUQLQ%2FBDA9AyTSrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
807806a44ed9bb38-FRA
/
apiv2.capital-1.staging.getampla.com/api/auth/token-refresh/
73 B
95 B
Fetch
General
Full URL
https://apiv2.capital-1.staging.getampla.com/api/auth/token-refresh/
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/vendor-c529b49a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
gunicorn /
Resource Hash
16c4f4cb9a29a639f5f787b0a3c769933e4187fcbc582d1324f9ad9fe4881e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
x-datadog-sampling-priority
1
content-type
application/json
Referer
https://web.capital-1.staging.getampla.com/
x-datadog-parent-id
4509545207360706300
x-datadog-trace-id
1398370156770054787
crossDomain
true

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
via
1.1 google
x-content-type-options
nosniff
referrer-policy
same-origin
server
gunicorn
vary
Cookie, origin
allow
POST, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
https://web.capital-1.staging.getampla.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73
/
apiv2.capital-1.staging.getampla.com/api/auth/token-refresh/ Frame
0
0
Preflight
General
Full URL
https://apiv2.capital-1.staging.getampla.com/api/auth/token-refresh/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
gunicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,crossdomain,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method
POST
Origin
https://web.capital-1.staging.getampla.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, crossdomain, x-datadog-origin, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-trace-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://web.capital-1.staging.getampla.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 16 Sep 2023 09:19:07 GMT
server
gunicorn
vary
origin
via
1.1 google
p
app.clearbit.com/v1/
16 B
1 KB
XHR
General
Full URL
https://app.clearbit.com/v1/p
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/vendor-c529b49a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-196-46.eu-central-1.compute.amazonaws.com
Software
envoy /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://web.capital-1.staging.getampla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 09:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-response-flags
-
server
envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://web.capital-1.staging.getampla.com
content-security-policy-report-only
default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials
true
access-control-allow-headers
Authorization, API-Version, Content-Type
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/vendor-c529b49a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://web.capital-1.staging.getampla.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
64446992-cf68-45c2-b4bf-5df1b3405521
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/64446992-cf68-45c2-b4bf-5df1b3405521
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/vendor-c529b49a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2730f7a2658464930aa54b0c0f313d642c4004283f2f7fd1774d0ec9da2371
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
20
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
807806274af91e54-SEA, 807806274af91e54-SEA
x-runtime
0.002600
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fe2730f7a2658464930aa54b0c0f313d"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5Ez%2Fp%2FHuEO91VHU21h9AuYG2josHmJsvJpgw4zdWS6Ie8B32zXZQxg1nxSV%2BFAgmn9XJxLizrWhhhsBkaIj0rpkHq12Dici8JJVtEMPpu%2Fp8Kl6gapMwhfKC9cexXybHAA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
807806a4e969bbd4-FRA
web-widget-main-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23D5
453 KB
143 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=64446992-cf68-45c2-b4bf-5df1b3405521
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
x-amz-version-id
buuqfOo_4CCc42mcfHh3348fXV_AyXJg
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
VC22MFTKNYMQVK6X
age
1674610
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
V8r5EaUQRj816ca7eY0q5H7Ukvos2VUFIpNQAgssIZkCL9uEhWsdXyR3EcJC4C4M4rczJiLrn4pfjysaAWyf1Q==
last-modified
Thu, 24 Aug 2023 03:43:42 GMT
server
cloudflare
etag
W/"39c5d5a29a88c9c1a9f281848ad16b16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZTDZNZ8VV5GjGSEpti3DdoQiN02%2B5CRR9m0pFZ3qvu2h0gwM4%2FE5r4mjfPUQX2IeINYnNdP5roQTqWhcpT6zSXjmlKcOP8ABXye6q35JD67KO24Th10WFkx1M3M6IL0J04eI%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
807806a54fddbb38-FRA
expires
Fri, 23 Aug 2024 03:43:40 GMT
en-us-json-4b22769.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 23D5
16 KB
3 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
x-amz-version-id
Gb950S5306bStT2XGhy0_xYQToJJizIu
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PDF7RNW9CDDJK40W
age
1674609
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
zzHALpiqqpLMBwSN9vQ3P9jYS/B4mmLPoJ+pKTyhkKty9nAw9k4aGsWE5rDQsDuPy6A9wvn+4V1fHh71mixJzA==
last-modified
Thu, 24 Aug 2023 03:43:43 GMT
server
cloudflare
etag
W/"8f649b5684cbdc6de706c3ee378b158a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zty71L9MkQ1g1BNdhi%2FtzJqdjYykNlv4szRHD66mq44DuwlbXXYd79Cu44NbwhZtIwvgghmjFY11k1gCHQ7bq4XrmZyPMSXW9tZuEf0gim9rYsub3e2u1nzPZ8dbCqxTM%2FAYVvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
807806a618c1bb38-FRA
expires
Fri, 23 Aug 2024 03:43:42 GMT
web-widget-4852-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23D5
139 KB
47 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
x-amz-version-id
nYMPFR.iqtfU72nwkjhPOt8gBbfBzGZl
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PDF39A28Z5WEC0BT
age
1674609
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
31o+QiOOiKwN4ALZZpR63bob9G4buDzC7OSvTUOtONNOXuWspvTvB/UulpOncZCGTuZ8vQbj/4mJiat3v+BwYw==
last-modified
Thu, 24 Aug 2023 03:43:42 GMT
server
cloudflare
etag
W/"537006977bee3c56b5a5b9900b593d0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlrFn5ruzD6OOd3VGgRgNWDm2Zt21hXYLMnOoc0dMB3dEMkOdKjdjVw7ExaxUEZfTJdNJI5grKmgBiiq1Y%2BpXjtsXUKuGHvqoXVC%2FVZjGwz8Qc36fXsi7NghabXPW6LS06Dmji8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
807806a618c3bb38-FRA
expires
Fri, 23 Aug 2024 03:43:41 GMT
web-widget-519-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23D5
24 KB
8 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
x-amz-version-id
lxotykkgECMc9LkwVmT9pOhbgN52rwSH
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PDFA7C64DM77HQ5F
age
1674609
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
RyT+z5ul5qp6YnJzBpc7M6OdK5N09Lv3Zq0/txcnftcW8OtixkNgoFKnpi2m1kYi0i2m3wXfGyzFFPRyIN/CRg==
last-modified
Thu, 24 Aug 2023 03:43:42 GMT
server
cloudflare
etag
W/"1c9884a2069c7bec6b20dac62004eb1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzL8RzSQZSrUPRvWF9Hw3Xu%2FvjMX7FmFwzdJgFLv8%2BphdruXr%2BNYab4Cu6VXtKCKAsMnJtfUyj1tH7GLssiz8RAJQzX1kJDHJzkieK5Ysz1MmuDX0TCE5mIgm%2FytwtCHfnw60E4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
807806a618c5bb38-FRA
expires
Fri, 23 Aug 2024 03:43:41 GMT
web-widget-5178-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23D5
24 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
x-amz-version-id
sSav_AkeQS.PdbhOQG5COPnxKLj812h0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PDF54ABCJV5N470P
age
1674609
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
h/hKTl1keN8TotPtpPGQI/406+YY0uHynOsOvPdzo25/z3SsMvZ0ZkC/aatfrVt2gK7C8Pq0d5q4Sqg7wPF8kg==
last-modified
Thu, 24 Aug 2023 03:43:42 GMT
server
cloudflare
etag
W/"11034f049f5eef05b26ed292ac59e1fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKZPeN1NYY7bPDzmMyNovMurHp98Tqgo1saz6D%2FafC1iIbh9xZAYVs0AlDRS5Oo3bKXUGKOdw2aZo6cb2rwG1g8WcTjDOY%2F4IYHLILuMneGg%2Fu%2FbzapKydl7gkXrc3HLPbeDe28%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
807806a618c6bb38-FRA
expires
Fri, 23 Aug 2024 03:43:41 GMT
web-widget-9535-4b22769.js
static.zdassets.com/web_widget/messenger/latest/ Frame 23D5
15 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
x-amz-version-id
TQwoJrATHBNX6IVnB55aFvI.RS16xjhS
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PDFE4SWQWYXZS16Y
age
1674609
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
sx9YGzbRXBFmxni5moaVuM/FCOsIe9Bwx2rsoIdjwvXuUVMBMutMe5QkEQvzOKFYesizlG592FA=
last-modified
Thu, 24 Aug 2023 03:43:42 GMT
server
cloudflare
etag
W/"e3df43ad3700a0c6a03da6179cd57460"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiqjNZQTrLLdHZuEeLWGRyE4JLDkk55P3E19xRt76b3nxGlKK64hGJdEqCAC5ykTbcbDSjAjV3BY4OOnLRlnmFjewnPHeGlX%2FtR5bO%2BqvIE4qKhEYecgWWg0vG67MyQiJPlKGWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
807806a618c9bb38-FRA
expires
Fri, 23 Aug 2024 03:43:40 GMT
rum
rum.browser-intake-us5-datadoghq.com/api/v2/
53 B
301 B
Fetch
General
Full URL
https://rum.browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.42.2%2Capi%3Afetch%2Cenv%3Acapital-1%2Cservice%3Aportal%2Cversion%3A1.0.0&dd-api-key=pube3c8a2a9576d10e1aa1e60a4c0456dd6&dd-evp-origin-version=4.42.2&dd-evp-origin=browser&dd-request-id=2c00982f-ffd0-45cb-9779-1e17bf29248d&batch_time=1694855947243
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/vendor-c529b49a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6a5fb0c8110ab621fb6ff71b4f6b2041699393f25192741a2e8ffba63445f8d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://web.capital-1.staging.getampla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 16 Sep 2023 09:19:07 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
via
1.1 google
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
index-0bee7a2b.js
web.capital-1.staging.getampla.com/assets/
160 B
171 B
Script
General
Full URL
https://web.capital-1.staging.getampla.com/assets/index-0bee7a2b.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/file-1c584b44.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5eb0814a09b35c9b7c75c650d2eec97925abab2e932272dcc5527b999e2f21fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
via
1.1 google
etag
W/"64f89cab-a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Home-cca771d0.js
web.capital-1.staging.getampla.com/assets/
344 B
301 B
Script
General
Full URL
https://web.capital-1.staging.getampla.com/assets/Home-cca771d0.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/file-1c584b44.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bae4f01832bd2b0ff2e7b4c7561ab6660b96ac7d8f38d6708fd6f73f6537ecdc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
via
1.1 google
etag
W/"64f89cab-158"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pv
getampla.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://getampla.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://web.capital-1.staging.getampla.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
807806a6ef2c6946-FRA
date
Sat, 16 Sep 2023 09:19:07 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVolMclOVjuvru2K%2F%2B3tLrU7Vf4onuxdmMGykV88GBfcMssiTR1L5YH80GwPoWRW%2BjvDWE337DNNSmMZyY9%2FQwBnkP2kck44HQLAtBOyKyEy4VDDzgmvygTLXP4%2FVY4jfEQHrUue"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
807806a6ef2c6946-FRA
x-zendesk-zorg
yes
pv
getampla.zendesk.com/frontendevents/ Frame 23D5
0
0
Fetch
General
Full URL
https://getampla.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHKYxYzKNnQ2vlMV2Yp0cDzjjpvGaEho8lL4%2BxGRWwlru3pGhvDx7Xu8VI7XXHxUdZfk42RTo9mUPBCU2hcPIzCel7njHIwFyRg%2BKDQnIwRgzblJYp8qqp12eUQxmVIvn7T7gHuI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
807806a7e84b6946-FRA
content-length
0
x-request-id
807806a7e84b6946-FRA
config
getampla.zendesk.com/embeddable/ Frame 23D5
884 B
1 KB
Fetch
General
Full URL
https://getampla.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533d9ac435c17ccc333f755b2b8a9eaacfb1120df75122e20b994b2c975cffe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-5f964646b6-gr7ln
x-cached
MISS
x-request-id
807806a6ef2e6946-FRA
x-runtime
0.001653
last-modified
Sat, 16 Sep 2023 03:57:26 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwZrqOI6BsohrhQ2EpYRclZeaP6LerbKeC7EBkLgticnD%2Bk7AwBJnEzIzYyx07%2FlZl%2FH92eFuizZQ%2BMOPgaE6LzvC%2FZz0P1oC4UZRJX5SEXYeoqrMxOUMOJNVvr6r8zHtHMM84M0"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
807806a6ef2e6946-FRA
index-6cbdfb8f.js
web.capital-1.staging.getampla.com/assets/
2 KB
861 B
Script
General
Full URL
https://web.capital-1.staging.getampla.com/assets/index-6cbdfb8f.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/file-1c584b44.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d476dd62d61dd836f456ae6e88220c47e6f5bc2ce59aebf1eb68e8d03969c534
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
via
1.1 google
etag
W/"64f89cab-6fc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
LoginForm-5de43247.js
web.capital-1.staging.getampla.com/assets/
3 KB
1 KB
Script
General
Full URL
https://web.capital-1.staging.getampla.com/assets/LoginForm-5de43247.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/file-1c584b44.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
40e7535845a711f0e50f92dbf607d577cc4574ff15c44371ad12b72c72107d21
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
via
1.1 google
etag
W/"64f89cab-bc3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
AlternativeDivider-c4d2861f.js
web.capital-1.staging.getampla.com/assets/
849 B
457 B
Script
General
Full URL
https://web.capital-1.staging.getampla.com/assets/AlternativeDivider-c4d2861f.js
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/file-1c584b44.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8d09104b7e885823840f1bcc67d4d5b159e09ab79eb35c298647e5f11ab75643
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
via
1.1 google
etag
W/"64f89cab-351"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
h
heapanalytics.com/
37 B
260 B
Image
General
Full URL
https://heapanalytics.com/h?a=3999504568&u=6007073852327066&v=2197401403588321&s=136133731284326&b=web&tv=4.0&z=2&h=%2Flogin&d=web.capital-1.staging.getampla.com&t=Login%20%7C%20Ampla%20-%20Staging&ts=1694855947379&pr=%2F&sp=ts&sp=1694855946251&sp=d&sp=web.capital-1.staging.getampla.com&sp=h&sp=%2F&st=1694855947379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.capital-1.staging.getampla.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 09:19:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
noto-sans-latin-400-normal-88f00438.woff2
web.capital-1.staging.getampla.com/assets/
13 KB
13 KB
Font
General
Full URL
https://web.capital-1.staging.getampla.com/assets/noto-sans-latin-400-normal-88f00438.woff2
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/index.template-0d281d4b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://web.capital-1.staging.getampla.com/assets/index.template-0d281d4b.css
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
content-security-policy
frame-ancestors 'none';
via
1.1 google
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
etag
"64f89cab-323c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12860
noto-sans-latin-500-normal-efc3c8a0.woff2
web.capital-1.staging.getampla.com/assets/
13 KB
13 KB
Font
General
Full URL
https://web.capital-1.staging.getampla.com/assets/noto-sans-latin-500-normal-efc3c8a0.woff2
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/index.template-0d281d4b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.7.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.7.36.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
efc3c8a0ed2a9f798cae16417b7832147de397ebf1f8fb6cd4462f240605198e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://web.capital-1.staging.getampla.com/assets/index.template-0d281d4b.css
Origin
https://web.capital-1.staging.getampla.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:19:07 GMT
content-security-policy
frame-ancestors 'none';
via
1.1 google
last-modified
Wed, 06 Sep 2023 15:37:15 GMT
server
nginx
etag
"64f89cab-3330"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13104
/
o374532.ingest.sentry.io/api/6213611/envelope/
41 B
373 B
Fetch
General
Full URL
https://o374532.ingest.sentry.io/api/6213611/envelope/?sentry_key=98a7605b54b14749a2b7a3acb72be861&sentry_version=7
Requested by
Host: web.capital-1.staging.getampla.com
URL: https://web.capital-1.staging.getampla.com/assets/vendor-c529b49a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f0ff1902bdf4a2e530cba7ddf7c745f3f77c31ea446beb1a2afe998de79d00ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://web.capital-1.staging.getampla.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 16 Sep 2023 09:19:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
pv
getampla.zendesk.com/frontendevents/ Frame 23D5
0
0
Fetch
General
Full URL
https://getampla.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Sep 2023 09:19:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW2f0x56wkTD6ILEv5BPLOp%2FzLKTH%2BAakVnN3ZUiXAz0jjdv7XArbODjNAjae4aqZxWFixBbkhdUVJ5mgt8%2FZwHiHlBem35i%2FwUfXlplT1DmvwyfXwTX0NxyJNW5G0WLYOEa5k80"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
807806b3ef926946-FRA
content-length
0
x-request-id
807806b3ef926946-FRA
pv
getampla.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://getampla.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://web.capital-1.staging.getampla.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
807806b30e596946-FRA
date
Sat, 16 Sep 2023 09:19:09 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoOGMGtE9iFmk100N9lAUgX1NCWTe23zG9ZXt3NBjeY46IdtHENQasLv5UgR03mFawe0Tlk9FkNzSofTL6fkTHH92ssMj8K%2Fvopy%2Fvb41Dd%2B7g2bYtZgeu6Hpo0pWUdBSu75stmX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
807806b30e596946-FRA
x-zendesk-zorg
yes

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| env object| dataLayer object| pendo object| heap object| VGSShow object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| google_tag_manager object| google_tag_data boolean| __clearbit_tagsjs object| clearbit function| clearImmediate function| setImmediate object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| core function| saveAs function| Mousetrap object| DD_RUM object| __sentry_instrumentation_handlers__ object| ampla object| Calendly object| clearbitsq object| args string| method function| normalize object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded

7 Cookies

Domain/Path Name / Value
.calendly.com/ Name: __cf_bm
Value: uPSTVCp05mM7M6TBEINIcmNFNVlu4y9SmkxdnjOsjYs-1694855946-0-Ab213jYgot0ADRKJNW/7HT18TZ37CNDMlQr0v7O0ezRYhcD+Xgc1cMDi1qh2nSiqvMnWT9L5cSCU/uYZuVGpnT0=
.getampla.com/ Name: _hp2_ses_props.3999504568
Value: %7B%22ts%22%3A1694855946251%2C%22d%22%3A%22web.capital-1.staging.getampla.com%22%2C%22h%22%3A%22%2F%22%7D
.getampla.com/ Name: cb_user_id
Value: null
.getampla.com/ Name: cb_group_id
Value: null
.getampla.com/ Name: cb_anonymous_id
Value: %22269a4b26-b03e-4083-9bdb-4a794468d5f7%22
.getampla.com/ Name: _hp2_id.3999504568
Value: %7B%22userId%22%3A%226007073852327066%22%2C%22pageviewId%22%3A%222197401403588321%22%2C%22sessionId%22%3A%22136133731284326%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
web.capital-1.staging.getampla.com/ Name: _dd_s
Value: rum=1&id=8a2afe14-68d9-49f7-baf8-3aedf5bbce07&created=1694855946699&expire=1694856846699

2 Console Messages

Source Level URL
Text
network error URL: https://cdn.pendo.io/agent/static//pendo.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://apiv2.capital-1.staging.getampla.com/api/auth/token-refresh/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiv2.capital-1.staging.getampla.com
app.clearbit.com
assets.calendly.com
capital-1.staging.getampla.com
cdn.heapanalytics.com
cdn.pendo.io
ekr.zdassets.com
getampla.zendesk.com
heapanalytics.com
js-eu1.hsforms.net
js.verygoodvault.com
maps.googleapis.com
o374532.ingest.sentry.io
rum.browser-intake-us5-datadoghq.com
static.zdassets.com
tag.clearbitscripts.com
web.capital-1.staging.getampla.com
www.googletagmanager.com
x.clearbitjs.com
104.16.53.111
104.18.70.113
104.18.72.113
172.65.255.172
18.158.205.16
18.239.69.37
18.66.147.20
2600:1901:0:c072::
2600:9000:214f:ea00:7:d7d6:3c40:93a1
2600:9000:223f:b200:1f:aa31:7740:93a1
2606:4700:4400::ac40:9251
2a00:1450:4001:801::2008
2a00:1450:4001:809::200a
3.127.196.46
34.120.195.249
34.36.7.203
44.206.27.110
0a8108b319a0880de55610c7ed64d65ab98ac002d56eb4fce4157bc01284b8a4
0a9f1014f144a4af02d14a563710cd3b3fb127722f1dfd41eb508c044ab6c600
0d281d4b3d29a7c0d79148229a48cbe5d4f411c5bfc47df5bc0cd8b65fc14d18
16c4f4cb9a29a639f5f787b0a3c769933e4187fcbc582d1324f9ad9fe4881e69
1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346
21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694
39072bc4ce6d3f1230d13739e0401b7533c8d326035beee0fec33c962466e347
3afe88c7182ecacddf553d7ea53eefcd71c322c6987cee26e91d761363515582
40e7535845a711f0e50f92dbf607d577cc4574ff15c44371ad12b72c72107d21
4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d
533d9ac435c17ccc333f755b2b8a9eaacfb1120df75122e20b994b2c975cffe7
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5eb0814a09b35c9b7c75c650d2eec97925abab2e932272dcc5527b999e2f21fb
60da62f6900061600b774909d8377aea8c5437501e4de0a8ac0f0e056fd9c896
6a5fb0c8110ab621fb6ff71b4f6b2041699393f25192741a2e8ffba63445f8d3
87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8d09104b7e885823840f1bcc67d4d5b159e09ab79eb35c298647e5f11ab75643
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a158ad4fe74be96863bb9534899c4ba6625e478e4494d11b643540bfe30bcf38
a1645e830734c6924905722cad7b50f616fa3544ebb0c60f5681477894d9a49f
ae14418a24ddbc6447b1ee21380fcd218cd0b47ffbd9b11fef9a984b4debba96
bae4f01832bd2b0ff2e7b4c7561ab6660b96ac7d8f38d6708fd6f73f6537ecdc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5339ebc469e2cebc014a9a4e435a6f532634d27859904b4fcb342ea9795dfb0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d476dd62d61dd836f456ae6e88220c47e6f5bc2ce59aebf1eb68e8d03969c534
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc3c8a0ed2a9f798cae16417b7832147de397ebf1f8fb6cd4462f240605198e
f0ff1902bdf4a2e530cba7ddf7c745f3f77c31ea446beb1a2afe998de79d00ae
f35ff24d23c7558e5a9f2d963e2cf3a5ed817602bf609e9a7be99c25b86d29c8
f50fe6b8a6b2c9ea9e15e5c8a73cfca5f209da75677566bc93e36f9f196428c7
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
fcb209ef6d7ca07243d60aa46a83865255672006c403b988209cfbb6eacf88a6
fe2730f7a2658464930aa54b0c0f313d642c4004283f2f7fd1774d0ec9da2371