backoffice.ab.stage.pjli.nextbank.cloud Open in urlscan Pro
2600:9000:237d:ae00:16:a93d:fd40:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://backoffice.ab.stage.pjli.nextbank.cloud/
Submission: On May 27 via api (May 27th 2024, 7:42:10 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2600:9000:237d:ae00:16:a93d:fd40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is backoffice.ab.stage.pjli.nextbank.cloud.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 27th 2024. Valid for: a year.

This is the only time backoffice.ab.stage.pjli.nextbank.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2600:9000:237... 2600:9000:237d:ae00:16:a93d:fd40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
4	2406:da18:807... 2406:da18:807:bd01:dcb:7838:2b33:ce1d	16509 (AMAZON-02) (AMAZON-02)
16	6

3 2600:9000:237d:ae00:16:a93d:fd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

backoffice.ab.stage.pjli.nextbank.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:da18:807:bd01:dcb:7838:2b33:ce1d (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

cognito-identity.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	amazonaws.com cognito-identity.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 108378	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
3	nextbank.cloud backoffice.ab.stage.pjli.nextbank.cloud	4 KB
16	3

	Domain	Requested by
4	cognito-identity.ap-southeast-1.amazonaws.com	backoffice.ab.stage.pjli.nextbank.cloud
3	backoffice.ab.stage.pjli.nextbank.cloud	backoffice.ab.stage.pjli.nextbank.cloud
2	www.gstatic.com	backoffice.ab.stage.pjli.nextbank.cloud www.gstatic.com
1	fonts.gstatic.com	backoffice.ab.stage.pjli.nextbank.cloud
16	4

This site contains no links.

Subject Issuer	Validity	Valid
backoffice.ab.stage.pjli.nextbank.cloud Amazon RSA 2048 M02	`2024-05-27` - `2025-06-26`	a year	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cognito-identity.ap-southeast-1.amazonaws.com Amazon RSA 2048 M03	`2024-04-08` - `2025-05-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://backoffice.ab.stage.pjli.nextbank.cloud/
Frame ID: CCBBB59D189246FCAFF61F74626AB2A2
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cebuana Lhuillier

Page Statistics

16
Requests

63 %
HTTPS

80 %
IPv6

3
Domains

4
Subdomains

6
IPs

3
Countries

1606 kB
Transfer

9322 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
backoffice.ab.stage.pjli.nextbank.cloud/ 2 KB
1 KB 581ms
434ms Document
text/html 2600:9000:237d:ae00:16:a93d:fd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ae00:16:a93d:fd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffad6d3d86f28910314a5a79af3fef498109b4d010ce2eb7dd0f55c18afd9e61

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 27 May 2024 07:42:07 GMT
etag: W/"c82511557e227f42f2657585844e7723"
last-modified: Mon, 27 May 2024 03:56:35 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
x-amz-cf-id: DrHRutlDBnefksx3SVxzOzdBMH1tcuW4Q8HqJCMbhWgo4pnvus5iYA==
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 flutter.js Show response
backoffice.ab.stage.pjli.nextbank.cloud/ 4 KB
2 KB 49ms
49ms Script
application/javascript 2600:9000:237d:ae00:16:a93d:fd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/flutter.js
Requested by: Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ae00:16:a93d:fd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abb5c407db14908c2af56263bff34c683be228a5e22c384d7a6b852e731f466a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 03:57:22 GMT
content-encoding: gzip
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 03:56:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 13484
etag: W/"c71a09214cb6f5f8996a531350400a9a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: G4v2lchO0UrozIzto63PyOXwniKw4qU26Q7Ux4QMRDQm_ZQl4K-YXw==

GET
H2 200 favicon.png
backoffice.ab.stage.pjli.nextbank.cloud/ 917 B
1 KB 62ms
61ms Other
image/png 2600:9000:237d:ae00:16:a93d:fd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ae00:16:a93d:fd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ab2525f4b86b65d3e4c70358a17e5a1aaf6f437f99cbcc046dad73d59bb9015

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 03:57:23 GMT
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 03:56:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 13484
etag: "5dcef449791fa27946b3d35ad8803796"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 917
x-amz-cf-id: EOam5w4cL6cvPn1vpzcz48GIp9Iok9t8ch2oKwexT_zb7LI5lriJtQ==

GET
H2 200 main.dart.js Show response
backoffice.ab.stage.pjli.nextbank.cloud/ 3 MB
0 1ms
1ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js
Requested by: Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/flutter.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c91c016a7dcda30224eb76d921462e11a4480d0db7941efcd7628d4ac5d08be

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 03:57:23 GMT
content-encoding: gzip
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 03:56:35 GMT
server: AmazonS3
age: 13483
x-amz-cf-pop: MUC50-P2
etag: W/"0be111680721a95498016a04b965ecd8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: w-smOKB6rONZ91VF3QcPCu4EkTWko_O38-l3krg8lKM52NfUt9Lklg==

GET
H2 200 canvaskit.js Show response
www.gstatic.com/flutter-canvaskit/e76c956498841e1ab458577d3892003e553e4f3c/chromium/ 91 KB
26 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/e76c956498841e1ab458577d3892003e553e4f3c/chromium/canvaskit.js

Requested by

Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7899cf1ba7169981ba66817b913f303bd7f8cfa8f99c9997ba98b4e404a00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 362818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26009
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 21:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 May 2025 02:55:09 GMT

GET
H2 200 FontManifest.json Show response
backoffice.ab.stage.pjli.nextbank.cloud/assets/ 293 B
0 1ms
1ms Fetch
application/json

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/assets/FontManifest.json
Requested by: Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4c4f0d4dee8504c596e55ee5db92c03f53351bb4b1297636afe198e82c45f40

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:41:21 GMT
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 03:56:31 GMT
server: AmazonS3
age: 46
x-amz-cf-pop: MUC50-P2
etag: "fc92ea2ea9642d687e144a67b6360fab"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
accept-ranges: bytes
content-length: 293
x-amz-cf-id: DL7g6dBVCh4Y19_Mkc-0vUmi1_nqutmu5j3tg33Dn_41AZKS3-5S7Q==

GET
H2 200 MaterialIcons-Regular.otf Show response
backoffice.ab.stage.pjli.nextbank.cloud/assets/fonts/ 8 KB
0 54ms
54ms Fetch
binary/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/assets/fonts/MaterialIcons-Regular.otf
Requested by: Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78f73360b1daf37477e5d0d02015a9d2f3c950b7cb72f6b9e3b223697eccd956

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:41:23 GMT
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 03:56:31 GMT
server: AmazonS3
age: 45
x-amz-cf-pop: MUC50-P2
etag: "1893a8fcd3f7d5a199d69b4387280222"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 8192
x-amz-cf-id: x7e0FjH2T35cPeRbfk8gkvpNoZLmgi2vF7t-MpFQr-X8jqIaXVrPWQ==

GET
H2 200 Nunito-Regular.ttf Show response
backoffice.ab.stage.pjli.nextbank.cloud/assets/lib/assets/fonts/ 129 KB
0 57ms
57ms Fetch
binary/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/assets/lib/assets/fonts/Nunito-Regular.ttf
Requested by: Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea59b5f005e3881cc0bfc6e65031012bf487cb10af7509a96b9b4a134dbc534c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:41:23 GMT
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 03:56:31 GMT
server: AmazonS3
age: 45
x-amz-cf-pop: MUC50-P2
etag: "b83ce9c59c73ade26bb7871143fd76bb"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 132204
x-amz-cf-id: 34AhlnGnqP5G_6E8kdJC2l3haliJ4TjY3iuE6xcI6BvAP2tXA83DxA==

GET
H2 200 Nunito-SemiBold.ttf Show response
backoffice.ab.stage.pjli.nextbank.cloud/assets/lib/assets/fonts/ 129 KB
0 52ms
52ms Fetch
binary/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/assets/lib/assets/fonts/Nunito-SemiBold.ttf
Requested by: Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42b3f1e64e615cec178fee5121189849e45063b8b7bea811b0814af8e1cea75

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:41:23 GMT
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 03:56:31 GMT
server: AmazonS3
age: 45
x-amz-cf-pop: MUC50-P2
etag: "38257ec36f55676f98fcdf1264adb69d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 132156
x-amz-cf-id: QVJfm95V4E3qFrPzr1YezGTOuuXvpFquezuv9ZdRA2AxnTmu-rTy1g==

GET
H2 200 Nunito-Bold.ttf Show response
backoffice.ab.stage.pjli.nextbank.cloud/assets/lib/assets/fonts/ 129 KB
0 53ms
53ms Fetch
binary/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: https://backoffice.ab.stage.pjli.nextbank.cloud/assets/lib/assets/fonts/Nunito-Bold.ttf
Requested by: Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f82add5c2ff09c835a8a60d8fb6d6a7f2d6f712d2e98d65a3744053c9bcc8bbf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:41:23 GMT
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 03:56:31 GMT
server: AmazonS3
age: 45
x-amz-cf-pop: MUC50-P2
etag: "ba43cdecf9625c0dcec567ba29555e15"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 132152
x-amz-cf-id: imEKc7k5rVFnQq-QPm6SAfi9Qe4haNX5vzj0H0P-OHzjhZSjjJLvRA==

GET
H2 200 KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf Show response
fonts.gstatic.com/s/roboto/v20/ 167 KB
90 KB 178ms
89ms Fetch
font/ttf 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf

Requested by

Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 04:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91230
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 May 2025 04:27:42 GMT

GET
H3 200 canvaskit.wasm Show response
www.gstatic.com/flutter-canvaskit/e76c956498841e1ab458577d3892003e553e4f3c/chromium/ 5 MB
1 MB 172ms
41ms Fetch
application/wasm 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/e76c956498841e1ab458577d3892003e553e4f3c/chromium/canvaskit.wasm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/flutter-canvaskit/e76c956498841e1ab458577d3892003e553e4f3c/chromium/canvaskit.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

sffe /

Resource Hash

f48a5148fbb35eea35ccbdbaa4cbf2f3bcffd1fa87cf6c21ac134e4a203914a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 00:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1519369
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 21:06:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: application/wasm
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 May 2025 00:06:51 GMT

POST
H2 400 / Show response
cognito-identity.ap-southeast-1.amazonaws.com/ 223 B
662 B 360ms
359ms Fetch
application/x-amz-json-1.1 2406:da18:807:bd01:dcb:7838:2b33:ce1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.ap-southeast-1.amazonaws.com/?

Requested by

Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:da18:807:bd01:dcb:7838:2b33:ce1d Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

37177c531cddd82a35a7d592cddf57f205ba0bb5ff4acba1486fe93517ff3d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1
amz-sdk-invocation-id: 77373371-3cbf-4255-9671-d81e3d1ef838
Cache-Control: no-store
amz-sdk-request: attempt=1; max=3
X-Amz-Target: AWSCognitoIdentityService.GetId
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
X-Amz-User-Agent: amplify-flutter/1.6.3 Chrome/125.0.0.0 Auth/6 aws-sdk-dart/0.3.1
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:42:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-errortype: ValidationException:
x-amzn-requestid: 95d51a29-1ff8-4c35-899b-573c6bd03d94
content-type: application/x-amz-json-1.1
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-errormessage: 1 validation error detected: Value 'ap-southeast-1_BvdPyq8XS' at 'identityPoolId' failed to satisfy constraint: Member must satisfy regular expression pattern: [\w-]+:[0-9a-f-]+
content-length: 223

OPTIONS
H2 200 /
cognito-identity.ap-southeast-1.amazonaws.com/ 0
0 1084ms
360ms Preflight 2406:da18:807:bd01:dcb:7838:2b33:ce1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.ap-southeast-1.amazonaws.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:da18:807:bd01:dcb:7838:2b33:ce1d Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,cache-control,content-type,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://backoffice.ab.stage.pjli.nextbank.cloud
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,cache-control,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Mon, 27 May 2024 07:42:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: eb136231-3d67-44f3-acec-202e0c853f23

POST
H2 400 / Show response
cognito-identity.ap-southeast-1.amazonaws.com/ 223 B
662 B 361ms
360ms Fetch
application/x-amz-json-1.1 2406:da18:807:bd01:dcb:7838:2b33:ce1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.ap-southeast-1.amazonaws.com/?

Requested by

Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:da18:807:bd01:dcb:7838:2b33:ce1d Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

37177c531cddd82a35a7d592cddf57f205ba0bb5ff4acba1486fe93517ff3d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1
amz-sdk-invocation-id: b1e1f8bb-f14f-4cb6-a102-fc48424c7b6b
Cache-Control: no-store
amz-sdk-request: attempt=1; max=3
X-Amz-Target: AWSCognitoIdentityService.GetId
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
X-Amz-User-Agent: amplify-flutter/1.6.3 Chrome/125.0.0.0 Auth/6 aws-sdk-dart/0.3.1
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:42:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-errortype: ValidationException:
x-amzn-requestid: 8bfd73a6-bedb-499a-91dd-d08bd4197a53
content-type: application/x-amz-json-1.1
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-errormessage: 1 validation error detected: Value 'ap-southeast-1_BvdPyq8XS' at 'identityPoolId' failed to satisfy constraint: Member must satisfy regular expression pattern: [\w-]+:[0-9a-f-]+
content-length: 223

POST
H2 400 /
cognito-identity.ap-southeast-1.amazonaws.com/ 223 B
661 B 364ms
363ms Fetch
application/x-amz-json-1.1 2406:da18:807:bd01:dcb:7838:2b33:ce1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.ap-southeast-1.amazonaws.com/?

Requested by

Host: backoffice.ab.stage.pjli.nextbank.cloud
URL: https://backoffice.ab.stage.pjli.nextbank.cloud/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:da18:807:bd01:dcb:7838:2b33:ce1d Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1
amz-sdk-invocation-id: 9945a606-3715-4709-b88f-cca7e95ddcbe
Cache-Control: no-store
amz-sdk-request: attempt=1; max=3
X-Amz-Target: AWSCognitoIdentityService.GetId
Referer: https://backoffice.ab.stage.pjli.nextbank.cloud/
X-Amz-User-Agent: amplify-flutter/1.6.3 Chrome/125.0.0.0 Auth/6 aws-sdk-dart/0.3.1
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:42:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-errortype: ValidationException:
x-amzn-requestid: 028a7a94-956d-4261-a95b-3c87c1ffc12d
content-type: application/x-amz-json-1.1
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-errormessage: 1 validation error detected: Value 'ap-southeast-1_BvdPyq8XS' at 'identityPoolId' failed to satisfy constraint: Member must satisfy regular expression pattern: [\w-]+:[0-9a-f-]+
content-length: 223

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _flutter function| CanvasKitInit object| flutterCanvasKit

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cognito-identity.ap-southeast-1.amazonaws.com/? Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cognito-identity.ap-southeast-1.amazonaws.com/? Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cognito-identity.ap-southeast-1.amazonaws.com/? Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backoffice.ab.stage.pjli.nextbank.cloud
cognito-identity.ap-southeast-1.amazonaws.com
fonts.gstatic.com
www.gstatic.com
216.58.206.35
2406:da18:807:bd01:dcb:7838:2b33:ce1d
2600:9000:237d:ae00:16:a93d:fd40:93a1
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
37177c531cddd82a35a7d592cddf57f205ba0bb5ff4acba1486fe93517ff3d44
4c91c016a7dcda30224eb76d921462e11a4480d0db7941efcd7628d4ac5d08be
78f73360b1daf37477e5d0d02015a9d2f3c950b7cb72f6b9e3b223697eccd956
7ab2525f4b86b65d3e4c70358a17e5a1aaf6f437f99cbcc046dad73d59bb9015
abb5c407db14908c2af56263bff34c683be228a5e22c384d7a6b852e731f466a
e42b3f1e64e615cec178fee5121189849e45063b8b7bea811b0814af8e1cea75
ea59b5f005e3881cc0bfc6e65031012bf487cb10af7509a96b9b4a134dbc534c
ed7899cf1ba7169981ba66817b913f303bd7f8cfa8f99c9997ba98b4e404a00f
f48a5148fbb35eea35ccbdbaa4cbf2f3bcffd1fa87cf6c21ac134e4a203914a1
f4c4f0d4dee8504c596e55ee5db92c03f53351bb4b1297636afe198e82c45f40
f82add5c2ff09c835a8a60d8fb6d6a7f2d6f712d2e98d65a3744053c9bcc8bbf
ffad6d3d86f28910314a5a79af3fef498109b4d010ce2eb7dd0f55c18afd9e61

backoffice.ab.stage.pjli.nextbank.cloud Open in urlscan Pro 2600:9000:237d:ae00:16:a93d:fd40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

63 %HTTPS

80 %IPv6

3 Domains

4 Subdomains

6 IPs

3 Countries

1606 kBTransfer

9322 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

backoffice.ab.stage.pjli.nextbank.cloud Open in urlscan Pro
2600:9000:237d:ae00:16:a93d:fd40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

63 %
HTTPS

80 %
IPv6

3
Domains

4
Subdomains

6
IPs

3
Countries

1606 kB
Transfer

9322 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions