URL: https://uat2.vb2.visualbank.co.uk/
Submission: On September 03 via automatic, source certstream-suspicious

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 3.10.203.197, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is uat2.vb2.visualbank.co.uk.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 3rd 2020. Valid for: 3 months.
This is the only time uat2.vb2.visualbank.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 3.10.203.197 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 217.172.140.141 45014 (HOSTIT-MK...)
1 54.161.26.9 14618 (AMAZON-AES)
14 5
Domain Requested by
10 uat2.vb2.visualbank.co.uk uat2.vb2.visualbank.co.uk
2 vb1.visualbank.co.uk 1 redirects uat2.vb2.visualbank.co.uk
1 stats.pusher.com uat2.vb2.visualbank.co.uk
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com uat2.vb2.visualbank.co.uk
14 5

This site contains no links.

Subject Issuer Validity Valid
uat2.vb2.visualbank.co.uk
Let's Encrypt Authority X3
2020-09-03 -
2020-12-02
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-08-19 -
2020-11-11
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
*.visualbank.co.uk
Sectigo RSA Domain Validation Secure Server CA
2020-08-05 -
2021-08-05
a year crt.sh
*.pusher.com
Gandi Standard SSL CA 2
2020-01-09 -
2021-04-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://uat2.vb2.visualbank.co.uk/
Frame ID: 62D4C256E4BF25565487C9AF018EC405
Requests: 14 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1704 kB
Transfer

7564 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://vb1.visualbank.co.uk/images/logo.png HTTP 302
  • https://vb1.visualbank.co.uk/images/logo.png

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
uat2.vb2.visualbank.co.uk/
856 B
1 KB
Document
General
Full URL
https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cc1c9cb342986fe798815b915224127c5597835d8e075889a7c93d4a43a07cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
uat2.vb2.visualbank.co.uk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
date
Thu, 03 Sep 2020 14:19:13 GMT
set-cookie
XSRF-TOKEN=eyJpdiI6Ik5ENXlnWVdtM1NyVlZaWnpGQWZIQlE9PSIsInZhbHVlIjoiaSs1ajZGdFN0OVhOeGRrZE93bkx1bFVYLy9HbGxDdUVVdWV3bGJyczlVS1ovbzlka1VCNU9MZzliTU9UVlhVbnl5T2JWcWFlRUNPcXNIS1JxaFVXMTJuN1dTbHo3YVkzRXU5TXUxWERoSTBQbit5cUcwbWU2NG9lVUhWTEtLeHYiLCJtYWMiOiI2ZDBhZThmNGFlMTY3OTllY2IyYTUxMjQzN2YwOWQwNWE1MmM0ZjAzYTg1YzgwYjZkMmZlMTdjZTNlZDk4MWE4In0%3D; expires=Thu, 03-Sep-2020 16:19:13 GMT; Max-Age=7200; path=/ visual_bank_20_session=eyJpdiI6InlzM1VqeFJDbnBEM3NJcFJBblhhQWc9PSIsInZhbHVlIjoiUnUxNmUraTZ6WEoveWlUQTd4RlNJbHdaSExFbXpIZU4vRVgrOHFZTTYwSVBzcmpZWU13bXRIRDB4TkhDWGk4cVg2TWxxSmRrblBhNFpPNEJPeGprYlU4UU4ydzBlbXluVjh2VHEvMkJiS2hBL0JwZkE3S1BKNFFEZlFlaldqL2ciLCJtYWMiOiJhN2ZiNDQ2MGU5ZWY2YzQyMzdhMzU1NzcxODQ0Yzc0Y2I0MzEzZGQ2MzNkNTM1MDk4M2M3YWI5MDgyNGVkNzg3In0%3D; expires=Thu, 03-Sep-2020 16:19:13 GMT; Max-Age=7200; path=/; httponly
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
app.css
uat2.vb2.visualbank.co.uk/css/
194 KB
27 KB
Stylesheet
General
Full URL
https://uat2.vb2.visualbank.co.uk/css/app.css
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4a5b4e86d64ab3d422e6b2de7b85ab3a848b87eb5ef33f9a587dded21f210136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 13:38:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f50f1b9-307fb"
vary
Accept-Encoding
content-type
text/css
status
200
x-xss-protection
1; mode=block
modernizr.js
uat2.vb2.visualbank.co.uk/js/
4 KB
2 KB
Script
General
Full URL
https://uat2.vb2.visualbank.co.uk/js/modernizr.js
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4bea7790847eecc0de8477278792c9de786071611542810021df8368b22c523e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 13:38:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f50f1b9-e67"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
x-xss-protection
1; mode=block
app.js
uat2.vb2.visualbank.co.uk/js/
7 MB
1 MB
Script
General
Full URL
https://uat2.vb2.visualbank.co.uk/js/app.js
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
269da130c2cf36e96c14a1138c95eb5760b4f15e656c2e4b84feee3e51a99809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 13:38:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5f50f1b9-6f9118"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
2 KB
626 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b58d5490059a38ce2030dda0ee7328a793fcb05a163ceeea5b38ae4b8504b15b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Sep 2020 12:31:45 GMT
server
ESF
date
Thu, 03 Sep 2020 14:19:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Sep 2020 14:19:13 GMT
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v13/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v13/XRXV3I6Li01BKofINeaBTMnFcQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://uat2.vb2.visualbank.co.uk
Referer
https://fonts.googleapis.com/css?family=Nunito
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 09:03:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 21:54:06 GMT
server
sffe
age
278118
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13992
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:03:55 GMT
logo.png
uat2.vb2.visualbank.co.uk/images/
8 KB
8 KB
Image
General
Full URL
https://uat2.vb2.visualbank.co.uk/images/logo.png
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6f25381ded65b5e53d8f3e4ee0b5f07d743e4e11aaf46383d5094d0d972c16e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 13:38:01 GMT
server
nginx
etag
"5f50f1b9-20d6"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
accept-ranges
bytes
content-length
8406
x-xss-protection
1; mode=block
logo.png
vb1.visualbank.co.uk/images/
Redirect Chain
  • http://vb1.visualbank.co.uk/images/logo.png
  • https://vb1.visualbank.co.uk/images/logo.png
11 KB
11 KB
Image
General
Full URL
https://vb1.visualbank.co.uk/images/logo.png
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
217.172.140.141 Loughton, United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
217-172-140-141.rdns.mkdc.co.uk
Software
Apache/2.4.29 (Fedora) OpenSSL/1.1.0g-fips mod_fcgid/2.3.9 PHP/7.1.13 / PHP/7.1.13
Resource Hash
f98550bd5ac7157c448d4e3d44b990d36a515baef779b60ba23d2763260f2f31

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Thu, 03 Sep 2020 14:19:14 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Fedora) OpenSSL/1.1.0g-fips mod_fcgid/2.3.9 PHP/7.1.13
X-Powered-By
PHP/7.1.13
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=86400
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
10967
Expires
Fri, 04 Sep 2020 14:19:14 GMT

Redirect headers

Location
https://vb1.visualbank.co.uk/images/logo.png
Date
Thu, 03 Sep 2020 14:19:13 GMT
Server
Apache/2.4.29 (Fedora) OpenSSL/1.1.0g-fips mod_fcgid/2.3.9 PHP/7.1.13
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
228
Content-Type
text/html; charset=iso-8859-1
uat2.vb2.visualbank.co.uk
uat2.vb2.visualbank.co.uk/api/client/domain/
709 B
620 B
XHR
General
Full URL
https://uat2.vb2.visualbank.co.uk/api/client/domain/uat2.vb2.visualbank.co.uk
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/js/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b41dcaaaeb9bff988fe801972b9431847224343db06f05f1bdc643c91589afec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Local-uuid
null
X-XSRF-TOKEN
eyJpdiI6Ik5ENXlnWVdtM1NyVlZaWnpGQWZIQlE9PSIsInZhbHVlIjoiaSs1ajZGdFN0OVhOeGRrZE93bkx1bFVYLy9HbGxDdUVVdWV3bGJyczlVS1ovbzlka1VCNU9MZzliTU9UVlhVbnl5T2JWcWFlRUNPcXNIS1JxaFVXMTJuN1dTbHo3YVkzRXU5TXUxWERoSTBQbit5cUcwbWU2NG9lVUhWTEtLeHYiLCJtYWMiOiI2ZDBhZThmNGFlMTY3OTllY2IyYTUxMjQzN2YwOWQwNWE1MmM0ZjAzYTg1YzgwYjZkMmZlMTdjZTNlZDk4MWE4In0=
X-Requested-With
XMLHttpRequest
Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:14 GMT
content-encoding
gzip
status
200
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ratelimit-remaining
599
cache-control
no-cache, private
x-ratelimit-limit
600
x-xss-protection
1; mode=block
x-content-type-options
nosniff
124.jpg
uat2.vb2.visualbank.co.uk/images/login/
45 KB
45 KB
Image
General
Full URL
https://uat2.vb2.visualbank.co.uk/images/login/124.jpg
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3e0da68ae1e325d35d5376bf93e9f938d6d7a3de1cd7f359feaa12376f8bf23c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 13:38:01 GMT
server
nginx
etag
"5f50f1b9-b34f"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
45903
x-xss-protection
1; mode=block
1
stats.pusher.com/timeline/v2/jsonp/
80 B
228 B
Script
General
Full URL
https://stats.pusher.com/timeline/v2/jsonp/1?session=NjkxMjQwNDQy&bundle=MQ%3D%3D&key=ODM4MDAxOTg2M2U3YjMxOTFjM2M%3D&lib=anM%3D&version=NS4wLjM%3D&cluster=ZXU%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE1OTkxNDI3NTQxMDd9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNTk5MTQyNzU0MTA4fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNTk5MTQyNzU0MTA4fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTU5OTE0Mjc1NDEwOH0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTU5OTE0Mjc1NDEwOX0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTU5OTE0Mjc1NDI1NH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIxMjk5MzIuNTQzMjUyMTYifSwidGltZXN0YW1wIjoxNTk5MTQyNzU0MjU1fV0%3D
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.26.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-26-9.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c2887a2a758a79386d8ca17de8743a6215098f649db0598a1b5f38ca462a3c17

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 14:19:14 GMT
Server
nginx
Connection
close
Content-Length
80
Content-Type
application/javascript
447.jpg
uat2.vb2.visualbank.co.uk/images/login/
41 KB
41 KB
Image
General
Full URL
https://uat2.vb2.visualbank.co.uk/images/login/447.jpg
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3ce935a3b2621c3035165a0ff91009c0611cfa23252a431090c12b3651fc11ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 13:38:01 GMT
server
nginx
etag
"5f50f1b9-a3b9"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
41913
x-xss-protection
1; mode=block
766.jpg
uat2.vb2.visualbank.co.uk/images/login/
69 KB
69 KB
Image
General
Full URL
https://uat2.vb2.visualbank.co.uk/images/login/766.jpg
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4d244728446f0ac6eb2286c86b64fa0adc5b16efeee46e820c66cbb2d9742efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 13:38:01 GMT
server
nginx
etag
"5f50f1b9-113d6"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
70614
x-xss-protection
1; mode=block
894.jpg
uat2.vb2.visualbank.co.uk/images/login/
35 KB
35 KB
Image
General
Full URL
https://uat2.vb2.visualbank.co.uk/images/login/894.jpg
Requested by
Host: uat2.vb2.visualbank.co.uk
URL: https://uat2.vb2.visualbank.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.10.203.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-203-197.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ef32d12755ca34ffe2a76292d0343b151e27ef3394b5e4335e4686cb958ca730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uat2.vb2.visualbank.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 14:19:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 13:38:01 GMT
server
nginx
etag
"5f50f1b9-8b8e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
35726
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| Modernizr function| setImmediate function| clearImmediate object| __core-js_shared__ function| Hammer object| FontAwesomeConfig object| ___FONT_AWESOME___ function| tmp function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| html2pdf function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| debouncedLoadFolder function| _ function| axios function| Pusher function| Vue object| router object| Echo

2 Cookies

Domain/Path Name / Value
uat2.vb2.visualbank.co.uk/ Name: visual_bank_20_session
Value: eyJpdiI6InlzM1VqeFJDbnBEM3NJcFJBblhhQWc9PSIsInZhbHVlIjoiUnUxNmUraTZ6WEoveWlUQTd4RlNJbHdaSExFbXpIZU4vRVgrOHFZTTYwSVBzcmpZWU13bXRIRDB4TkhDWGk4cVg2TWxxSmRrblBhNFpPNEJPeGprYlU4UU4ydzBlbXluVjh2VHEvMkJiS2hBL0JwZkE3S1BKNFFEZlFlaldqL2ciLCJtYWMiOiJhN2ZiNDQ2MGU5ZWY2YzQyMzdhMzU1NzcxODQ0Yzc0Y2I0MzEzZGQ2MzNkNTM1MDk4M2M3YWI5MDgyNGVkNzg3In0%3D
uat2.vb2.visualbank.co.uk/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik5ENXlnWVdtM1NyVlZaWnpGQWZIQlE9PSIsInZhbHVlIjoiaSs1ajZGdFN0OVhOeGRrZE93bkx1bFVYLy9HbGxDdUVVdWV3bGJyczlVS1ovbzlka1VCNU9MZzliTU9UVlhVbnl5T2JWcWFlRUNPcXNIS1JxaFVXMTJuN1dTbHo3YVkzRXU5TXUxWERoSTBQbit5cUcwbWU2NG9lVUhWTEtLeHYiLCJtYWMiOiI2ZDBhZThmNGFlMTY3OTllY2IyYTUxMjQzN2YwOWQwNWE1MmM0ZjAzYTg1YzgwYjZkMmZlMTdjZTNlZDk4MWE4In0%3D

15 Console Messages

Source Level URL
Text
console-api warning URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 150664)
Message:
[vue-router] Duplicate named routes definition: { name: "[object Object]", path: "/preview/:shortcode" }
console-api warning URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 150664)
Message:
[vue-router] Duplicate named routes definition: { name: "BrowseFolder", path: "/browse/:folder_id/:asset_id" }
console-api warning URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 150664)
Message:
[vue-router] Duplicate named routes definition: { name: "Search", path: "/search/:folder_id/:keywords" }
console-api warning URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 150664)
Message:
[vue-router] Duplicate named routes definition: { name: "Search", path: "/search/:folder_id/:keywords/:scope/:type" }
console-api warning URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 150664)
Message:
[vue-router] Duplicate named routes definition: { name: "Search", path: "/search/:folder_id/:keywords/:scope/:type/:asset_id" }
console-api warning URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 150664)
Message:
[vue-router] Duplicate named routes definition: { name: "Selection", path: "/selection/:selection_id/:asset_id" }
console-api log URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 167406)
Message:
router [object Object] [object Object]
console-api log URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 167450)
Message:
loading client
console-api log URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 20812)
Message:
created null
console-api info URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 162701)
Message:
Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api info URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 162710)
Message:
You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html
console-api log URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 172237)
Message:
setting client [object Object]
console-api log URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 167453)
Message:
Client loaded
console-api log URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 167463)
Message:
window.Echo = [object Object]
console-api log URL: https://uat2.vb2.visualbank.co.uk/js/app.js(Line 171545)
Message:
resetting folder cache

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block