app.culminatesecurity.com Open in urlscan Pro
44.230.207.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
Submission: On June 12 via api (June 12th 2024, 3:55:02 am UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 44.230.207.135, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is app.culminatesecurity.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 8th 2024. Valid for: a year.

This is the only time app.culminatesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	44.230.207.135 44.230.207.135	16509 (AMAZON-02) (AMAZON-02)
3	18.245.86.4 18.245.86.4	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.75 13.32.121.75	16509 (AMAZON-02) (AMAZON-02)
2	34.211.68.114 34.211.68.114	16509 (AMAZON-02) (AMAZON-02)
3	54.186.181.155 54.186.181.155	16509 (AMAZON-02) (AMAZON-02)
18	5

8 44.230.207.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-207-135.us-west-2.compute.amazonaws.com

app.culminatesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.86.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-4.fra60.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-75.fra60.r.cloudfront.net

sr-client-cfg.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.211.68.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-68-114.us-west-2.compute.amazonaws.com

api-sr.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.181.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-181-155.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3917 sr-client-cfg.amplitude.com — Cisco Umbrella Rank: 61864 api-sr.amplitude.com — Cisco Umbrella Rank: 53173 api2.amplitude.com — Cisco Umbrella Rank: 1426	62 KB
8	culminatesecurity.com app.culminatesecurity.com	1 MB
18	2

	Domain	Requested by
8	app.culminatesecurity.com	app.culminatesecurity.com
3	api2.amplitude.com	cdn.amplitude.com
3	cdn.amplitude.com	app.culminatesecurity.com
2	api-sr.amplitude.com	cdn.amplitude.com
2	sr-client-cfg.amplitude.com	cdn.amplitude.com
18	5

This site contains no links.

Subject Issuer	Validity	Valid
csprod.culminatesecurity.com Amazon RSA 2048 M02	`2024-02-08` - `2025-03-08`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
sr-client-cfg.amplitude.com Amazon RSA 2048 M02	`2024-04-26` - `2025-05-25`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
Frame ID: BC04DC342469EEB6A771A51DDE549861
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Culminate Security

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

5
IPs

1
Countries

1427 kB
Transfer

1747 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request c80b2x-c9cf0940a94a219cb59d85141f47780e Show response
app.culminatesecurity.com/rexprod/quick_login/2/ 3 KB
3 KB 656ms
212ms Document
text/html 44.230.207.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.207.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-207-135.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

64882afd75cae6f40497d2dcc823aba022d522336e3125878f7ba0835e0a44e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 2689
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 12 Jun 2024 03:54:55 GMT
referrer-policy: same-origin
server: gunicorn
vary: Cookie, origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 index-DHq5JGIb.js Show response
app.culminatesecurity.com/assets/ 980 KB
981 KB 627ms
627ms Script
text/javascript 44.230.207.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.culminatesecurity.com/assets/index-DHq5JGIb.js

Requested by

Host: app.culminatesecurity.com
URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.207.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-207-135.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

bc7abac987cf1fd24491f9918e3dee756975d84eab9dd1c0e3076223bf0b2053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
Origin: https://app.culminatesecurity.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:55 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 04 Jun 2024 16:01:51 GMT
server: gunicorn
cross-origin-opener-policy: same-origin
etag: "665f3a6f-f4e63"
vary: origin
x-frame-options: DENY
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 1003107

GET
H2 200 index-BGTxJ4Fs.css
app.culminatesecurity.com/assets/ 196 KB
196 KB 211ms
211ms Stylesheet
text/css 44.230.207.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.culminatesecurity.com/assets/index-BGTxJ4Fs.css

Requested by

Host: app.culminatesecurity.com
URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.207.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-207-135.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

a409561ed06ff601ede32c56681d56e2ddc2c3191b78b75a1be7c2e291c63612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
Origin: https://app.culminatesecurity.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:55 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 04 Jun 2024 16:01:51 GMT
server: gunicorn
cross-origin-opener-policy: same-origin
etag: "665f3a6f-30e04"
vary: origin
x-frame-options: DENY
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 200196

GET
H2 200 analytics-browser-2.7.3-min.js.gz Show response
cdn.amplitude.com/libs/ 67 KB
19 KB 149ms
45ms Script
application/javascript 18.245.86.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-2.7.3-min.js.gz
Requested by: Host: app.culminatesecurity.com
URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-4.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7a7275830f344a6256d0c24dd5bb0dac67c1a42fc29c9898940b0ae1c5d4996

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 09:46:34 GMT
content-encoding: gzip
via: 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
x-amz-version-id: zuDoPFAb0pArIXZnpXUp3_PfpYYsoIWH
x-amz-cf-pop: FRA60-P6
age: 2311701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18481
last-modified: Wed, 15 May 2024 17:00:16 GMT
server: AmazonS3
etag: "8fc39dd5b56ad9756eb1d616723ebfd6"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Rjd5ea01hqzM0eVYZqNKY56MeOKfo0JMNyRK-0-xFALF78iOhd9MNw==

GET
H2 200 plugin-session-replay-browser-1.2.3-min.js.gz Show response
cdn.amplitude.com/libs/ 119 KB
36 KB 182ms
78ms Script
application/javascript 18.245.86.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/plugin-session-replay-browser-1.2.3-min.js.gz
Requested by: Host: app.culminatesecurity.com
URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-4.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8fa8f19b9514e78b973af752b581ba59ebb6fd67c8f25da08b5631d79b155ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:34:39 GMT
content-encoding: gzip
via: 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
x-amz-version-id: k7FdfmevkQURMLfaRAHVNdYXcE2Z45PE
x-amz-cf-pop: FRA60-P6
age: 2272817
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36404
last-modified: Thu, 16 May 2024 00:19:15 GMT
server: AmazonS3
etag: "45965c49ee910b63d5941c12ce337173"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: adX9oLGH6fPAjlf30hXwv2Z3vR19g-b9ldnT3EKSjnILc8TBjhbXNA==

GET
H2 200 plugin-autocapture-browser-0.9.0-min.js.gz Show response
cdn.amplitude.com/libs/ 16 KB
6 KB 152ms
48ms Script
application/javascript 18.245.86.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/plugin-autocapture-browser-0.9.0-min.js.gz
Requested by: Host: app.culminatesecurity.com
URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-4.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e2185de013224da3c72f516b0ae8a4d50c517405ee3401ccd8b55d9eda7788d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 08:37:14 GMT
content-encoding: gzip
via: 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
x-amz-version-id: fCkOgIUARZ6kOupiWOOPJ7dbjqUE3rz4
x-amz-cf-pop: FRA60-P6
age: 4130262
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5959
last-modified: Tue, 23 Apr 2024 17:51:58 GMT
server: AmazonS3
etag: "7187da9daffbd37e239a17e1d5bd4b3c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qbUewzhMr04adUWk_BIZ0Fw-KzD4ksHSM8CxrQBEpZaKLNvNnMfYvA==

GET
H2 200 config Show response
sr-client-cfg.amplitude.com/ 95 B
472 B 462ms
461ms Fetch
application/json 13.32.121.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sr-client-cfg.amplitude.com/config?api_key=dc328a90aaba2b49bb9d9950567e23fc&config_keys=sessionReplay
Requested by: Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/plugin-session-replay-browser-1.2.3-min.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-75.fra60.r.cloudfront.net
Software: /
Resource Hash: d8a428f468aa13afa5d83b76dc960894e9a0c56699eabb61430356329dc6a05b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:56 GMT
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 95
x-amz-cf-id: nm8ewz-keccHKy41gq4bTIDKaU37z-ntGacT3ZTEmg4RbYi6Za9FAA==

OPTIONS
H2 200 config
sr-client-cfg.amplitude.com/ 0
0 563ms
469ms Preflight 13.32.121.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sr-client-cfg.amplitude.com/config?api_key=dc328a90aaba2b49bb9d9950567e23fc&config_keys=sessionReplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-75.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://app.culminatesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-length: 0
date: Wed, 12 Jun 2024 03:54:56 GMT
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-id: GCPpTAPZcmRmQnVQQusJQZbWaRDoKW9CY2EztBanrC8BASAJNWMOTw==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront

POST
H2 401 / Show response
app.culminatesecurity.com/api/token/refresh/ 84 B
438 B 212ms
212ms XHR
application/json 44.230.207.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.culminatesecurity.com/api/token/refresh/

Requested by

Host: app.culminatesecurity.com
URL: https://app.culminatesecurity.com/assets/index-DHq5JGIb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.207.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-207-135.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

683ddd99fa347d7591e33c3a81bc4b473c0b2ccd1165262fd0c33f04801e689f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
user-company: rexprod
X-CSRFToken: CkITMHEYaDJbXMT3Ytukep59X0URHoIp
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:57 GMT
www-authenticate: Bearer realm="api"
x-content-type-options: nosniff
server: gunicorn
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
x-frame-options: DENY
vary: Accept, origin, Cookie
content-type: application/json
allow: POST, OPTIONS
content-length: 84

GET
H2 200 favicon.ico
app.culminatesecurity.com/ 183 KB
184 KB 213ms
212ms Other
image/x-icon 44.230.207.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.culminatesecurity.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.207.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-207-135.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

d14e379c443f77fa5f939e241a04116b7f01fd25b83c7c29cf4e651cb70b0571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:57 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 04 Jun 2024 16:01:50 GMT
server: gunicorn
cross-origin-opener-policy: same-origin
etag: "665f3a6e-2ddbb"
vary: origin
x-frame-options: DENY
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 187835

POST
H2 200 / Show response
app.culminatesecurity.com/api/logout/ 0
311 B 210ms
210ms XHR
text/plain 44.230.207.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.culminatesecurity.com/api/logout/

Requested by

Host: app.culminatesecurity.com
URL: https://app.culminatesecurity.com/assets/index-DHq5JGIb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.207.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-207-135.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
user-company: rexprod
X-CSRFToken: CkITMHEYaDJbXMT3Ytukep59X0URHoIp
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:57 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: gunicorn
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Accept, origin
allow: POST, OPTIONS
content-length: 0

POST
H2 403 / Show response
app.culminatesecurity.com/api/quick_login/ 32 B
255 B 606ms
606ms XHR
text/html 44.230.207.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.culminatesecurity.com/api/quick_login/

Requested by

Host: app.culminatesecurity.com
URL: https://app.culminatesecurity.com/assets/index-DHq5JGIb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.207.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-207-135.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

a334e89bef0eb26df7646ee713928a0205e7f7e7c17856087fc78ddbe8700518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
user-company: rexprod
X-CSRFToken: CkITMHEYaDJbXMT3Ytukep59X0URHoIp
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:58 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: gunicorn
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Accept, origin
content-type: text/html; charset=utf-8
allow: POST, OPTIONS
content-length: 32

OPTIONS
H2 200 track
api-sr.amplitude.com/sessions/v2/ 0
0 628ms
206ms Preflight 34.211.68.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-sr.amplitude.com/sessions/v2/track?device_id=a1a898bc-08f1-4260-92a5-208dda4e901f&session_id=1718164496787&seq_number=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.211.68.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-68-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-client-sample-rate,x-client-url,x-client-version
Access-Control-Request-Method: POST
Origin: https://app.culminatesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-client-sample-rate,x-client-url,x-client-version
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 12 Jun 2024 03:54:58 GMT

POST
H2 200 track Show response
api-sr.amplitude.com/sessions/v2/ 7 B
135 B 618ms
414ms Fetch
text/html 34.211.68.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-sr.amplitude.com/sessions/v2/track?device_id=a1a898bc-08f1-4260-92a5-208dda4e901f&session_id=1718164496787&seq_number=1
Requested by: Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/plugin-session-replay-browser-1.2.3-min.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.211.68.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-68-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Client-Url: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e
X-Client-Version: 0.2.5
sec-ch-ua-mobile: ?0
Authorization: Bearer dc328a90aaba2b49bb9d9950567e23fc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
X-Client-Sample-Rate: 1
Content-Type: application/json
Accept: */*
Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 12 Jun 2024 03:54:58 GMT
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ 0
0 620ms
205ms Preflight 54.186.181.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.186.181.155 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-181-155.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.culminatesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Wed, 12 Jun 2024 03:54:58 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 220ms
220ms Fetch
application/json 54.186.181.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-2.7.3-min.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.186.181.155 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-181-155.us-west-2.compute.amazonaws.com

Software

Resource Hash

2fe2ec5555c60a06bc67ac06d0223a5da25fda9819d288d8fd8046e3df418b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:58 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-66691c12-480258f947a8136816a5744f
content-length: 94

GET
H2 200 favicon.ico
app.culminatesecurity.com/ 183 KB
197 B 210ms
210ms Other
image/x-icon 44.230.207.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.culminatesecurity.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.207.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-207-135.us-west-2.compute.amazonaws.com

Software

gunicorn /

Resource Hash

d14e379c443f77fa5f939e241a04116b7f01fd25b83c7c29cf4e651cb70b0571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://app.culminatesecurity.com/rexprod/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:58 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 16:01:50 GMT
server: gunicorn
cross-origin-opener-policy: same-origin
etag: "665f3a6e-2ddbb"
vary: origin
x-frame-options: DENY
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=0, public
content-length: 187835

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 93 B
308 B 227ms
227ms Fetch
application/json 54.186.181.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-2.7.3-min.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.186.181.155 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-181-155.us-west-2.compute.amazonaws.com

Software

Resource Hash

e262a571376cdd1800172aeff29c918db7adf92475d5d3892b276a6ad1a7ce3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 03:54:59 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-66691c13-2ee69adf0191c5685d197738
content-length: 93

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.culminatesecurity.com/	1970-01-21 06:00:14	Name: csrftoken Value: CkITMHEYaDJbXMT3Ytukep59X0URHoIp
.culminatesecurity.com/	1970-01-21 06:01:40	Name: AMP_MKTG_dc328a90aa Value: JTdCJTdE
.culminatesecurity.com/	1970-01-21 06:01:40	Name: AMP_dc328a90aa Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJhMWE4OThiYy0wOGYxLTQyNjAtOTJhNS0yMDhkZGE0ZTkwMWYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzE4MTY0NDk2Nzg3JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcxODE2NDQ5ODEyOSUyQyUyMmxhc3RFdmVudElkJTIyJTNBMyUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMiU3RA==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.amplitude.com/libs/analytics-browser-2.7.3-min.js.gz, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.amplitude.com/libs/analytics-browser-2.7.3-min.js.gz, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e(Line 32) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.amplitude.com/libs/plugin-session-replay-browser-1.2.3-min.js.gz, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://app.culminatesecurity.com/rexprod/quick_login/2/c80b2x-c9cf0940a94a219cb59d85141f47780e(Line 33) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.amplitude.com/libs/plugin-autocapture-browser-0.9.0-min.js.gz, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://app.culminatesecurity.com/api/token/refresh/ Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://app.culminatesecurity.com/api/quick_login/ Message: Failed to load resource: the server responded with a status of 403 ()
recommendation	verbose	URL: https://app.culminatesecurity.com/rexprod/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-sr.amplitude.com
api2.amplitude.com
app.culminatesecurity.com
cdn.amplitude.com
sr-client-cfg.amplitude.com
13.32.121.75
18.245.86.4
34.211.68.114
44.230.207.135
54.186.181.155
2fe2ec5555c60a06bc67ac06d0223a5da25fda9819d288d8fd8046e3df418b63
64882afd75cae6f40497d2dcc823aba022d522336e3125878f7ba0835e0a44e8
683ddd99fa347d7591e33c3a81bc4b473c0b2ccd1165262fd0c33f04801e689f
9e2185de013224da3c72f516b0ae8a4d50c517405ee3401ccd8b55d9eda7788d
a334e89bef0eb26df7646ee713928a0205e7f7e7c17856087fc78ddbe8700518
a409561ed06ff601ede32c56681d56e2ddc2c3191b78b75a1be7c2e291c63612
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
bc7abac987cf1fd24491f9918e3dee756975d84eab9dd1c0e3076223bf0b2053
d14e379c443f77fa5f939e241a04116b7f01fd25b83c7c29cf4e651cb70b0571
d7a7275830f344a6256d0c24dd5bb0dac67c1a42fc29c9898940b0ae1c5d4996
d8a428f468aa13afa5d83b76dc960894e9a0c56699eabb61430356329dc6a05b
e262a571376cdd1800172aeff29c918db7adf92475d5d3892b276a6ad1a7ce3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fa8f19b9514e78b973af752b581ba59ebb6fd67c8f25da08b5631d79b155ab

app.culminatesecurity.com Open in urlscan Pro 44.230.207.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

5 Subdomains

5 IPs

1 Countries

1427 kBTransfer

1747 kBSize

3 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

3 Cookies

7 Console Messages

Security Headers

Indicators

app.culminatesecurity.com Open in urlscan Pro
44.230.207.135 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

5
IPs

1
Countries

1427 kB
Transfer

1747 kB
Size

3
Cookies

18 HTTP transactions
0 data transactions