urlscan.io logo urlscan.io
SecurityTrails logo

online-loans-consumer-ui.prd.online-loans.ameriabank.am Open in urlscan Pro
185.3.189.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 16 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 16 HTTP transactions. The main IP is 185.3.189.13, located in Armenia and belongs to ameria-as Ameriabank CJSC, AM. The main domain is online-loans-consumer-ui.prd.online-loans.ameriabank.am.
TLS certificate: Issued by R11 on September 13th 2024. Valid for: 3 months.
This is the only time online-loans-consumer-ui.prd.online-loans.ameriabank.am was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 185.3.189.13 201063 (ameria-as...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.185.232 15169 (GOOGLE)
1 142.250.184.206 15169 (GOOGLE)
1 142.250.110.156 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
1 172.217.23.106 15169 (GOOGLE)
1 185.3.189.174 201063 (ameria-as...)
2 142.250.185.99 15169 (GOOGLE)
16 9
8    185.3.189.13 (Armenia)

ASN201063 (ameria-as Ameriabank CJSC, AM)
PTR: Dgpayapi.ameriabank.am
online-loans-consumer-ui.prd.online-loans.ameriabank.am
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
1    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
analytics.google.com
1    142.250.110.156 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
td.doubleclick.net
1    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f10.1e100.net
fonts.googleapis.com
1    185.3.189.174 (Armenia)

ASN201063 (ameria-as Ameriabank CJSC, AM)
auth-external.prd.k8s.ameriabank.am
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 ameriabank.am
online-loans-consumer-ui.prd.online-loans.ameriabank.am
auth-external.prd.k8s.ameriabank.am
1 MB
2 gstatic.com
fonts.gstatic.com
58 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
582 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 google.com
analytics.google.com — Cisco Umbrella Rank: 142
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
131 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
55 KB
16 7
Domain Requested by
8 online-loans-consumer-ui.prd.online-loans.ameriabank.am 1 redirects online-loans-consumer-ui.prd.online-loans.ameriabank.am
client
2 fonts.gstatic.com fonts.googleapis.com
1 auth-external.prd.k8s.ameriabank.am online-loans-consumer-ui.prd.online-loans.ameriabank.am
1 fonts.googleapis.com client
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com online-loans-consumer-ui.prd.online-loans.ameriabank.am
1 cdnjs.cloudflare.com online-loans-consumer-ui.prd.online-loans.ameriabank.am
16 9

This site contains no links.

Subject Issuer Validity Valid
*.prd.online-loans.ameriabank.am
R11		 2024-09-13 -
2024-12-12		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Frame ID: EEFE233ABE1F7FB33EC394ECB118CD9C
Requests: 15 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-GKMQVQ0D4D&gacid=1195326412.1731792274&gtm=45je4bc0v877608553za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&z=1906634506
Frame ID: 81F480E88465B0F532CC6FCF0E15793F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Loan

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

1364 kB
Transfer

1862 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/api/config HTTP 302
  • https://auth-external.prd.k8s.ameriabank.am/realms/ameria/protocol/openid-connect/auth?client_id=online-loans-customer-webapp&redirect_uri=https%3A%2F%2Fonline-loans-consumer-ui.prd.online-loans.ameriabank.am%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638673890806602082.YzIwOWU4ZWItNWU5YS00NTcwLTk0MjQtZWExNWU3ZTc1MmRjZTYyMDljYWYtMjBlZS00NzQzLWI0MzEtZGYwOTE5YjUzODBm&state=CfDJ8FFtXiSSHEVKrbkyH5GAhdWqctSgVl1LRI6X6f9y4z4Qsw6cMFOJn5PaQT0stMl4EOO6wb-mCyr04MdoJnHYEzx2WlvYuNzK61UKJUvJiYerFxZwGA3NlUsDTnN-qxK4IqHZsWyvT40Mm5TPK_WxX5LIeZXydLM1voezSvRg7zHMQMNheRBGwASpCtrLv24VqGt2jVvQitjRJqi0gHUxvwXbYGYg6SSg5clynX5LQPl2WIVBZA8L42KOD5zOzptZm3uNseOAzU0Fexs2NvbRt4xJo5Zu267cP02KxBY-E66qbjylJqzz6nchKciqgYUdFu6l7LbRLyMLZpYm8PlSmfRnEDtwfWIXdgdK4EfC1a0k&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
online-loans-consumer-ui.prd.online-loans.ameriabank.am/ 		726 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.189.13 , Armenia, ASN201063 (ameria-as Ameriabank CJSC, AM),
Reverse DNS
Dgpayapi.ameriabank.am
Software
Kestrel /
Resource Hash
3b6ef33134b18142bb428a720c85e73d618807dcc13d1135f4cb665adfbe0fbd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
726
Content-Type
text/html
Date
Sat, 16 Nov 2024 21:24:32 GMT
ETag
"1db215b723e7fd6"
Last-Modified
Fri, 18 Oct 2024 12:44:18 GMT
Server
Kestrel
Strict-Transport-Security
max-age=15768000
lottie_canvas.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.10.2/ 		251 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.10.2/lottie_canvas.min.js
Requested by
Host: online-loans-consumer-ui.prd.online-loans.ameriabank.am
URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519b1aa87d5ce27e13b8e97bb2912ef11bfa1179d695fd56051e0acd5b379068
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"63cdea8b-d9a7"
age
179368
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHDKKEgIU3vsBf5dl5mmibvxM9PU9Hb0%2B8lSzTnJEgEQ%2FATb2eGloXyuRvZjIWmr0NNx9epwaEsX3CKWLlhYePb1d9CascpWHAVZw2iiQIijhBAwyS8gEnnuenGt4h9IWhzzq%2BfS"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 21:24:33 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 21:24:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 23 Jan 2023 02:01:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e3a8c6df9744d2b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
55719
server
cloudflare
js
www.googletagmanager.com/gtag/ 		410 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GKMQVQ0D4D
Requested by
Host: online-loans-consumer-ui.prd.online-loans.ameriabank.am
URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b090b394fee332fcfa16737ae0bfc2e218a0e8191524bb44566805257d4d529b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 21:24:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 21:24:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133490
x-xss-protection
0
server
Google Tag Manager
main.b3a1776f.js
online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/js/main.b3a1776f.js
Requested by
Host: online-loans-consumer-ui.prd.online-loans.ameriabank.am
URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.189.13 , Armenia, ASN201063 (ameria-as Ameriabank CJSC, AM),
Reverse DNS
Dgpayapi.ameriabank.am
Software
Kestrel /
Resource Hash
277f484ca8090b13ccedb2ab9d02aa77e93bfa8cf77d8870b0df0701ab96d7a8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

Strict-Transport-Security
max-age=15768000
ETag
"1db215b722efe2c"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1082156
Date
Sat, 16 Nov 2024 21:24:33 GMT
Content-Type
application/javascript
Last-Modified
Fri, 18 Oct 2024 12:44:18 GMT
Server
Kestrel
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
main.8556fa80.css
online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/css/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/css/main.8556fa80.css
Requested by
Host: online-loans-consumer-ui.prd.online-loans.ameriabank.am
URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.189.13 , Armenia, ASN201063 (ameria-as Ameriabank CJSC, AM),
Reverse DNS
Dgpayapi.ameriabank.am
Software
Kestrel /
Resource Hash
d0d63e4006376c9277e54d155622b785671a8153626e1f9afeff749c3e9051b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

Strict-Transport-Security
max-age=15768000
ETag
"1db215b723e52c9"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
12233
Date
Sat, 16 Nov 2024 21:24:33 GMT
Content-Type
text/css
Last-Modified
Fri, 18 Oct 2024 12:44:18 GMT
Server
Kestrel
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-GKMQVQ0D4D&gtm=45je4bc0v877608553za200&_p=1731792273819&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=1195326412.1731792274&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1731792273&sct=1&seg=0&dl=https%3A%2F%2Fonline-loans-consumer-ui.prd.online-loans.ameriabank.am%2F&dt=Online%20Loan&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=1407
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKMQVQ0D4D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 21:24:34 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
582 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GKMQVQ0D4D&cid=1195326412.1731792274&gtm=45je4bc0v877608553za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067554~102067808~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKMQVQ0D4D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.156 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 21:24:34 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 81F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-GKMQVQ0D4D&gacid=1195326412.1731792274&gtm=45je4bc0v877608553za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&z=1906634506
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GKMQVQ0D4D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Nov 2024 21:24:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
style.css
online-loans-consumer-ui.prd.online-loans.ameriabank.am/fonts/icomoon/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/fonts/icomoon/style.css
Requested by
Host: client
URL: about:client
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.189.13 , Armenia, ASN201063 (ameria-as Ameriabank CJSC, AM),
Reverse DNS
Dgpayapi.ameriabank.am
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

Strict-Transport-Security
max-age=15768000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 16 Nov 2024 21:24:40 GMT
Server
Kestrel
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
css2
fonts.googleapis.com/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+Armenian:wght@100;200;400;500;600;700;800;900&family=Noto+Sans:wght@100;300;500;600;700;800;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f10.1e100.net
Software
ESF /
Resource Hash
c88098a29c894dd3f687da3a95481fafe22254c4044b55501139dcffab6a6674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 21:24:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 21:24:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 16 Nov 2024 21:24:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
header_logo.0353334c4f43498218a1eab5b0d7e01f.svg
online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/media/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/media/header_logo.0353334c4f43498218a1eab5b0d7e01f.svg
Requested by
Host: online-loans-consumer-ui.prd.online-loans.ameriabank.am
URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.189.13 , Armenia, ASN201063 (ameria-as Ameriabank CJSC, AM),
Reverse DNS
Dgpayapi.ameriabank.am
Software
Kestrel /
Resource Hash
919fe7e2102d2f203b1c42a9444e82dd03f664e9d719f11ee6c08bb1a7d4ee08
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

Strict-Transport-Security
max-age=15768000
ETag
"1db215b723e648f"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
6543
Date
Sat, 16 Nov 2024 21:24:40 GMT
Content-Type
image/svg+xml
Last-Modified
Fri, 18 Oct 2024 12:44:18 GMT
Server
Kestrel
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
icomoon.5d5c23cc71519cb04dca.ttf
online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/media/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/media/icomoon.5d5c23cc71519cb04dca.ttf
Requested by
Host: online-loans-consumer-ui.prd.online-loans.ameriabank.am
URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/css/main.8556fa80.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.189.13 , Armenia, ASN201063 (ameria-as Ameriabank CJSC, AM),
Reverse DNS
Dgpayapi.ameriabank.am
Software
Kestrel /
Resource Hash
9b645edac65673a493fc6df420b41b08f6c1cca795c0af6c49e55c798d7c4bfe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/static/css/main.8556fa80.css

Response headers

Strict-Transport-Security
max-age=15768000
ETag
"1db215b723e32b0"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
20400
Date
Sat, 16 Nov 2024 21:24:40 GMT
Content-Type
application/x-font-ttf
Last-Modified
Fri, 18 Oct 2024 12:44:18 GMT
Server
Kestrel
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
auth
auth-external.prd.k8s.ameriabank.am/realms/ameria/protocol/openid-connect/
Redirect Chain
  • https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/api/config
  • https://auth-external.prd.k8s.ameriabank.am/realms/ameria/protocol/openid-connect/auth?client_id=online-loans-customer-webapp&redirect_uri=https%3A%2F%2Fonline-loans-consumer-ui.prd.online-loans.am...
16 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-external.prd.k8s.ameriabank.am/realms/ameria/protocol/openid-connect/auth?client_id=online-loans-customer-webapp&redirect_uri=https%3A%2F%2Fonline-loans-consumer-ui.prd.online-loans.ameriabank.am%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638673890806602082.YzIwOWU4ZWItNWU5YS00NTcwLTk0MjQtZWExNWU3ZTc1MmRjZTYyMDljYWYtMjBlZS00NzQzLWI0MzEtZGYwOTE5YjUzODBm&state=CfDJ8FFtXiSSHEVKrbkyH5GAhdWqctSgVl1LRI6X6f9y4z4Qsw6cMFOJn5PaQT0stMl4EOO6wb-mCyr04MdoJnHYEzx2WlvYuNzK61UKJUvJiYerFxZwGA3NlUsDTnN-qxK4IqHZsWyvT40Mm5TPK_WxX5LIeZXydLM1voezSvRg7zHMQMNheRBGwASpCtrLv24VqGt2jVvQitjRJqi0gHUxvwXbYGYg6SSg5clynX5LQPl2WIVBZA8L42KOD5zOzptZm3uNseOAzU0Fexs2NvbRt4xJo5Zu267cP02KxBY-E66qbjylJqzz6nchKciqgYUdFu6l7LbRLyMLZpYm8PlSmfRnEDtwfWIXdgdK4EfC1a0k&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0
Requested by
Host: online-loans-consumer-ui.prd.online-loans.ameriabank.am
URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/
Protocol
HTTP/1.1
Server
185.3.189.174 , Armenia, ASN201063 (ameria-as Ameriabank CJSC, AM),
Reverse DNS
Software
istio-envoy /
Resource Hash
ae9c744befb2bb6c0aa50ed178269397d8bf2ab569387a1b0e9b4ab85f0d9821
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://www.google.com; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
none
content-security-policy
frame-src 'self' https://www.google.com; frame-ancestors 'self'; object-src 'none';
cache-control
no-store, must-revalidate, max-age=0
x-envoy-upstream-service-time
10
x-content-type-options
nosniff
referrer-policy
no-referrer
access-control-allow-origin
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am
content-length
16303
x-xss-protection
1; mode=block
date
Sat, 16 Nov 2024 21:24:41 GMT
content-language
en
content-type
text/html;charset=utf-8
server
istio-envoy
x-frame-options
SAMEORIGIN

Redirect headers

Strict-Transport-Security
max-age=15768000
Location
https://auth-external.prd.k8s.ameriabank.am/realms/ameria/protocol/openid-connect/auth?client_id=online-loans-customer-webapp&redirect_uri=https%3A%2F%2Fonline-loans-consumer-ui.prd.online-loans.ameriabank.am%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638673890806602082.YzIwOWU4ZWItNWU5YS00NTcwLTk0MjQtZWExNWU3ZTc1MmRjZTYyMDljYWYtMjBlZS00NzQzLWI0MzEtZGYwOTE5YjUzODBm&state=CfDJ8FFtXiSSHEVKrbkyH5GAhdWqctSgVl1LRI6X6f9y4z4Qsw6cMFOJn5PaQT0stMl4EOO6wb-mCyr04MdoJnHYEzx2WlvYuNzK61UKJUvJiYerFxZwGA3NlUsDTnN-qxK4IqHZsWyvT40Mm5TPK_WxX5LIeZXydLM1voezSvRg7zHMQMNheRBGwASpCtrLv24VqGt2jVvQitjRJqi0gHUxvwXbYGYg6SSg5clynX5LQPl2WIVBZA8L42KOD5zOzptZm3uNseOAzU0Fexs2NvbRt4xJo5Zu267cP02KxBY-E66qbjylJqzz6nchKciqgYUdFu6l7LbRLyMLZpYm8PlSmfRnEDtwfWIXdgdK4EfC1a0k&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 16 Nov 2024 21:24:40 GMT
Server
Kestrel
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
ZgN7jOZKPa7CHqq0h37c7ReDUubm2SEdFXp7ig73qtTY5idbxYhVoA.woff2
fonts.gstatic.com/s/notosansarmenian/v43/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansarmenian/v43/ZgN7jOZKPa7CHqq0h37c7ReDUubm2SEdFXp7ig73qtTY5idbxYhVoA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Armenian:wght@100;200;400;500;600;700;800;900&family=Noto+Sans:wght@100;300;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
e2eca1b4c9923a2d50782cb89bd8f85d9d3a466b0648e7a07a5b40aa01b43fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am
Referer
https://fonts.googleapis.com/

Response headers

age
204296
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 12:39:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 12:39:45 GMT
last-modified
Wed, 08 Nov 2023 20:42:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
31696
x-xss-protection
0
server
sffe
ZgN7jOZKPa7CHqq0h37c7ReDUubm2SEdFXp7ig73qtTY5idbxZhVoDur.woff2
fonts.gstatic.com/s/notosansarmenian/v43/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansarmenian/v43/ZgN7jOZKPa7CHqq0h37c7ReDUubm2SEdFXp7ig73qtTY5idbxZhVoDur.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Armenian:wght@100;200;400;500;600;700;800;900&family=Noto+Sans:wght@100;300;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
7982e4a7799c84abdb424e96f8ef4d227161ef00ff6fdca0e6ffb0a3d57fc78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am
Referer
https://fonts.googleapis.com/

Response headers

age
178033
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 19:57:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 19:57:28 GMT
last-modified
Wed, 08 Nov 2023 20:40:53 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
26880
x-xss-protection
0
server
sffe
favicon.ico
online-loans-consumer-ui.prd.online-loans.ameriabank.am/ 		0
434 B 		Other
General
Check archive.org
Download Go to
Full URL
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.189.13 , Armenia, ASN201063 (ameria-as Ameriabank CJSC, AM),
Reverse DNS
Dgpayapi.ameriabank.am
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/

Response headers

Strict-Transport-Security
max-age=15768000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 16 Nov 2024 21:24:40 GMT
Server
Kestrel
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| bodymovin object| lottie function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __localeData__

5 Cookies

Domain/Path Name / Value
online-loans-consumer-ui.prd.online-loans.ameriabank.am/signin-oidc Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8FFtXiSSHEVKrbkyH5GAhdVpmyrZtipmBeBmHxKhmCGYfHKiOjdccRTUz0c5xLIEAVT4u7zyuqkD1Io5GvZjYgvsbt2FdWZpfqJIz6uqiR9MIixxDwiYzQ6LrHanSw08nwBlPMkbyjiTjY4MqTQ7b_R_nwCAEg0Dzrt3AE0WhHtDYrhfUckaxz3sQnGihrTIn9-9qAtk8N57AqxGDfp1y866gOtT2oH64dXxvpdze8rSFTZuDjX70K1hprqn7i4yg2oKFgFRK1HhbB6WS11SMHw
Value: N
online-loans-consumer-ui.prd.online-loans.ameriabank.am/signin-oidc Name: .AspNetCore.Correlation.DKFe5cUGiU3q8vzMeXt4oPmFOGxLkh3zHXf9W8iS25A
Value: N
.ameriabank.am/ Name: _ga_GKMQVQ0D4D
Value: GS1.1.1731792273.1.0.1731792273.60.0.0
.ameriabank.am/ Name: _ga
Value: GA1.1.1195326412.1731792274
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
network error URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/fonts/icomoon/style.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://online-loans-consumer-ui.prd.online-loans.ameriabank.am/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000