northstar.bamelevate.com Open in urlscan Pro
23.21.217.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.bamelevate.com/
Effective URL:
https://northstar.bamelevate.com/
Submission: On May 28 via automatic, source certstream-suspicious (May 28th 2024, 4:43:07 pm UTC) — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 23.21.217.213, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is northstar.bamelevate.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 27th 2023. Valid for: a year.

This is the only time northstar.bamelevate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.71.190.245 35.71.190.245	16509 (AMAZON-02) (AMAZON-02)
16	23.21.217.213 23.21.217.213	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:26f0:310... 2a02:26f0:3100::1735:29f9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.146.164.225 54.146.164.225	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	44.214.243.217 44.214.243.217	14618 (AMAZON-AES) (AMAZON-AES)
26	8

1 35.71.190.245 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aaa00e5cffb63d634.awsglobalaccelerator.com

login.bamelevate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.21.217.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-217-213.compute-1.amazonaws.com

northstar.bamelevate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:29f9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.164.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-164-225.compute-1.amazonaws.com

prod-useast-a.online.tableau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.214.243.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-243-217.compute-1.amazonaws.com

northstar-cms.bamelevate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	bamelevate.com 1 redirects login.bamelevate.com northstar.bamelevate.com northstar-cms.bamelevate.com	2 MB
4	typekit.net p.typekit.net — Cisco Umbrella Rank: 565 use.typekit.net — Cisco Umbrella Rank: 448	19 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	314 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
1	tableau.com prod-useast-a.online.tableau.com — Cisco Umbrella Rank: 65036	68 KB
26	5

	Domain	Requested by
16	northstar.bamelevate.com	northstar.bamelevate.com
2	northstar-cms.bamelevate.com	northstar.bamelevate.com
2	region1.google-analytics.com	www.googletagmanager.com
2	use.typekit.net	northstar.bamelevate.com use.typekit.net
2	p.typekit.net	northstar.bamelevate.com use.typekit.net
1	www.googletagmanager.com	northstar.bamelevate.com
1	prod-useast-a.online.tableau.com	northstar.bamelevate.com
1	login.bamelevate.com	1 redirects
26	8

This site contains no links.

Subject Issuer	Validity	Valid
*.bamelevate.com Amazon RSA 2048 M02	`2023-08-27` - `2024-09-25`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
prod-useast-a.online.tableau.com Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://northstar.bamelevate.com/
Frame ID: 4BEDD55DB3C58CD570B6DF381836CF2A
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Page

Page URL History Show full URLs

https://login.bamelevate.com/ HTTP 302
https://northstar.bamelevate.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

1833 kB
Transfer

2656 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.bamelevate.com/ HTTP 302
https://northstar.bamelevate.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
northstar.bamelevate.com/
Redirect Chain

https://login.bamelevate.com/
https://northstar.bamelevate.com/

53 KB
14 KB

522ms
234ms

Document
text/html

23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 49963b73855e2ac9527cba27a4f9abd3e8402ce334258d8ebf5c136bbdb574f5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html
date: Tue, 28 May 2024 16:43:01 GMT
etag: W/"66355ad5-d2a1"
last-modified: Fri, 03 May 2024 21:44:53 GMT
link: </webpack-runtime-5a69272b58f66315a2fe.js>; rel=preload; as=script </framework-853ba70b4adf020101d2.js>; rel=preload; as=script </app-d941bbabf673e3d85b67.js>; rel=preload; as=script </commons-2f41c8b27a6905be1821.js>; rel=preload; as=script </d4adaa8b8d5f115d19fbe58ea1ad998ebcbe72bf-ceb0d8ccb805b24dabf8.js>; rel=preload; as=script </9d8f9c865a94787e96ac91643829b750300baab4-252b5d4d42ebad824aa1.js>; rel=preload; as=script </component---src-pages-index-tsx-b9fae97c8a74140ff930.js>; rel=preload; as=script </page-data/app-data.json>; rel=preload; as=fetch; crossorigin </page-data/index/page-data.json>; rel=preload; as=fetch; crossorigin
server: nginx/1.25.3

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 28 May 2024 16:43:00 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
content-security-policy: default-src 'self' bamfunds-ext.okta.com login.bamelevate.com *.oktacdn.com; connect-src 'self' bamfunds-ext.okta.com bamfunds-ext-admin.okta.com login.bamelevate.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com bamfunds-ext.kerberos.okta.com bamfunds-ext.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' bamfunds-ext.okta.com login.bamelevate.com *.oktacdn.com; style-src 'unsafe-inline' 'self' bamfunds-ext.okta.com login.bamelevate.com *.oktacdn.com; frame-src 'self' bamfunds-ext.okta.com bamfunds-ext-admin.okta.com login.bamelevate.com login.okta.com com-okta-authenticator:; img-src 'self' bamfunds-ext.okta.com login.bamelevate.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' bamfunds-ext.okta.com login.bamelevate.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://prod-useast-a.online.tableau.com
location: https://northstar.bamelevate.com
p3p: CP="HONK"
x-content-type-options: nosniff
x-okta-request-id: ZlYJlKXLfiVFcju3U1sp4gAAAiw
x-xss-protection: 0

GET
H2 200 webpack-runtime-5a69272b58f66315a2fe.js Show response
northstar.bamelevate.com/ 5 KB
3 KB 157ms
153ms Script
application/javascript 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/webpack-runtime-5a69272b58f66315a2fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 5dd274e933fd41dc26ceec8497618cb37daf92c5aca74b11ed3cb5e0e8b8506d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-13b6"
content-type: application/javascript

GET
H2 200 framework-853ba70b4adf020101d2.js Show response
northstar.bamelevate.com/ 127 KB
49 KB 276ms
273ms Script
application/javascript 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/framework-853ba70b4adf020101d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 2942c0e23607fb50c583da88cba610c2ef1e98cdf116308b564e4aa6aea4afff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-1fb3c"
content-type: application/javascript

GET
H2 200 app-d941bbabf673e3d85b67.js Show response
northstar.bamelevate.com/ 303 KB
99 KB 273ms
269ms Script
application/javascript 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/app-d941bbabf673e3d85b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 84ffbc63da443bc86afbbb09fc80048fdeb65e7b2ce9adcf69db944a1f8350a4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-4bb59"
content-type: application/javascript

GET
H2 200 commons-2f41c8b27a6905be1821.js Show response
northstar.bamelevate.com/ 15 KB
6 KB 276ms
273ms Script
application/javascript 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/commons-2f41c8b27a6905be1821.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 08f38859a17c7b7f0f78f9add8ee7f1b4fa4698f918c02ee4457632efa9ca7f8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-3b22"
content-type: application/javascript

GET
H2 200 d4adaa8b8d5f115d19fbe58ea1ad998ebcbe72bf-ceb0d8ccb805b24dabf8.js Show response
northstar.bamelevate.com/ 41 KB
24 KB 276ms
273ms Script
application/javascript 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/d4adaa8b8d5f115d19fbe58ea1ad998ebcbe72bf-ceb0d8ccb805b24dabf8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 8e55288efd7be2e5b696743f39016cf194370d023212f388670b91cef0521d08

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-a35c"
content-type: application/javascript

GET
H2 200 9d8f9c865a94787e96ac91643829b750300baab4-252b5d4d42ebad824aa1.js Show response
northstar.bamelevate.com/ 16 KB
9 KB 158ms
156ms Script
application/javascript 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/9d8f9c865a94787e96ac91643829b750300baab4-252b5d4d42ebad824aa1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 3ee6ac9477f638d2da62441ceb437dfdd0e71a161ede8a4042555a2e227a6ed1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-3f27"
content-type: application/javascript

GET
H2 200 component---src-pages-index-tsx-b9fae97c8a74140ff930.js Show response
northstar.bamelevate.com/ 13 KB
7 KB 157ms
155ms Script
application/javascript 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/component---src-pages-index-tsx-b9fae97c8a74140ff930.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 02f8c46c997641a4218577617dd30d6bc6f9db35f5421a6c999a276b8d7e9913

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-35ab"
content-type: application/javascript

GET
H2 200 app-data.json
northstar.bamelevate.com/page-data/ 50 B
259 B 143ms
141ms Other
application/json 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/page-data/app-data.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 45b55ef4856c6d734ecc7bd7c7d2b0400fef0bda4a76dea06d65835229212e38

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Origin: https://northstar.bamelevate.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-32"
content-type: application/json

GET
H2 200 page-data.json
northstar.bamelevate.com/page-data/index/ 118 B
308 B 273ms
271ms Other
application/json 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/page-data/index/page-data.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 4602a21012a09b651d50abf49dbe1f9914e80bb619d6d261df78905c2467d519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Origin: https://northstar.bamelevate.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-76"
content-type: application/json

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 272ms
62ms Stylesheet
text/css 2a02:26f0:3100::1735:29f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hkz0wqt&ht=tk&f=28973.28983&a=96700275&app=typekit&e=css
Requested by: Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:29f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 ljt2oor.css
use.typekit.net/ 9 KB
1 KB 326ms
174ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ljt2oor.css

Requested by

Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9343257cfe4c41c474420bb703b320ecaceadb012bbf962ecfa6acf02cb2e076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 28 May 2024 16:43:01 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1089

GET
H/1.1 200
OK tableau.embedding.3.latest.min.js Show response
prod-useast-a.online.tableau.com/javascripts/api/ 310 KB
68 KB 609ms
245ms Script
application/javascript 54.146.164.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-useast-a.online.tableau.com/javascripts/api/tableau.embedding.3.latest.min.js

Requested by

Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.146.164.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-164-225.compute-1.amazonaws.com

Software

Tableau /

Resource Hash

3e46ca167825f091b0dfae9185f728ca9e2896e4fff4ad913e7b349a52d13463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Origin: https://northstar.bamelevate.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
p3p: CP="NON"
x-tableau: Tableau Server
Connection: keep-alive
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Apr 2024 20:50:07 GMT
server: Tableau
etag: "4d8b9-616793b98fdc0-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-trial: Ag0ApCHWobm3PHDobqyTC+kYlgmiKA+064sxQriou0XkiuQPG+RjyJtQlItI9qHPqeejeReK9Op27DG1IIFNbwkAAABceyJvcmlnaW4iOiJodHRwczovL3RhYmxlYXUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
100 KB 162ms
72ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C5E2F5TJWL

Requested by

Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d043c9262cc1e1f9cb334301eccf70901d720e804389ca34ae4e460996ee90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 May 2024 16:43:01 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 61ms
61ms Stylesheet
text/css 2a02:26f0:3100::1735:29f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ljt2oor&ht=tk&f=13464.13466.13468.13472.14541.14546.14548.14549.18492.18494.18496.18500&a=116333573&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ljt2oor.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:29f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 138ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C5E2F5TJWL&gtm=45je45m0v9179482797za200&_p=1716914581801&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=560643265.1716914582&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1716914581&sct=1&seg=0&dl=https%3A%2F%2Fnorthstar.bamelevate.com%2F&dt=Northstar%20Home&en=scroll&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=false&epn.percent_scrolled=90&tfd=1554
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C5E2F5TJWL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 16:43:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://northstar.bamelevate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 whoami
northstar-cms.bamelevate.com/api/auth/ 0
0 384ms
133ms Preflight 44.214.243.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://northstar-cms.bamelevate.com/api/auth/whoami

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.214.243.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-214-243-217.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: http:;img-src 'self' data: blob: bam-s3-ue1-d-bamelevate-northstar-cms.s3.amazonaws.com bam-s3-ue1-p-bamelevate-northstar-cms.s3.amazonaws.com https://www.okta.com https://bamfunds-ext.okta.com;media-src 'self' data: blob: bam-s3-ue1-d-bamelevate-northstar-cms.s3.amazonaws.com bam-s3-ue1-p-bamelevate-northstar-cms.s3.amazonaws.com https://www.okta.com https://bamfunds-ext.okta.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: northstar-authorization,northstar-identity
Access-Control-Request-Method: GET
Origin: https://northstar.bamelevate.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Auth-Token,Content-Type,Authorization,Origin,Accept,Northstar-Identity,Northstar-Impersonate,Northstar-Authorization
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: https://northstar.bamelevate.com
access-control-max-age: 31536000
content-security-policy: connect-src 'self' https: http:;img-src 'self' data: blob: bam-s3-ue1-d-bamelevate-northstar-cms.s3.amazonaws.com bam-s3-ue1-p-bamelevate-northstar-cms.s3.amazonaws.com https://www.okta.com https://bamfunds-ext.okta.com;media-src 'self' data: blob: bam-s3-ue1-d-bamelevate-northstar-cms.s3.amazonaws.com bam-s3-ue1-p-bamelevate-northstar-cms.s3.amazonaws.com https://www.okta.com https://bamfunds-ext.okta.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Tue, 28 May 2024 16:43:02 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none

GET
H2 200 app-data.json Show response
northstar.bamelevate.com/page-data/ 50 B
139 B 123ms
123ms XHR
application/json 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/page-data/app-data.json
Requested by: Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/app-d941bbabf673e3d85b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 45b55ef4856c6d734ecc7bd7c7d2b0400fef0bda4a76dea06d65835229212e38

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-32"
content-type: application/json

GET
H2 200 page-data.json Show response
northstar.bamelevate.com/page-data/login/ 129 B
313 B 121ms
121ms XHR
application/json 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/page-data/login/page-data.json
Requested by: Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/app-d941bbabf673e3d85b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: e40a7edc218fec34e58a3e1d496a12dc79e4b15025b0cf45f81c3db0fedc10e6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:01 GMT
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-81"
content-type: application/json

GET
H2 404 whoami Show response
northstar-cms.bamelevate.com/api/auth/ 93 B
945 B 129ms
128ms XHR
application/json 44.214.243.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://northstar-cms.bamelevate.com/api/auth/whoami

Requested by

Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/app-d941bbabf673e3d85b67.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.214.243.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-214-243-217.compute-1.amazonaws.com

Software

/ Strapi <strapi.io>

Resource Hash

279089cfa77090be77db1db4c7462a788101d1136314878104a5f27db1334b9d

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: http:;img-src 'self' data: blob: bam-s3-ue1-d-bamelevate-northstar-cms.s3.amazonaws.com bam-s3-ue1-p-bamelevate-northstar-cms.s3.amazonaws.com https://www.okta.com https://bamfunds-ext.okta.com;media-src 'self' data: blob: bam-s3-ue1-d-bamelevate-northstar-cms.s3.amazonaws.com bam-s3-ue1-p-bamelevate-northstar-cms.s3.amazonaws.com https://www.okta.com https://bamfunds-ext.okta.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
northstar-identity: okta
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
northstar-authorization: Bearer undefined
Referer: https://northstar.bamelevate.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:02 GMT
content-security-policy: connect-src 'self' https: http:;img-src 'self' data: blob: bam-s3-ue1-d-bamelevate-northstar-cms.s3.amazonaws.com bam-s3-ue1-p-bamelevate-northstar-cms.s3.amazonaws.com https://www.okta.com https://bamfunds-ext.okta.com;media-src 'self' data: blob: bam-s3-ue1-d-bamelevate-northstar-cms.s3.amazonaws.com bam-s3-ue1-p-bamelevate-northstar-cms.s3.amazonaws.com https://www.okta.com https://bamfunds-ext.okta.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Strapi <strapi.io>
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: https://northstar.bamelevate.com
access-control-allow-credentials: true
content-length: 93

GET
H2 200 component---src-pages-login-index-tsx-bdd572529e588870d03b.js Show response
northstar.bamelevate.com/ 13 KB
8 KB 118ms
118ms Script
application/javascript 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/component---src-pages-login-index-tsx-bdd572529e588870d03b.js
Requested by: Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/webpack-runtime-5a69272b58f66315a2fe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 7b3225d80e411c17fc118788f8566b7024ba484aad5196cef825f93068a5a0b5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:02 GMT
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: W/"66355ad5-3411"
content-type: application/javascript

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f644fb787a3c1eaa2c6df5c9c4e9b3b31e4c0e7693ae4f7416afd7c77a4c0c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0078ff34fbff4b2604c028a29b1efbcf146651b6eb63a4e85d406bdb0118ce5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 okta-83b7b1bf0da3fe20eb19d5c388bab89f.png
northstar.bamelevate.com/static/ 17 KB
17 KB 119ms
118ms Image
image/png 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://northstar.bamelevate.com/static/okta-83b7b1bf0da3fe20eb19d5c388bab89f.png
Requested by: Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 8d4cf40b7a5a43754bba2d805d3ca9254709ab3a887ab57b14fbaa5fba176077

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:02 GMT
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: "66355ad5-4218"
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 16920

GET
H2 200 bg_img-5a0070ee8775a96206bae5c2dc74fea5.png
northstar.bamelevate.com/static/ 1 MB
1 MB 119ms
119ms Image
image/png 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://northstar.bamelevate.com/static/bg_img-5a0070ee8775a96206bae5c2dc74fea5.png
Requested by: Host: northstar.bamelevate.com
URL: https://northstar.bamelevate.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: 25e09361857406e65883f2c636a6bdb6bfb07d79f2f7b346a222ad170661f34f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:02 GMT
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: "66355ad5-15f4e3"
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 1438947

GET
H2 200 l
use.typekit.net/af/f18587/00000000000000007735a07a/30/ 17 KB
18 KB 156ms
39ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f18587/00000000000000007735a07a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ljt2oor.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.typekit.net/ljt2oor.css
Origin: https://northstar.bamelevate.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:02 GMT
server: nginx
etag: "ec65454125f52ade60a7a7dba7db35136a0a5833"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17756

GET
H2 200 favicon-32x32.png
northstar.bamelevate.com/ 874 B
1 KB 118ms
118ms Other
image/png 23.21.217.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://northstar.bamelevate.com/favicon-32x32.png?v=0bb4ae66667aeee6b08595e4183b38c2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.217.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-217-213.compute-1.amazonaws.com
Software: nginx/1.25.3 /
Resource Hash: aac83293d3ae43a583ca73da05aaf5b424becb20c7b34e5a924c282f44dcd439

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://northstar.bamelevate.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 16:43:02 GMT
last-modified: Fri, 03 May 2024 21:44:53 GMT
server: nginx/1.25.3
etag: "66355ad5-36a"
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 874

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 54ms
53ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C5E2F5TJWL&gtm=45je45m0v9179482797za200&_p=1716914581801&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=560643265.1716914582&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&dp=%2F&sid=1716914581&sct=1&seg=1&dl=https%3A%2F%2Fnorthstar.bamelevate.com%2F&dt=Northstar%20Home&_s=2&tfd=2839
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C5E2F5TJWL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://northstar.bamelevate.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 May 2024 16:43:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://northstar.bamelevate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bamelevate.com/	1969-12-31 23:59:59	Name: _ga Value: GA1.1.560643265.1716914582
			.bamelevate.com/	1969-12-31 23:59:59	Name: _ga_C5E2F5TJWL Value: GS1.1.1716914581.1.1.1716914583.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://northstar-cms.bamelevate.com/api/auth/whoami Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.bamelevate.com
northstar-cms.bamelevate.com
northstar.bamelevate.com
p.typekit.net
prod-useast-a.online.tableau.com
region1.google-analytics.com
use.typekit.net
www.googletagmanager.com
2001:4860:4802:34::36
23.21.217.213
2a00:1450:4001:806::2008
2a02:26f0:3100::1735:29f9
2a02:26f0:480:f::213:7ee1
35.71.190.245
44.214.243.217
54.146.164.225
02f8c46c997641a4218577617dd30d6bc6f9db35f5421a6c999a276b8d7e9913
08f38859a17c7b7f0f78f9add8ee7f1b4fa4698f918c02ee4457632efa9ca7f8
0d043c9262cc1e1f9cb334301eccf70901d720e804389ca34ae4e460996ee90b
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
25e09361857406e65883f2c636a6bdb6bfb07d79f2f7b346a222ad170661f34f
279089cfa77090be77db1db4c7462a788101d1136314878104a5f27db1334b9d
2942c0e23607fb50c583da88cba610c2ef1e98cdf116308b564e4aa6aea4afff
3e46ca167825f091b0dfae9185f728ca9e2896e4fff4ad913e7b349a52d13463
3ee6ac9477f638d2da62441ceb437dfdd0e71a161ede8a4042555a2e227a6ed1
45b55ef4856c6d734ecc7bd7c7d2b0400fef0bda4a76dea06d65835229212e38
4602a21012a09b651d50abf49dbe1f9914e80bb619d6d261df78905c2467d519
49963b73855e2ac9527cba27a4f9abd3e8402ce334258d8ebf5c136bbdb574f5
59f644fb787a3c1eaa2c6df5c9c4e9b3b31e4c0e7693ae4f7416afd7c77a4c0c
5dd274e933fd41dc26ceec8497618cb37daf92c5aca74b11ed3cb5e0e8b8506d
7b3225d80e411c17fc118788f8566b7024ba484aad5196cef825f93068a5a0b5
84ffbc63da443bc86afbbb09fc80048fdeb65e7b2ce9adcf69db944a1f8350a4
8d4cf40b7a5a43754bba2d805d3ca9254709ab3a887ab57b14fbaa5fba176077
8e55288efd7be2e5b696743f39016cf194370d023212f388670b91cef0521d08
9343257cfe4c41c474420bb703b320ecaceadb012bbf962ecfa6acf02cb2e076
aac83293d3ae43a583ca73da05aaf5b424becb20c7b34e5a924c282f44dcd439
b0078ff34fbff4b2604c028a29b1efbcf146651b6eb63a4e85d406bdb0118ce5
c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40a7edc218fec34e58a3e1d496a12dc79e4b15025b0cf45f81c3db0fedc10e6

northstar.bamelevate.com Open in urlscan Pro 23.21.217.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

50 %IPv6

5 Domains

8 Subdomains

8 IPs

2 Countries

1833 kBTransfer

2656 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

northstar.bamelevate.com Open in urlscan Pro
23.21.217.213 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

1833 kB
Transfer

2656 kB
Size

2
Cookies

26 HTTP transactions
2 data transactions