urlscan.io logo urlscan.io
SecurityTrails logo

sandbox.billmybank.com Open in urlscan Pro
54.159.35.73  Public Scan

Go To Rescan Add Verdict Report
URL: https://sandbox.billmybank.com/
Submission: On June 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 54.159.35.73, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sandbox.billmybank.com.
TLS certificate: Issued by Amazon on July 14th 2021. Valid for: a year.
This is the only time sandbox.billmybank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 54.159.35.73 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.79.242.232 22822 (LLNW)
2 104.18.70.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 162.159.138.6 13335 (CLOUDFLAR...)
15 8
5    54.159.35.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-35-73.compute-1.amazonaws.com
sandbox.billmybank.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    178.79.242.232 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-232.fra.llnw.net
cdn.yodlee.com
2    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    162.159.138.6 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zendesk.com
zodaka.zendesk.com
Apex Domain
Subdomains		 Transfer
5 billmybank.com
sandbox.billmybank.com
391 KB
2 zendesk.com
ekr.zendesk.com — Cisco Umbrella Rank: 3409
zodaka.zendesk.com
2 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1902
81 KB
2 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 314
55 KB
1 gstatic.com
www.gstatic.com
146 KB
1 yodlee.com
cdn.yodlee.com — Cisco Umbrella Rank: 90671
4 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 4
968 B
0 zodaka.com Failed
assets.zodaka.com Failed
15 8
Domain Requested by
5 sandbox.billmybank.com sandbox.billmybank.com
2 static.zdassets.com sandbox.billmybank.com
static.zdassets.com
2 maps.googleapis.com sandbox.billmybank.com
maps.googleapis.com
1 zodaka.zendesk.com static.zdassets.com
1 ekr.zendesk.com static.zdassets.com
1 www.gstatic.com www.google.com
1 cdn.yodlee.com sandbox.billmybank.com
1 www.google.com sandbox.billmybank.com
0 assets.zodaka.com Failed sandbox.billmybank.com
15 9

This site contains links to these domains. Also see Links.

Domain
account.billmybank.com
Subject Issuer Validity Valid
sandbox.billmybank.com
Amazon		 2021-07-14 -
2022-08-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
static.moneycenter.yodlee.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-30 -
2022-08-30		 a year crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2022-06-08 -
2022-12-15		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
zendesk.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2022-07-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://sandbox.billmybank.com/
Frame ID: 9EE37CBD239E0BC844917F3531D95E3A
Requests: 19 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Frame ID: 053C19ED94EC735C73A1CC8E7106E8E8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bill My Bank

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]+semantic(?:\.min)\.css"
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

15
Requests

93 %
HTTPS

43 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

680 kB
Transfer

2084 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sandbox.billmybank.com/ 		15 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sandbox.billmybank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.35.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-35-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
179da36c63e2e4301f95ef4fda71e7c362ca6e1520be24555b802735b0e5934f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
81977
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Tue, 14 Jun 2022 04:01:29 GMT
etag
W/"02cb1e2e23a0432fb4793c0597e031f2"
last-modified
Fri, 11 Sep 2020 20:11:56 GMT
server
nginx/1.18.0
vary
Accept-Encoding
via
1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront)
x-amz-cf-id
JeK64LuuXeH4xfG1equwjC5jy7bMacEmKj__JzDgcvpYgFikoQOBCQ==
x-amz-cf-pop
IAD89-P2
x-cache
Hit from cloudfront
x-debug-client
client
x-debug-repo
sandbox
x-debug-resource
/index.html
x-debug-vendor
bmb
semantic.min.css
assets.zodaka.com/css/semantic-ui/2.0/ 		0
0
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: sandbox.billmybank.com
URL: https://sandbox.billmybank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfb6795a9ca2b442ca3364e40c39bbc6ce3b91ff6971d935b98377028dec9e31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Tue, 14 Jun 2022 04:01:29 GMT
modernizr-custom.min.js
sandbox.billmybank.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.billmybank.com/modernizr-custom.min.js
Requested by
Host: sandbox.billmybank.com
URL: https://sandbox.billmybank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.35.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-35-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
597e16a4ed40456f7992b31dca7dff01b43c9d87b4649ab9f4f346fe6d356f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:30 GMT
via
1.1 41498907366f3804198b1abc90c08490.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
x-debug-vendor
bmb
x-cache
Miss from cloudfront
content-encoding
gzip
x-debug-client
client
last-modified
Fri, 11 Sep 2020 20:11:56 GMT
server
nginx/1.18.0
etag
W/"96dfbefd6ca6c910bd45e69100fc6904"
x-debug-repo
sandbox
vary
Accept-Encoding
content-type
application/javascript
x-debug-resource
/modernizr-custom.min.js
cache-control
no-store
x-amz-cf-id
LYoGycWWxp6rhdNW28YaMHqpZlf3jHM-4yoj1Pf9hF1ELl5OP3URMw==
js
maps.googleapis.com/maps/api/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAr_umLXiPHSUCO6EIPEpG4P-p1krtbjpQ&libraries=places&language=en
Requested by
Host: sandbox.billmybank.com
URL: https://sandbox.billmybank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
471dd7dd10fbb7a38117e356645117c46f76543c938262bd6867d33faf8637bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:29 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=29
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55729
x-xss-protection
0
expires
Tue, 14 Jun 2022 04:31:29 GMT
initialize.js
cdn.yodlee.com/fastlink/v2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yodlee.com/fastlink/v2/initialize.js
Requested by
Host: sandbox.billmybank.com
URL: https://sandbox.billmybank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.242.232 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-232.fra.llnw.net
Software
/
Resource Hash
3e4d9362e48952820c854abd33d63cb8c322251e0b84288592a0196685c0238d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 04:01:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Aug 2019 09:23:30 GMT
Age
67654
X-Agile-Request-Id
a1a94344931fd634f6cf6e9d95ca2a76, 0364303ba179d14c877ae92f0c9a302b
Vary
Accept-Encoding
Content-Type
application/javascript
X-Agile-Checksum
3e4d9362e48952820c854abd33d63cb8c322251e0b84288592a0196685c0238d
X-Agile-Source
69.28.134.157:1987
X-Agile-Brick-Id
480531658
Accept-Ranges
bytes
Content-Length
3588
X-LLID
5813bf8f27582239caf6c79777900b00
main.7c82b284.css
sandbox.billmybank.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sandbox.billmybank.com/static/css/main.7c82b284.css
Requested by
Host: sandbox.billmybank.com
URL: https://sandbox.billmybank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.35.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-35-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
171ff7c1c7ebc4841aa45e3fcb4ea879cb9e875ab1f1eb2e83044a564d1fd8cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:29 GMT
via
1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
x-debug-vendor
bmb
x-cache
Miss from cloudfront
content-encoding
gzip
x-debug-client
client
last-modified
Fri, 11 Sep 2020 20:11:56 GMT
server
nginx/1.18.0
etag
W/"68616aa8129b5ebf5545ec5d8a57e68b"
x-debug-repo
sandbox
vary
Accept-Encoding
content-type
text/css
x-debug-resource
/static/css/main.7c82b284.css
cache-control
no-store
x-amz-cf-id
8FdTiG3NtA314PTvauXaJk7Tn6Rw6Ce5DtiBUZGBmc5GDtAAdBABAg==
snippet.js
static.zdassets.com/ekr/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=f6687dd3-0395-4965-a441-f13aa2034dc7
Requested by
Host: sandbox.billmybank.com
URL: https://sandbox.billmybank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e07277eb0136bd57fe5662925d0ed5356a9999dc9462df7f2dfef921a0b577
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-request-id
AR835XB2Z25RSRCT
x-amz-id-2
9CbLM0gi7vhnezkPXuJAaMWQ3g8tmwJyJJc/JY/bvYdgkHpNdTous4C9JiUoP+uIZ1pluHp0tp8=
last-modified
Tue, 14 Jun 2022 01:03:31 GMT
server
cloudflare
etag
W/"e343ddd50d7fc5210b4e9a1a183fe3a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIOrJzcRH%2BVVZwQQ5mPqNCAMx7Oo72FoDB9HrocMMTsTrNyq31W3GXWvo3%2F2WtmKSAFv6GU40Rcezrmz48oVxOPlc0V3eXEMILzg4EVvrBn08KHr1wwmV8Rqx%2B3eevImOqKJsAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
oZeyrfm9jV5RG2v5VUoNv5YiqWsF1HJB
cf-ray
71b02a41d9e69b21-FRA
main.da9b64d6.js
sandbox.billmybank.com/static/js/ 		1 MB
360 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.billmybank.com/static/js/main.da9b64d6.js
Requested by
Host: sandbox.billmybank.com
URL: https://sandbox.billmybank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.35.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-35-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
00b367f761dae82bbacc10e8f50f70569aa3f5127bd5016ad4a9b7e4e65265b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:29 GMT
via
1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
x-debug-vendor
bmb
x-cache
Miss from cloudfront
content-encoding
gzip
x-debug-client
client
last-modified
Fri, 11 Sep 2020 20:11:56 GMT
server
nginx/1.18.0
etag
W/"98602ecbea5fbb9c62b67824f598cb79"
x-debug-repo
sandbox
vary
Accept-Encoding
content-type
application/javascript
x-debug-resource
/static/js/main.da9b64d6.js
cache-control
no-store
x-amz-cf-id
fDiVDsUisgpiA5J6ythDuiqJFoVpntwjhRENaWfzty6QENT1OiAlMA==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ 		367 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sandbox.billmybank.com/
Origin
https://sandbox.billmybank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 18:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148524
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 18:20:53 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/webp
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAr_umLXiPHSUCO6EIPEpG4P-p1krtbjpQ&libraries=places&language=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sandbox.billmybank.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5bfb273404007033b3aabb3e95cee5653d1c535e3d11273424964ac01ce3743

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
show_password-512w.82d8b524.png
sandbox.billmybank.com/static/media/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandbox.billmybank.com/static/media/show_password-512w.82d8b524.png
Requested by
Host: sandbox.billmybank.com
URL: https://sandbox.billmybank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.35.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-35-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8d6a78a6f068b6c00132d0a44a331c646eab7301907647eb999bcbdb55bf2625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:32 GMT
via
1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P2
x-debug-vendor
bmb
x-cache
Miss from cloudfront
content-length
17085
x-debug-client
client
last-modified
Fri, 11 Sep 2020 20:11:56 GMT
server
nginx/1.18.0
etag
"82d8b52410be874b066f82e728623e3f"
x-debug-repo
sandbox
content-type
image/png
x-debug-resource
/static/media/show_password-512w.82d8b524.png
cache-control
no-store
accept-ranges
bytes
x-amz-cf-id
glkDdSj5HzoXGKUJt2ZhoHX7_TbdpTB9iLR_LScCv5SqmJU4iFAnQA==
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edcc2606e3c862a27352751bd8e7b81175a82c0e800bc66d32f8513e20106d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
f6687dd3-0395-4965-a441-f13aa2034dc7
ekr.zendesk.com/compose/ 		329 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zendesk.com/compose/f6687dd3-0395-4965-a441-f13aa2034dc7
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f6687dd3-0395-4965-a441-f13aa2034dc7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7452329a181fea29bf9d27dd1dacbaeba22e851c0093017756047a28840299af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sandbox.billmybank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
cf-ray
71b02a4f5a979a35-FRA
status
200 OK
x-envoy-upstream-service-time
4
access-control-allow-methods
GET, POST, OPTIONS
vary
Origin, Accept-Encoding
x-zendesk-zorg
yes
x-request-id
1662de9c253b0e229403631eed69c751, 1662de9c253b0e229403631eed69c751
x-runtime
0.003237
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7452329a181fea29bf9d27dd1dacbaeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLxpPGZI%2FY2QnRIFXscuBRzEhyNQC1q%2BVNr1%2FrnMCStwhTZAQKvnx8zP2ZqYGz4tOiVDQL7xZOxxOoFnIrs%2Fa1PNoHX2QEySSqBilRf4RZV3mIRpZx0Q3N77rLMvbo%2BDOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
access-control-expose-headers
web-widget-framework-7e6e850c2ae905f5475f.js
static.zdassets.com/web_widget/latest/ Frame 053C 		213 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f6687dd3-0395-4965-a441-f13aa2034dc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834e5a6b0507da437180f737d73900f3dbda7183bd2ceb132391a1c92fff6efa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 04:01:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
625639
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
6V5E3FWMDDRH7X7W
x-amz-id-2
um5Ngi54oDB2dOi9kJfKZwL7l/tafzRif3w2sgm7z6F+LHashHGsLHZDP42Fw/73imjQJl0IMBE=
last-modified
Fri, 27 May 2022 02:22:43 GMT
server
cloudflare
etag
W/"ddbee94259dd9ab3c67c114e8f283805"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvfibVm%2BwLpbH5KSFwxDSIm3Nh8r%2BPoJZAqmaNU19QW%2Bths9KEFvFA%2BHDqLgSshjYcPDWhdrDLXWpiW3egosbjEErYCEJRSDbdIDDebQ%2F44Z%2BJqNnoJSzd%2F2kUy8il4CfoGMCdg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7qGyRMHiBfk22ejuxeMRkVraHfSrSyOj
cf-ray
71b02a50ddb89b21-FRA
expires
Sat, 27 May 2023 02:22:42 GMT
config
zodaka.zendesk.com/embeddable/ Frame 053C 		15 B
726 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zodaka.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7e6e850c2ae905f5475f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Tue, 14 Jun 2022 04:01:32 GMT
x-envoy-decorator-operation
embeddable.embeddable.svc.cluster.local:80/*
vary
Origin, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-5956b89884-mgdv5
x-envoy-upstream-service-time
10
zendesk-api-version
2022-01-01, 2022-01-01
strict-transport-security
max-age=0;
content-encoding
br
x-zendesk-zorg
yes
x-request-id
71b02a51ad3b9a35-FRA, 71b02a51ad3b9a35-FRA
x-runtime
0.007190
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpunNk%2FWJzR93Q1JqcU%2FbGHUCI%2FTfAsgrSCut3zIC0fnxS0ljfjt0sIjMEvMdEEzWyqlTPB3pBiiH2Eg1KTWu3ck%2BrxGSCQpdWvU6cXUZrjJfggq0j9c23BDVCCE8n%2BfKsvyLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=3600
cf-ray
71b02a51ad3b9a35-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.zodaka.com
URL
https://assets.zodaka.com/css/semantic-ui/2.0/semantic.min.css

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Modernizr object| recaptcha object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| a function| b object| fastlink object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings object| scCGSHMRCache function| _ boolean| zEACLoaded

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://assets.zodaka.com/css/semantic-ui/2.0/semantic.min.css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://zodaka.zendesk.com/embeddable/config
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zodaka.com
cdn.yodlee.com
ekr.zendesk.com
maps.googleapis.com
sandbox.billmybank.com
static.zdassets.com
www.google.com
www.gstatic.com
zodaka.zendesk.com
assets.zodaka.com
104.18.70.113
162.159.138.6
178.79.242.232
2a00:1450:4001:80e::2004
2a00:1450:4001:828::2003
2a00:1450:4001:830::200a
54.159.35.73
00b367f761dae82bbacc10e8f50f70569aa3f5127bd5016ad4a9b7e4e65265b7
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
171ff7c1c7ebc4841aa45e3fcb4ea879cb9e875ab1f1eb2e83044a564d1fd8cb
179da36c63e2e4301f95ef4fda71e7c362ca6e1520be24555b802735b0e5934f
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3e4d9362e48952820c854abd33d63cb8c322251e0b84288592a0196685c0238d
42e07277eb0136bd57fe5662925d0ed5356a9999dc9462df7f2dfef921a0b577
471dd7dd10fbb7a38117e356645117c46f76543c938262bd6867d33faf8637bb
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
597e16a4ed40456f7992b31dca7dff01b43c9d87b4649ab9f4f346fe6d356f6b
7452329a181fea29bf9d27dd1dacbaeba22e851c0093017756047a28840299af
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
834e5a6b0507da437180f737d73900f3dbda7183bd2ceb132391a1c92fff6efa
8d6a78a6f068b6c00132d0a44a331c646eab7301907647eb999bcbdb55bf2625
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d5bfb273404007033b3aabb3e95cee5653d1c535e3d11273424964ac01ce3743
dfb6795a9ca2b442ca3364e40c39bbc6ce3b91ff6971d935b98377028dec9e31
edcc2606e3c862a27352751bd8e7b81175a82c0e800bc66d32f8513e20106d6b