auth.staging.agibank.app-terosopenbanking.com Open in urlscan Pro
54.146.198.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.staging.agibank.app-terosopenbanking.com/
Effective URL:
https://auth.staging.agibank.app-terosopenbanking.com/swagger/
Submission: On July 27 via automatic, source certstream-suspicious (July 27th 2023, 6:54:12 pm UTC) — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 54.146.198.125, located in Ashburn, United States and belongs to . The main domain is auth.staging.agibank.app-terosopenbanking.com.
TLS certificate: Issued by R3 on July 11th 2023. Valid for: 3 months.

This is the only time auth.staging.agibank.app-terosopenbanking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 11	54.146.198.125 54.146.198.125		() ()
9	2

11 54.146.198.125 (Ashburn, United States) 2 redirects

ASN- ()

auth.staging.agibank.app-terosopenbanking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	app-terosopenbanking.com 2 redirects auth.staging.agibank.app-terosopenbanking.com	2 MB
9	1

	Domain	Requested by
11	auth.staging.agibank.app-terosopenbanking.com	2 redirects auth.staging.agibank.app-terosopenbanking.com
9	1

This site contains no links.

Subject Issuer	Validity	Valid
auth.dev-agibank.app-terosopenbanking.com R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.staging.agibank.app-terosopenbanking.com/swagger/
Frame ID: ACFADFAB738CA796FEE38822D7B5760F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Swagger UI

Page URL History Show full URLs

https://auth.staging.agibank.app-terosopenbanking.com/ HTTP 302
https://auth.staging.agibank.app-terosopenbanking.com/swagger HTTP 301
https://auth.staging.agibank.app-terosopenbanking.com/swagger/ Page URL

Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

2022 kB
Transfer

2028 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.staging.agibank.app-terosopenbanking.com/ HTTP 302
https://auth.staging.agibank.app-terosopenbanking.com/swagger HTTP 301
https://auth.staging.agibank.app-terosopenbanking.com/swagger/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
auth.staging.agibank.app-terosopenbanking.com/swagger/
Redirect Chain

https://auth.staging.agibank.app-terosopenbanking.com/
https://auth.staging.agibank.app-terosopenbanking.com/swagger
https://auth.staging.agibank.app-terosopenbanking.com/swagger/

6 KB
7 KB

109ms
109ms

Document
text/html

54.146.198.125

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/swagger/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

cd90b514cc531aadd0d191dccc712301f53effabdf17f98a4331ef7ed3122538

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 6291
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Thu, 27 Jul 2023 18:53:56 GMT
ETag: W/"1893-aQ236DMRUUmuEXGHzwuHmPDTS20"
Expect-CT: max-age=0
Keep-Alive: timeout=5
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 181
Content-Security-Policy: default-src 'none'
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Thu, 27 Jul 2023 18:53:56 GMT
Expect-CT: max-age=0
Keep-Alive: timeout=5
Location: /swagger/
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0

GET
H/1.1 200
OK swagger-ui.css
auth.staging.agibank.app-terosopenbanking.com/swagger/ 147 KB
148 KB 113ms
110ms Stylesheet
text/css 54.146.198.125

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/swagger/swagger-ui.css

Requested by

Host: auth.staging.agibank.app-terosopenbanking.com
URL: https://auth.staging.agibank.app-terosopenbanking.com/swagger/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

13f98ecce9e96509c0bcbdb25df5b4aec7e949aa6b74505f9972737338b78133

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 27 Jul 2023 18:53:56 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 150945
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 12 Jul 2023 22:55:48 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: W/"24da1-1894c515d20"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK swagger-ui-bundle.js Show response
auth.staging.agibank.app-terosopenbanking.com/swagger/ 1 MB
1 MB 433ms
217ms Script
application/javascript 54.146.198.125

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/swagger/swagger-ui-bundle.js

Requested by

Host: auth.staging.agibank.app-terosopenbanking.com
URL: https://auth.staging.agibank.app-terosopenbanking.com/swagger/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

001d7b15b3bf9ea507ed6346801804cd0910fb6b575dfed6afe05bbf964c498a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 27 Jul 2023 18:53:56 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 1415052
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 12 Jul 2023 22:55:57 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: W/"15978c-1894c518048"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK swagger-ui-standalone-preset.js Show response
auth.staging.agibank.app-terosopenbanking.com/swagger/ 241 KB
242 KB 437ms
220ms Script
application/javascript 54.146.198.125

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/swagger/swagger-ui-standalone-preset.js

Requested by

Host: auth.staging.agibank.app-terosopenbanking.com
URL: https://auth.staging.agibank.app-terosopenbanking.com/swagger/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

de4a8abd23241d664a43dc1ae1c33d6a0d35d8de39ecf24b298d9dd44d4ce2ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 27 Jul 2023 18:53:56 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 246440
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 12 Jul 2023 22:56:01 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: W/"3c2a8-1894c518fe8"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK swagger-ui-init.js Show response
auth.staging.agibank.app-terosopenbanking.com/swagger/ 121 KB
122 KB 453ms
223ms Script
application/javascript 54.146.198.125

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/swagger/swagger-ui-init.js

Requested by

Host: auth.staging.agibank.app-terosopenbanking.com
URL: https://auth.staging.agibank.app-terosopenbanking.com/swagger/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

bbcec06a4fd6f95e368a5b01188d2552df07c83272c2e41ce24e7ab62f364db2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 27 Jul 2023 18:53:56 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 123501
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Cross-Origin-Opener-Policy: same-origin
ETag: W/"1e26d-ltILrMFGHC7IKVocWEOLZp7qXsA"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=utf-8
Origin-Agent-Cluster: ?1
Keep-Alive: timeout=5

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 692881516b5727543e5d0e2afe602c1659d1b50d7af857219c33d12913167520

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK logo.svg
auth.staging.agibank.app-terosopenbanking.com/img/agibank/ 2 KB
3 KB 108ms
107ms Image
image/svg+xml 54.146.198.125

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/img/agibank/logo.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

89884d392b18bd15090cdc99f6cadbd38a68cac36237a4646c45a7ad8d5e0f9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.staging.agibank.app-terosopenbanking.com/swagger/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 27 Jul 2023 18:53:58 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 2212
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Mon, 29 Aug 2022 19:49:53 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: W/"8a4-182eb273ae8"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: image/svg+xml
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK arrow-select.png
auth.staging.agibank.app-terosopenbanking.com/img/agibank/ 2 KB
3 KB 109ms
109ms Image
image/png 54.146.198.125

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/img/agibank/arrow-select.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

3c6041fdbfb34757d5e38fe5685351b79961dbba064bb822a59bac778120ee1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.staging.agibank.app-terosopenbanking.com/swagger/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 27 Jul 2023 18:53:58 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 2323
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Mon, 29 Aug 2022 19:49:53 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: W/"913-182eb273ae8"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: image/png
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
DATA 200
OK truncated
/ 127 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88184aef40a6a66fdd5841732efb6bd1ec40d2cf5cc35dd2abe5ab80070d02b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK avertastd-bold.woff2
auth.staging.agibank.app-terosopenbanking.com/fonts/ 54 KB
55 KB 226ms
226ms Font
font/woff2 54.146.198.125

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/fonts/avertastd-bold.woff2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

1f2e576a809d81a37d765c91dabcc44cf75ca2ee72100e7614cd57b05057a688

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://auth.staging.agibank.app-terosopenbanking.com/swagger/
Origin: https://auth.staging.agibank.app-terosopenbanking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 27 Jul 2023 18:53:58 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 55576
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Mon, 29 Aug 2022 19:49:53 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: W/"d918-182eb273ae8"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: font/woff2
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK avertastd-regular.woff2
auth.staging.agibank.app-terosopenbanking.com/fonts/ 58 KB
59 KB 213ms
212ms Font
font/woff2 54.146.198.125

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.staging.agibank.app-terosopenbanking.com/fonts/avertastd-regular.woff2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.146.198.125 Ashburn, United States, ASN (),

Reverse DNS

Software

Resource Hash

731dbf445445d25195e3235256e39669cd050992ec3e9e07a3bca846b2c682a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://auth.staging.agibank.app-terosopenbanking.com/swagger/
Origin: https://auth.staging.agibank.app-terosopenbanking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 27 Jul 2023 18:53:58 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: require-corp
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 58988
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Mon, 29 Aug 2022 19:49:53 GMT
Cross-Origin-Opener-Policy: same-origin
ETag: W/"e66c-182eb273ae8"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: font/woff2
Origin-Agent-Cluster: ?1
Cache-Control: public, max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=5

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| SwaggerUIBundle object| SwaggerUIStandalonePreset object| versions object| ui

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.staging.agibank.app-terosopenbanking.com
54.146.198.125
001d7b15b3bf9ea507ed6346801804cd0910fb6b575dfed6afe05bbf964c498a
13f98ecce9e96509c0bcbdb25df5b4aec7e949aa6b74505f9972737338b78133
1f2e576a809d81a37d765c91dabcc44cf75ca2ee72100e7614cd57b05057a688
3c6041fdbfb34757d5e38fe5685351b79961dbba064bb822a59bac778120ee1d
692881516b5727543e5d0e2afe602c1659d1b50d7af857219c33d12913167520
731dbf445445d25195e3235256e39669cd050992ec3e9e07a3bca846b2c682a7
88184aef40a6a66fdd5841732efb6bd1ec40d2cf5cc35dd2abe5ab80070d02b4
89884d392b18bd15090cdc99f6cadbd38a68cac36237a4646c45a7ad8d5e0f9e
bbcec06a4fd6f95e368a5b01188d2552df07c83272c2e41ce24e7ab62f364db2
cd90b514cc531aadd0d191dccc712301f53effabdf17f98a4331ef7ed3122538
de4a8abd23241d664a43dc1ae1c33d6a0d35d8de39ecf24b298d9dd44d4ce2ea

auth.staging.agibank.app-terosopenbanking.com Open in urlscan Pro 54.146.198.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

2022 kBTransfer

2028 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

auth.staging.agibank.app-terosopenbanking.com Open in urlscan Pro
54.146.198.125 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

2022 kB
Transfer

2028 kB
Size

0
Cookies

9 HTTP transactions
2 data transactions