app.hummingbird.co Open in urlscan Pro
2606:4700:10::ac43:251c  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Referral Show response app.hummingbird.co/organizations/firstbankpuertorico/tips/	16 KB 6 KB	973ms 867ms	Document text/html	2606:4700:10::ac43:251c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hummingbird.co/organizations/firstbankpuertorico/tips/Referral Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:251c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a1f12579010aa472f3796659f666579027c77b5f41c8f72189d1d379a00c70c Security Headers Name Value Content-Security-Policy default-src 'self' https:; child-src 'self' blob:; connect-src 'self' https: http: wss: ws:; font-src 'self' https: data: fonts.googleapis.com fonts.gstatic.com; frame-src 'self' superset.charming.fish; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https: http: 'strict-dynamic' 'nonce-02ba085ad47d1e89'; style-src 'self' https: http: 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com; worker-src 'self' blob:; base-uri 'self'; report-uri /csp-reports Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers sentry-trace,baggage alt-svc h3=":443"; ma=86400 cache-control max-age=0, private, must-revalidate cf-cache-status DYNAMIC cf-ray 89afbd85897b9bca-FRA content-encoding br content-security-policy default-src 'self' https:; child-src 'self' blob:; connect-src 'self' https: http: wss: ws:; font-src 'self' https: data: fonts.googleapis.com fonts.gstatic.com; frame-src 'self' superset.charming.fish; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https: http: 'strict-dynamic' 'nonce-02ba085ad47d1e89'; style-src 'self' https: http: 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com; worker-src 'self' blob:; base-uri 'self'; report-uri /csp-reports content-security-policy-report-only default-src 'self' https:; child-src 'self' blob:; connect-src 'self' https: http: wss: ws:; font-src 'self' https: data: fonts.googleapis.com fonts.gstatic.com; frame-src 'self' superset.charming.fish; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https: http: 'strict-dynamic' 'nonce-02ba085ad47d1e89'; style-src 'self' https: http: 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com; worker-src 'self' blob:; base-uri 'self'; report-uri /csp-reports content-type text/html; charset=utf-8 date Fri, 28 Jun 2024 18:29:06 GMT etag W/"9a1f12579010aa472f3796659f666579" link <https://d24yezqfwx27px.cloudfront.net/assets/index-a782de47.css>; rel=preload; as=style; nopush,<https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js>; rel=modulepreload; as=script; nopush referrer-policy strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=63072000; includeSubDomains x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-request-id 0e85b950-a70a-45d1-946d-d63e9c053155 x-runtime 0.011904 x-xss-protection 0
GET H2	200	index-a782de47.css d24yezqfwx27px.cloudfront.net/assets/	332 KB 62 KB	178ms 61ms	Stylesheet text/css	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/index-a782de47.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a782de472ffd85c710b262b39304f18eab87e22ace584937e4fd803c01d4deaf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.hummingbird.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 06:11:23 GMT x-amz-version-id _nyyxbJcKEKSeZTRZBmbWJMeCAW.4AVC content-encoding br via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 994664 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 22 Jan 2024 11:51:35 GMT server AmazonS3 etag W/"b247017a263e233e2f2b365bf5bb1adf" vary Accept-Encoding, Origin content-type text/css cache-control public, max-age=31536000, s-maxage=31536000 x-amz-cf-id mtJmIyIdndXF_9cV8-s9ZyBojTT2QlS09-WAkkfbS4szboPOz3coyg==
GET H2	200	index-f5142f36.js Show response d24yezqfwx27px.cloudfront.net/assets/	6 MB 2 MB	173ms 69ms	Script application/javascript	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c9f8711f320d9931e62c554706a4cdd688cfda34dffef9e90e618f1a636132a8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 15:27:47 GMT x-amz-version-id Fz5QNpFwZoEkqACfK1Ju21TAN7H.1I28 content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 10880 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 28 Jun 2024 15:24:07 GMT server AmazonS3 etag W/"5812694354649bb0853069c8e65fe193" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id oEvktv3RQ86CWo6vISyaienGUhYGpqcCds5aNNQzN6NywhbRtLWv5A==
GET H2	200	persisted-query-manifest-ea874ba8.js Show response d24yezqfwx27px.cloudfront.net/assets/	289 KB 37 KB	49ms 49ms	Script application/javascript	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/persisted-query-manifest-ea874ba8.js Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4a5ba3faed897e9a977e7405576580441a83718f46eeea8a2986dfe63802f3de Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 03:44:09 GMT x-amz-version-id z7fw2uFZJl1SLmzeHpxAKddKZbI4SxMq content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 830699 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 19 Jun 2024 03:37:40 GMT server AmazonS3 etag W/"deb1fd96f0072404f9362eec8bef717e" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id ncjndnkqircDx3aDof8R6lvdcQq6wBbTa6F58z18xABDgb2x3VwHxw==
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/webp
POST H2	200	/ Show response sentry.io/api/275847/envelope/	2 B 324 B	243ms 154ms	Fetch application/json	35.186.247.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sentry.io/api/275847/envelope/?sentry_key=d4037906a464496c875162486739023d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.22.0 Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 156.247.186.35.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://app.hummingbird.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 28 Jun 2024 18:29:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET H2	200	TipIntakeFormFromQuery-416edd8f.js Show response d24yezqfwx27px.cloudfront.net/assets/	6 KB 2 KB	700ms 698ms	Script application/javascript	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/TipIntakeFormFromQuery-416edd8f.js Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fdf09e2f3233d23fcf5372b40b1a167d31814901dc7c264a7ec12a19913d4b77 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 18:29:08 GMT x-amz-version-id 0K4mNhZ4PB_DZlSHfBxGbn9Yo0mTlnFf content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 28 Jun 2024 15:24:07 GMT server AmazonS3 etag W/"3d322c1f8718be6f5837cc486dc7c1bb" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id KzQeo8b5LFT_Drz2tNgmGcuys4_YlrhJroewhub6_UbjuQpyP1JpmA==
GET H2	200	TipIntakeForm-94a4e72e.js Show response d24yezqfwx27px.cloudfront.net/assets/	4 KB 2 KB	674ms 673ms	Script application/javascript	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/TipIntakeForm-94a4e72e.js Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6b0b073f64e913c652f2a884ffbff1c78f6a0fc22bfa6d062c7f499a22ce699c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 18:29:08 GMT x-amz-version-id W1PMWZ5IXttH3dGZru1C.6zUrtwqHLmm content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 28 Jun 2024 15:24:07 GMT server AmazonS3 etag W/"449ffd100e2a10a8c399b736830d43c0" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id IEXvld59IQFKS7Ik2rHFPqzVV6sFmfPsC3m_ZyzsOgkWbPQVWRau6w==
GET H2	200	SubmittableSurveyForm-19ffd3bb.js Show response d24yezqfwx27px.cloudfront.net/assets/	4 KB 2 KB	168ms 167ms	Script application/javascript	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/SubmittableSurveyForm-19ffd3bb.js Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3992aa38ff22983657e9dec5efd31d10fe7452878df090a2bdc11c2461b991df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 16:24:04 GMT x-amz-version-id zyCvMPZynz1mBhu3wKR3M9NAhJyiotya content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 7504 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 28 Jun 2024 15:24:07 GMT server AmazonS3 etag W/"9a8cc06e9582648015a9795522dbfe86" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id UZ6NE6cVRnuLlw7YcC6NVWeLeR3ZOOn1W8HPJeDpQvdiRqh-Z3hH_Q==
GET H2	200	Container-82adafcf.js Show response d24yezqfwx27px.cloudfront.net/assets/	2 KB 1 KB	58ms 57ms	Script application/javascript	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/Container-82adafcf.js Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5b9ba271739d72e738d60d7984bdd4bca1629cf6c50f6fddcd39e3f1600e9603 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 16:24:04 GMT x-amz-version-id jeP2.rnhhWwSQ5ptEEz1rrmySEI3pdrF content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 7504 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 28 Jun 2024 15:24:06 GMT server AmazonS3 etag W/"0334c641f3a327179220cd7b82ffe46c" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id PNrpDDxUkVLX7XCqr0OGG7-EmIZL_VqaJkeAG8x5J9wSSqcNPb_U5w==
GET H2	200	FormError-13f09730.js Show response d24yezqfwx27px.cloudfront.net/assets/	876 B 1 KB	67ms 66ms	Script application/javascript	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/FormError-13f09730.js Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c73dc299d5b225ab3dae15323aa74a6dc908e18c62ac8c12a2df31fa7bd7cbab Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 15:30:43 GMT x-amz-version-id p6LKDopboG8lZySzc_zY96zAelZp0ESn via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 10705 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 876 last-modified Fri, 28 Jun 2024 15:24:07 GMT server AmazonS3 etag "ed1b84049aea3b5ba9c5d8912ad07933" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Origin accept-ranges bytes x-amz-cf-id jnaoQDKCQ9SZtjvdKuzrf3aRIgowMxVs4EQgSrIjzVwA-vvOaiUNjQ==
GET H2	200	surveyHelpers-abfd7338.js Show response d24yezqfwx27px.cloudfront.net/assets/	235 KB 68 KB	68ms 67ms	Script application/javascript	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/surveyHelpers-abfd7338.js Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5be3eb15cdc3df553b04ed8cacd8a99e499df82e8b423c316284e07ba23a7beb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 15:30:43 GMT x-amz-version-id nTPxZzuMQhydGcV3mnSqm4dd23hbitpS content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 10705 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 28 Jun 2024 15:24:07 GMT server AmazonS3 etag W/"c1c7a39079ca2a94714bb5b3b178d7ec" access-control-max-age 3600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id -aLYe0X5eC5ujBNYnILGLboeMyIsunKVA7S0FAYb_X5YMIMVAQGjmQ==
GET H2	200	surveyHelpers-0b0948d8.css d24yezqfwx27px.cloudfront.net/assets/	66 KB 10 KB	69ms 69ms	Stylesheet text/css	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/surveyHelpers-0b0948d8.css Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0b0948d823fc3f98ca656327c2ad6b47ffb00ed153347fa340fd1adf8784a87a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.hummingbird.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 05:30:46 GMT x-amz-version-id UAQ8fkaKBC0bVsO4EfopVO5fUMOF40GP content-encoding br via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 392302 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 22 Jan 2024 11:51:35 GMT server AmazonS3 etag W/"f79852fd5f04d2283f8896e666be2fc3" vary Accept-Encoding, Origin content-type text/css cache-control public, max-age=31536000, s-maxage=31536000 x-amz-cf-id fe_BUSo1PlHgM7EXK8EEfoO4TqRZnTOixLOx4DdQxTND0RxAwf3yHA==
GET H2	200	pjomv4uy Show response widget.intercom.io/widget/	7 KB 3 KB	504ms 401ms	Script application/javascript	13.224.189.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/pjomv4uy Requested by Host: app.hummingbird.co URL: https://app.hummingbird.co/organizations/firstbankpuertorico/tips/Referral Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.35 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-35.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 9f189b46227990a8ee4e0dc2df71d20bdb6a56a8427e71f2d2ce2175bb40a151 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.hummingbird.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id cL3FtXjTlcFe8DI_W2beclQbU1S2IZfN content-encoding gzip via 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront) date Fri, 28 Jun 2024 18:26:15 GMT x-amz-cf-pop FRA2-C1 age 186 x-amz-server-side-encryption AES256 x-cache Error from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2669 last-modified Fri, 28 Jun 2024 14:18:33 GMT server AmazonS3 etag "a0ac343fbe8d427e1e2d8ac499825083" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=300, s-maxage=300, public accept-ranges bytes x-amz-cf-id scYOnd-0B5A_EvTOhse-R79Bt7SsDMcXjnoNbqH91fcLdZcZLnpR2Q==
GET H2	200	favicon-32x32-d4d5d474.png d24yezqfwx27px.cloudfront.net/assets/images/	437 B 916 B	48ms 48ms	Other image/png	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/images/favicon-32x32-d4d5d474.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d4d5d474d18a569d1b82182ba621fe440f646e8c2c7c6f73b0501f8dec3003f7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.hummingbird.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:07:32 GMT x-amz-version-id 3C37XiuaVVTrSrqFWpI_I.KNI.63QvfH via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 904896 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 437 last-modified Tue, 21 Mar 2023 17:42:34 GMT server AmazonS3 etag "2f3da52704fa361429abb1d2fa6d4c6e" vary Origin content-type image/png cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes x-amz-cf-id CXp1ym8vvvGFC4ZfrgpkOPI2A4yMXG7wdfoDmQhShDpVMuUp9V_ZrQ==
GET H2	200	frame-modern.353dc763.js Show response js.intercomcdn.com/ Frame C912	460 KB 139 KB	140ms 43ms	Script application/javascript	18.245.46.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.353dc763.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/pjomv4uy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash cdd43bbe8eec2c58dc104a26e750490c5b826f7c82bd2a3e7baf65644e9b6efa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id eovtM7oNHcwa1RAsZeb_Ha4brPyE980e content-encoding gzip via 1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront) date Fri, 28 Jun 2024 18:18:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P9 age 632 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 141108 last-modified Fri, 28 Jun 2024 14:15:33 GMT server AmazonS3 etag "dca9da26b57e5ec038a0a383ab9e8047" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id BEWlO_JmADAOnPSM1DEBKtRKQHaF92WCmH6e55RWnSzgOf9C6WU47g==
GET H2	200	vendor-modern.3ab0cbde.js Show response js.intercomcdn.com/ Frame C912	486 KB 151 KB	225ms 128ms	Script application/javascript	18.245.46.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.3ab0cbde.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/pjomv4uy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7f7d66aa33b67752bb4b3598211c144d8d8c296116f4354f3bd1b2fe3903b931 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id GSlu8VuI0xutHLjv8CV_0dIfajUVqmIP content-encoding gzip via 1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront) date Fri, 28 Jun 2024 17:26:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P9 age 3764 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 154028 last-modified Thu, 27 Jun 2024 11:23:51 GMT server AmazonS3 etag "558bd66c0c26a9cd0cdcd0ade98d8fdd" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id mcbV6fav8Kp8RuwtZ-wfPMT5v73ZH0uyiWcTuTO3tPj1FPUUusI7sw==
POST H2	200	graphql Show response app.hummingbird.co/	262 KB 45 KB	529ms 527ms	Fetch application/json	2606:4700:10::ac43:251c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hummingbird.co/graphql Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-f5142f36.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:251c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f40a0a0b21ebbaf5ee509447f23ca0fced7d84a554e7466937b5e954540c5d35 Security Headers Name Value Content-Security-Policy default-src 'self' https:; child-src 'self' blob:; connect-src 'self' https: http: wss: ws:; font-src 'self' https: data: fonts.googleapis.com fonts.gstatic.com; frame-src 'self' superset.charming.fish; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https: http: 'strict-dynamic' 'nonce-78e64543d3fdce64'; style-src 'self' https: http: 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com; worker-src 'self' blob:; base-uri 'self'; report-uri /csp-reports Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" x-csrf-token DDNLecNWkHuOh7JUCS5rihn5GKyfKSEhVho-LfiLd2bzpTmT93zXrCN3xJkoPJJrkGEp2XJrHCLuxrgndBPrHA Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json accept */* Referer https://app.hummingbird.co/organizations/firstbankpuertorico/tips/Referral x-frontend-version b218ee3e4b9256de750c10159a7720e76e315557 baggage sentry-environment=production,sentry-release=hummingbird-frontend%40b218ee3e4b9256de750c10159a7720e76e315557,sentry-public_key=d4037906a464496c875162486739023d,sentry-trace_id=089f2e54b6f641a6b98099d9ff18eed2,sentry-sample_rate=NaN sentry-trace 089f2e54b6f641a6b98099d9ff18eed2-a6d4926fff94a236-0 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 18:29:08 GMT content-security-policy default-src 'self' https:; child-src 'self' blob:; connect-src 'self' https: http: wss: ws:; font-src 'self' https: data: fonts.googleapis.com fonts.gstatic.com; frame-src 'self' superset.charming.fish; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https: http: 'strict-dynamic' 'nonce-78e64543d3fdce64'; style-src 'self' https: http: 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com; worker-src 'self' blob:; base-uri 'self'; report-uri /csp-reports x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains cf-cache-status DYNAMIC x-permitted-cross-domain-policies none content-encoding br content-security-policy-report-only default-src 'self' https:; child-src 'self' blob:; connect-src 'self' https: http: wss: ws:; font-src 'self' https: data: fonts.googleapis.com fonts.gstatic.com; frame-src 'self' superset.charming.fish; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https: http: 'strict-dynamic' 'nonce-78e64543d3fdce64'; style-src 'self' https: http: 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com; worker-src 'self' blob:; base-uri 'self'; report-uri /csp-reports alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 3ce0bd90-74a7-4531-9ec1-cc19947472f0 x-runtime 0.309293 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"f40a0a0b21ebbaf5ee509447f23ca0fc" x-download-options noopen x-frame-options SAMEORIGIN vary Accept content-type application/json; charset=utf-8 cache-control max-age=0, private, must-revalidate cf-ray 89afbd963b6b9bca-FRA access-control-allow-headers sentry-trace,baggage
GET H2	200	inter-latin-400-normal-d56fec21.woff2 d24yezqfwx27px.cloudfront.net/assets/	16 KB 17 KB	59ms 58ms	Font application/font-woff2	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/inter-latin-400-normal-d56fec21.woff2 Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-a782de47.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d56fec2159406ce1d4e284774fd1ee371018f131e28aa303ad1675edc76f20dc Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://d24yezqfwx27px.cloudfront.net/assets/index-a782de47.css Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 05:30:53 GMT x-amz-version-id bhpQvBYM6oQ80aSGvQL4Q8ZCu5DlyANy via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 392297 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 16608 last-modified Mon, 06 Mar 2023 19:34:09 GMT server AmazonS3 etag "3a92ec2488a578522056ab029eeb71a1" access-control-max-age 3600 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Origin accept-ranges bytes x-amz-cf-id Vkpl_8F-5YgMVKdA6F1q315EFSADcxO2k0I4ncqvZXFNle4RXqNgHQ==
GET H2	200	inter-latin-500-normal-aa5a5a7a.woff2 d24yezqfwx27px.cloudfront.net/assets/	17 KB 18 KB	49ms 49ms	Font application/font-woff2	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24yezqfwx27px.cloudfront.net/assets/inter-latin-500-normal-aa5a5a7a.woff2 Requested by Host: d24yezqfwx27px.cloudfront.net URL: https://d24yezqfwx27px.cloudfront.net/assets/index-a782de47.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash aa5a5a7aef18ee566c2ae611c7e7a23d61cceca332684e3f3d2bcbf7c4bfc886 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://d24yezqfwx27px.cloudfront.net/assets/index-a782de47.css Origin https://app.hummingbird.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 15:14:55 GMT x-amz-version-id 8USq7mjliE.UGb_ySw8TJg32m.U3hg9e via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 875655 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17448 last-modified Mon, 06 Mar 2023 19:34:09 GMT server AmazonS3 etag "03a0aa43ae83b56ee544acdfb4aa1cc4" access-control-max-age 3600 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://app.hummingbird.co cache-control public, max-age=31536000, s-maxage=31536000 access-control-allow-credentials true vary Origin accept-ranges bytes x-amz-cf-id Un4yGZHfMA0o1uxPrYgE9XtMV_Uh_xKeVxluEqaU2gkmMQYwt2MWDg==
GET H/1.1	200 OK	d53df759b643905ee563cc964c2056aa.png s3.us-west-2.amazonaws.com/hummingbird.public-files.prod/branding_images/	3 KB 3 KB	648ms 227ms	Image image/png	52.92.236.192 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.us-west-2.amazonaws.com/hummingbird.public-files.prod/branding_images/d53df759b643905ee563cc964c2056aa.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.92.236.192 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 4fa984eab2a547eea202139b2fae15dcd7e9978149ba07cc3d14fbd1d624d65a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.hummingbird.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 28 Jun 2024 18:29:10 GMT x-amz-version-id nvl99oLHRq57YdOAl5qGavGN.UqQ4RU4 Last-Modified Fri, 02 Jun 2023 17:58:55 GMT Server AmazonS3 x-amz-request-id WWJ2B4812PEYKXVX ETag "a39ca89ccf2776638e0c697b5b9d7682" x-amz-server-side-encryption AES256 Content-Type image/png x-amz-replication-status COMPLETED Content-Disposition inline; filename="1st Bank Logo.png"; filename*=UTF-8''1st%20Bank%20Logo.png Accept-Ranges bytes Content-Length 2660 x-amz-id-2 DbAxZF092FU0w4LRNQ+s9DBvDN+L+s8xhvO7Iq3QnV98GPQQXbpLP+Ukxnt8ijew0GYHi2RZKmo=
GET H2	200	powered-by-logo-dc40304a.png d24yezqfwx27px.cloudfront.net/assets/	6 KB 6 KB	50ms 50ms	Image image/png	2600:9000:225b:d200:6:18d1:2540:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d24yezqfwx27px.cloudfront.net/assets/powered-by-logo-dc40304a.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:d200:6:18d1:2540:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dc40304ad623dba901fd98eabed5b0f1ffd7c880be5df2df4f178274c591aa1d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://app.hummingbird.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 18:40:06 GMT x-amz-version-id WDZ1PG2vj9Kk4cy4obZXLHEu7Qpsjmit via 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 949744 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 5660 last-modified Mon, 06 Mar 2023 19:34:09 GMT server AmazonS3 etag "6d2bc7010be789e96fc6fa189d7f8153" vary Origin content-type image/png cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes x-amz-cf-id ezd7VpOYAOPAGpl2KzUe0nB9dK1eFUPveKCpGN5jwVfou_bO_YhsgQ==

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| Intercom object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| Prism function| __intercomAssignLocation function| __intercomReloadLocation

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.hummingbird.co/	1969-12-31 23:59:59	Name: _hummingbird_rails_session Value: 7TxMLSprHWxsJ5QDYRepk%2BMkpVPKIYYlxMjGENHdFp%2BvnS6zkP6U3PJn6wWwhkguk5ENsYWiP0QmSUrM0WwKwKpceOJsx9W0SLkLd1HJi%2F4vgSfO%2Bqc2gwTnT244ISGT%2FRArAZT03%2BVJx%2F9kS6a0EE%2FFaPkRX4g27TlMRfWV%2FigBvFcGofUvDc9U8mjoxsrYgov4a12M0TvuaP8vWaF3EVlqPJnZPdjL46ZHu6EPWhfyNwaZr6ugpwmAkPmjfBnDA45MmliC6y78ypzYVuJn%2BB5%2BkF8WmP3YZoM7%2BLJNX0bMrA%3D%3D--2tLBlpuMELMFcfAd--rDNLSxwbz1cDz8Ci459XVA%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https:; child-src 'self' blob:; connect-src 'self' https: http: wss: ws:; font-src 'self' https: data: fonts.googleapis.com fonts.gstatic.com; frame-src 'self' superset.charming.fish; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https: http: 'strict-dynamic' 'nonce-02ba085ad47d1e89'; style-src 'self' https: http: 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com; worker-src 'self' blob:; base-uri 'self'; report-uri /csp-reports
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hummingbird.co
d24yezqfwx27px.cloudfront.net
js.intercomcdn.com
s3.us-west-2.amazonaws.com
sentry.io
widget.intercom.io
13.224.189.35
18.245.46.10
2600:9000:225b:d200:6:18d1:2540:21
2606:4700:10::ac43:251c
35.186.247.156
52.92.236.192
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0b0948d823fc3f98ca656327c2ad6b47ffb00ed153347fa340fd1adf8784a87a
3992aa38ff22983657e9dec5efd31d10fe7452878df090a2bdc11c2461b991df
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a5ba3faed897e9a977e7405576580441a83718f46eeea8a2986dfe63802f3de
4fa984eab2a547eea202139b2fae15dcd7e9978149ba07cc3d14fbd1d624d65a
5b9ba271739d72e738d60d7984bdd4bca1629cf6c50f6fddcd39e3f1600e9603
5be3eb15cdc3df553b04ed8cacd8a99e499df82e8b423c316284e07ba23a7beb
6b0b073f64e913c652f2a884ffbff1c78f6a0fc22bfa6d062c7f499a22ce699c
7f7d66aa33b67752bb4b3598211c144d8d8c296116f4354f3bd1b2fe3903b931
9a1f12579010aa472f3796659f666579027c77b5f41c8f72189d1d379a00c70c
9f189b46227990a8ee4e0dc2df71d20bdb6a56a8427e71f2d2ce2175bb40a151
a782de472ffd85c710b262b39304f18eab87e22ace584937e4fd803c01d4deaf
aa5a5a7aef18ee566c2ae611c7e7a23d61cceca332684e3f3d2bcbf7c4bfc886
c73dc299d5b225ab3dae15323aa74a6dc908e18c62ac8c12a2df31fa7bd7cbab
c9f8711f320d9931e62c554706a4cdd688cfda34dffef9e90e618f1a636132a8
cdd43bbe8eec2c58dc104a26e750490c5b826f7c82bd2a3e7baf65644e9b6efa
d4d5d474d18a569d1b82182ba621fe440f646e8c2c7c6f73b0501f8dec3003f7
d56fec2159406ce1d4e284774fd1ee371018f131e28aa303ad1675edc76f20dc
dc40304ad623dba901fd98eabed5b0f1ffd7c880be5df2df4f178274c591aa1d
f40a0a0b21ebbaf5ee509447f23ca0fced7d84a554e7466937b5e954540c5d35
fdf09e2f3233d23fcf5372b40b1a167d31814901dc7c264a7ec12a19913d4b77