ui.bebank-jointaccount.ezbob.com Open in urlscan Pro
13.41.133.66  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ui.bebank-jointaccount.ezbob.com/	700 B 1 KB	212ms 45ms	Document text/html	13.41.133.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ui.bebank-jointaccount.ezbob.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.41.133.66 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-41-133-66.eu-west-2.compute.amazonaws.com Software / Resource Hash 541f196998eebdce2d46a6fbfa218d1ea67cf92ac88c0e0f277f95adb8273aec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, proxy-revalidate content-length 700 content-type text/html; charset=UTF-8 date Tue, 28 Feb 2023 15:41:35 GMT etag W/"2bc-18630ac80e8" expires 0 last-modified Wed, 08 Feb 2023 10:57:37 GMT pragma no-cache strict-transport-security max-age=31536000; includeSubDomains surrogate-control no-store vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	environment.js Show response ui.bebank-jointaccount.ezbob.com/	114 B 567 B	43ms 42ms	Script application/javascript	13.41.133.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ui.bebank-jointaccount.ezbob.com/environment.js Requested by Host: ui.bebank-jointaccount.ezbob.com URL: https://ui.bebank-jointaccount.ezbob.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.41.133.66 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-41-133-66.eu-west-2.compute.amazonaws.com Software / Resource Hash 19ca862f5ed01fcc8f60f7d334578b9b719409b18cf2f9a5c5274a30fd31ef9f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-GB,en;q=0.9 Referer https://ui.bebank-jointaccount.ezbob.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 15:41:35 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff surrogate-control no-store x-dns-prefetch-control off content-length 114 x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 21 Feb 2023 12:38:21 GMT etag W/"72-18673fb6a08" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, proxy-revalidate accept-ranges bytes expires 0
GET H2	200	main.ad6f02bc.js Show response ui.bebank-jointaccount.ezbob.com/static/js/	5 MB 1 MB	82ms 82ms	Script application/javascript	13.41.133.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ui.bebank-jointaccount.ezbob.com/static/js/main.ad6f02bc.js Requested by Host: ui.bebank-jointaccount.ezbob.com URL: https://ui.bebank-jointaccount.ezbob.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.41.133.66 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-41-133-66.eu-west-2.compute.amazonaws.com Software / Resource Hash 889ff2336324b44df7ce51efa489f908500b45079adec99145a8b21a52b98d52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-GB,en;q=0.9 Referer https://ui.bebank-jointaccount.ezbob.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 15:41:35 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip surrogate-control no-store x-dns-prefetch-control off x-xss-protection 1; mode=block pragma no-cache last-modified Wed, 08 Feb 2023 10:57:37 GMT etag W/"507d67-18630ac80e8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, proxy-revalidate accept-ranges bytes expires 0
GET H2	200	main.dffbde77.css ui.bebank-jointaccount.ezbob.com/static/css/	102 KB 38 KB	82ms 81ms	Stylesheet text/css	13.41.133.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ui.bebank-jointaccount.ezbob.com/static/css/main.dffbde77.css Requested by Host: ui.bebank-jointaccount.ezbob.com URL: https://ui.bebank-jointaccount.ezbob.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.41.133.66 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-41-133-66.eu-west-2.compute.amazonaws.com Software / Resource Hash 52674d2a5e62e2aea7c9e9d74d52e674dfd0638c1478365170ec4dbbfac8fc3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-GB,en;q=0.9 Referer https://ui.bebank-jointaccount.ezbob.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 15:41:35 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip surrogate-control no-store x-dns-prefetch-control off x-xss-protection 1; mode=block pragma no-cache last-modified Wed, 08 Feb 2023 10:57:37 GMT etag W/"1990c-18630ac80e8" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, proxy-revalidate accept-ranges bytes expires 0
GET H/1.1	200 OK	wdp.js Show response mpsnare.iesnare.com/5.2.2/	48 KB 22 KB	202ms 51ms	Script text/javascript	54.228.71.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mpsnare.iesnare.com/5.2.2/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=false&flash=false Requested by Host: ui.bebank-jointaccount.ezbob.com URL: https://ui.bebank-jointaccount.ezbob.com/static/js/main.ad6f02bc.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-71-178.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 8ca51a1cc23974c6f09c90d097f8b07b702c7f9b1d1463c04c874ccf77bb870a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer https://ui.bebank-jointaccount.ezbob.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Feb 2023 15:41:36 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip Server nginx Accept-CH ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8 p3p CP="NON DSP COR CURa" Cache-Control no-cache, private Connection keep-alive Expires 0
GET DATA	200 OK	truncated /	353 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/jpeg
GET H/1.1	206 Partial Content	time.mp3 mpsnare.iesnare.com/	504 B 881 B	136ms 49ms	Media audio/mpeg	54.228.71.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mpsnare.iesnare.com/time.mp3?nocache=0.6448899752410275 Requested by Host: ui.bebank-jointaccount.ezbob.com URL: https://ui.bebank-jointaccount.ezbob.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-71-178.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 76a6622adb12c2f7ebe0b678365f2b4c3db5b17435d8cdf3add489d4f8714812 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Referer https://ui.bebank-jointaccount.ezbob.com/ Accept-Encoding identity;q=1, *;q=0 accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Range bytes=0- Response headers Pragma public Date Tue, 28 Feb 2023 15:41:36 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Server nginx Content-Type audio/mpeg Content-Range bytes 0-503/504 Content-Disposition inline; filename=time.mp3 Connection keep-alive Accept-Ranges bytes Content-Length 504 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	500	getAppToken Show response ui.bebank-jointaccount.ezbob.com/	52 B 462 B	523ms 522ms	XHR application/json	13.41.133.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ui.bebank-jointaccount.ezbob.com/getAppToken Requested by Host: ui.bebank-jointaccount.ezbob.com URL: https://ui.bebank-jointaccount.ezbob.com/static/js/main.ad6f02bc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.41.133.66 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-41-133-66.eu-west-2.compute.amazonaws.com Software / Resource Hash c9adef9a0fb6d9b60301b0a5c6de380bca8dee38ab78844b261e2c464d26ac61 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://ui.bebank-jointaccount.ezbob.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 15:41:37 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff surrogate-control no-store x-dns-prefetch-control off content-length 52 x-xss-protection 1; mode=block pragma no-cache etag W/"34-Fwa0sj5AgBcns7euqNFQ+xHSOmA" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, proxy-revalidate expires 0
GET H/1.1	200 OK	logo.js Show response mpsnare.iesnare.com/5.2.2/	477 B 909 B	53ms 50ms	Script text/javascript	54.228.71.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mpsnare.iesnare.com/5.2.2/logo.js Requested by Host: mpsnare.iesnare.com URL: https://mpsnare.iesnare.com/5.2.2/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=false&flash=false Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-71-178.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 63882b08588a9e3e2cc151ed5df69a708ebe1f626e153836e8a0443553e830fe Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer https://ui.bebank-jointaccount.ezbob.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Tue, 28 Feb 2023 15:41:36 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip Last-Modified Tue, 06 May 2014 00:01:40 GMT Server nginx Accept-CH ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8 p3p CP="NON DSP COR CURa" Cache-Control private Connection keep-alive Expires Wed, 28 Feb 2024 15:41:36 GMT
GET H/1.1	206 Partial Content	time.mp3 mpsnare.iesnare.com/	504 B 881 B	91ms 47ms	Media audio/mpeg	54.228.71.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mpsnare.iesnare.com/time.mp3?nocache=0.34751755083160374 Requested by Host: ui.bebank-jointaccount.ezbob.com URL: https://ui.bebank-jointaccount.ezbob.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-71-178.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 76a6622adb12c2f7ebe0b678365f2b4c3db5b17435d8cdf3add489d4f8714812 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Referer https://ui.bebank-jointaccount.ezbob.com/ Accept-Encoding identity;q=1, *;q=0 accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Range bytes=0- Response headers Pragma public Date Tue, 28 Feb 2023 15:41:36 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Server nginx Content-Type audio/mpeg Content-Range bytes 0-503/504 Content-Disposition inline; filename=time.mp3 Connection keep-alive Accept-Ranges bytes Content-Length 504 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	401	/ Show response api2.businessloans.ezbobplatform.co.uk/v1/configuration/external/Ui/	65 B 169 B	70ms 70ms	XHR application/json	2606:4700:4400::6812:2146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api2.businessloans.ezbobplatform.co.uk/v1/configuration/external/Ui/?profile=prod&label=master Requested by Host: ui.bebank-jointaccount.ezbob.com URL: https://ui.bebank-jointaccount.ezbob.com/static/js/main.ad6f02bc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ca464a1c62656532966ab050ca8c1a72b85bdb49d64b217fec85aab0d039810 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://ui.bebank-jointaccount.ezbob.com/ accept-language en-GB,en;q=0.9 Authorization undefined undefined User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Tue, 28 Feb 2023 15:41:37 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-frame-options DENY content-type application/json access-control-allow-origin https://ui.bebank-jointaccount.ezbob.com traceid f04f8cd701e029a6e5ee3e1ade95e7ae cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true cf-ray 7a0a43f458127326-LHR x-xss-protection 1; mode=block expires 0
OPTIONS H2	200	/ api2.businessloans.ezbobplatform.co.uk/v1/configuration/external/Ui/	0 0	286ms 70ms	Preflight	2606:4700:4400::6812:2146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api2.businessloans.ezbobplatform.co.uk/v1/configuration/external/Ui/?profile=prod&label=master Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://ui.bebank-jointaccount.ezbob.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization access-control-allow-methods GET access-control-allow-origin https://ui.bebank-jointaccount.ezbob.com cache-control no-cache, no-store, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 7a0a43f3ef917326-LHR content-length 0 date Tue, 28 Feb 2023 15:41:37 GMT expires 0 pragma no-cache server cloudflare vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| API_HOST string| API_PROTOCOL string| EZ_ENV object| webpackChunkezx function| clearImmediate function| setImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| filterCSS function| filterXSS object| DD_RUM object| systemSettings object| IGLOO object| FontAwesomeConfig object| ___FONT_AWESOME___ object| core function| sdk boolean| _pdfjsCompatibilityChecked object| ezbob object| SDK

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mpsnare.iesnare.com/	1970-01-20 18:45:34	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: SijcEMuHI1fTkg6U/cOqtL9pqvjHxtByVgL2LFDgNPQ=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ui.bebank-jointaccount.ezbob.com/getAppToken Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://api2.businessloans.ezbobplatform.co.uk/v1/configuration/external/Ui/?profile=prod&label=master Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.businessloans.ezbobplatform.co.uk
mpsnare.iesnare.com
ui.bebank-jointaccount.ezbob.com
13.41.133.66
2606:4700:4400::6812:2146
54.228.71.178
0ca464a1c62656532966ab050ca8c1a72b85bdb49d64b217fec85aab0d039810
19ca862f5ed01fcc8f60f7d334578b9b719409b18cf2f9a5c5274a30fd31ef9f
52674d2a5e62e2aea7c9e9d74d52e674dfd0638c1478365170ec4dbbfac8fc3a
541f196998eebdce2d46a6fbfa218d1ea67cf92ac88c0e0f277f95adb8273aec
63882b08588a9e3e2cc151ed5df69a708ebe1f626e153836e8a0443553e830fe
76a6622adb12c2f7ebe0b678365f2b4c3db5b17435d8cdf3add489d4f8714812
889ff2336324b44df7ce51efa489f908500b45079adec99145a8b21a52b98d52
8ca51a1cc23974c6f09c90d097f8b07b702c7f9b1d1463c04c874ccf77bb870a
910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1
c9adef9a0fb6d9b60301b0a5c6de380bca8dee38ab78844b261e2c464d26ac61