urlscan.io logo urlscan.io
SecurityTrails logo

staging.mcards.com Open in urlscan Pro
13.239.175.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.staging.mcards.com/
Effective URL: https://staging.mcards.com/admin_users/sign_in
Submission: On November 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 17 HTTP transactions. The main IP is 13.239.175.61, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is staging.mcards.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 27th 2023. Valid for: a year.
This is the only time staging.mcards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 13.239.175.61 16509 (AMAZON-02)
3 108.138.34.62 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 108.138.36.115 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.130.137 54113 (FASTLY)
3 162.247.243.29 54113 (FASTLY)
17 8
1    2606:4700::6810:a116 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.staging.mcards.com
2    13.239.175.61 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-175-61.ap-southeast-2.compute.amazonaws.com
staging.mcards.com
3    108.138.34.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-62.muc50.r.cloudfront.net
d8k3e78l81oib.cloudfront.net
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    108.138.36.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-115.muc50.r.cloudfront.net
staging.djr82sx622q8i.amplifyapp.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
3 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
1 KB
3 gstatic.com
fonts.gstatic.com
157 KB
3 cloudfront.net
d8k3e78l81oib.cloudfront.net
158 KB
3 mcards.com
auth.staging.mcards.com
staging.mcards.com
23 KB
2 amplifyapp.com
staging.djr82sx622q8i.amplifyapp.com
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 903
76 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
29 KB
17 8
Domain Requested by
3 bam.nr-data.net staging.mcards.com
3 fonts.gstatic.com fonts.googleapis.com
3 d8k3e78l81oib.cloudfront.net staging.mcards.com
2 staging.djr82sx622q8i.amplifyapp.com staging.mcards.com
2 fonts.googleapis.com staging.mcards.com
2 unpkg.com staging.mcards.com
2 staging.mcards.com 1 redirects
1 js-agent.newrelic.com staging.mcards.com
1 auth.staging.mcards.com 1 redirects
17 9

This site contains no links.

Subject Issuer Validity Valid
staging.mcards.com
Amazon RSA 2048 M02		 2023-04-27 -
2024-05-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.djr82sx622q8i.amplifyapp.com
Amazon RSA 2048 M02		 2023-03-28 -
2024-04-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://staging.mcards.com/admin_users/sign_in
Frame ID: 8C24422C6941192914089842578BB7B0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

mCards

Page URL History Show full URLs

  1. https://auth.staging.mcards.com/ HTTP 302
    https://staging.mcards.com/ HTTP 302
    https://staging.mcards.com/admin_users/sign_in Page URL

Page Statistics

17
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

450 kB
Transfer

1475 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.staging.mcards.com/ HTTP 302
    https://staging.mcards.com/ HTTP 302
    https://staging.mcards.com/admin_users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
staging.mcards.com/admin_users/
Redirect Chain
  • https://auth.staging.mcards.com/
  • https://staging.mcards.com/
  • https://staging.mcards.com/admin_users/sign_in
61 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.239.175.61 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-175-61.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
86ac6a0e5bdc8140740458a692f86b7c4432c1e9591fd627b78c892e319b9c17
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 17:44:07 GMT
etag
W/"86ac6a0e5bdc8140740458a692f86b7c"
link
<https://d8k3e78l81oib.cloudfront.net/assets/admin/application-15a00c45f1519ea44313d5ef4aff8098db4de093616fcfe55c1f1cb33d29c24a.css>; rel=preload; as=style; nopush,<https://d8k3e78l81oib.cloudfront.net/assets/admin/application-c6b59fb4140e0d582a6fdadf633d1f816fa2cb8ba599be9958bbeb7818e9c540.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.22.1
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
5f511724-8b8f-468c-aeb9-c588b7935c8d
x-runtime
0.009709
x-xss-protection
0

Redirect headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 17:44:07 GMT
location
https://staging.mcards.com/admin_users/sign_in
server
nginx/1.22.1
strict-transport-security
max-age=31556952; includeSubDomains
x-request-id
14fa80f9-32ba-4571-be4a-1ec30d318c5f
x-runtime
0.006914
application-15a00c45f1519ea44313d5ef4aff8098db4de093616fcfe55c1f1cb33d29c24a.css
d8k3e78l81oib.cloudfront.net/assets/admin/ 		51 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d8k3e78l81oib.cloudfront.net/assets/admin/application-15a00c45f1519ea44313d5ef4aff8098db4de093616fcfe55c1f1cb33d29c24a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-62.muc50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
97357086328cd59ae6519fac51d3efa12c2154cc3a3919ab86be6cded3a429c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging.mcards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:44:09 GMT
content-encoding
gzip
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556952; includeSubDomains
last-modified
Mon, 27 Nov 2023 20:42:15 GMT
server
nginx/1.22.1
x-amz-cf-pop
MUC50-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
content-length
11236
x-amz-cf-id
jt5IV6fwdUQMfKFdRHRvcB5NaZcdo8JTa9wRhKjlg7_AbXC5qpXldA==
application-c6b59fb4140e0d582a6fdadf633d1f816fa2cb8ba599be9958bbeb7818e9c540.js
d8k3e78l81oib.cloudfront.net/assets/admin/ 		533 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d8k3e78l81oib.cloudfront.net/assets/admin/application-c6b59fb4140e0d582a6fdadf633d1f816fa2cb8ba599be9958bbeb7818e9c540.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-62.muc50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
c6b59fb4140e0d582a6fdadf633d1f816fa2cb8ba599be9958bbeb7818e9c540
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging.mcards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:44:09 GMT
content-encoding
gzip
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556952; includeSubDomains
last-modified
Mon, 27 Nov 2023 20:42:15 GMT
server
nginx/1.22.1
x-amz-cf-pop
MUC50-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
147313
x-amz-cf-id
hHoixSn4QW1NAgrBu6BoxBu7OZ1cenfBiVfyrdMa_GZ6yXbd_N0LIg==
material-components-web.min.css
unpkg.com/material-components-web@3.2.0/dist/ 		262 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/material-components-web@3.2.0/dist/material-components-web.min.css
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e088adc4a664e237e868c3e2e200df03fcca5fe383c2818292f80776efe439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging.mcards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:44:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1245486
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HF6CPQATW9K4QV5RZS9E507Q-waw
server
cloudflare
etag
W/"41743-SPuQg1rUFFBrHqC27sAtCBZZJe8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82d46acc2f3d357b-WAW
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging.mcards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 17:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 17:44:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 17:44:08 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging.mcards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 17:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 16:22:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 17:44:08 GMT
material-components-web.min.js
unpkg.com/material-components-web@6.0.0/dist/ 		308 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/material-components-web@6.0.0/dist/material-components-web.min.js
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451d16ed80cb8ecbd6fbbaee713f9f22328cd489f41a10a671b8c15190838b22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging.mcards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:44:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1597551
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HEVWYDE19SFE9F841BC8H2WM-waw
server
cloudflare
etag
W/"4cf8c-1fhO0V0ejr+V5fkOIcdJPvuADMk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82d46acc2f41357b-WAW
buy-bucks.esm.js
staging.djr82sx622q8i.amplifyapp.com/build/ 		571 B
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.djr82sx622q8i.amplifyapp.com/build/buy-bucks.esm.js
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-115.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba48f0997be77f97476a8aeec9bb7ec26b68d03ac111b61d7bb068beecdc6c4e

Request headers

Referer
https://staging.mcards.com/
Origin
https://staging.mcards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:44:09 GMT
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 15:03:52 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
etag
"48d020e6cfe67acd1f328fc243a9886b"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
content-length
571
x-amz-cf-id
23pKl4WVBNGz76iV7xlYNZctfHVsosfqMFV2YT5D3xEC1jtwFnymtA==
au-03346b2e77fb3f986a60d34fc7a37bdd0caab6b5d48813d1c33cadeae4038838.svg
d8k3e78l81oib.cloudfront.net/assets/regions/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d8k3e78l81oib.cloudfront.net/assets/regions/au-03346b2e77fb3f986a60d34fc7a37bdd0caab6b5d48813d1c33cadeae4038838.svg
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-34-62.muc50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
03346b2e77fb3f986a60d34fc7a37bdd0caab6b5d48813d1c33cadeae4038838
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://staging.mcards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:44:10 GMT
strict-transport-security
max-age=31556952; includeSubDomains
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Nov 2023 20:34:18 GMT
server
nginx/1.22.1
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
content-type
image/svg+xml
content-length
1596
x-amz-cf-id
6j60DDeUPiLFPffgqum82Oe2EyfQNbkWsjSZ4yYibslHLm6AvxJoBQ==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging.mcards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 23:58:11 GMT
x-content-type-options
nosniff
age
323159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 23:58:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging.mcards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
332308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:25:42 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging.mcards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:53:37 GMT
x-content-type-options
nosniff
age
395433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 03:53:37 GMT
p-4c1dc828.js
staging.djr82sx622q8i.amplifyapp.com/build/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.djr82sx622q8i.amplifyapp.com/build/p-4c1dc828.js
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-115.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
049169cdfecdfd27809d24a45e952f898c89bd4fa947ad660a60d21652f47bf9

Request headers

Referer
https://staging.djr82sx622q8i.amplifyapp.com/build/buy-bucks.esm.js
Origin
https://staging.mcards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:44:11 GMT
content-encoding
gzip
via
1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 15:03:52 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
etag
W/"0d4f9324d9473f69b02d5f069a09cbbd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
mo9l9fd2PGWFhfUAKE7JGrsBx2RFaxeDWeHoKsG0HGtCFBiQ3EBVLg==
nr-spa-1.248.0.min.js
js-agent.newrelic.com/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.248.0.min.js
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://staging.mcards.com/
Origin
https://staging.mcards.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding
br
via
1.1 varnish
date
Tue, 28 Nov 2023 17:44:10 GMT
strict-transport-security
max-age=300
x-amz-request-id
KPSAA6596B5W9WAE
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29446
x-amz-id-2
kK7PfSmN+43+Jj0qkIS4Cd0s6EyntbGFa2u05oT4gNKZizW0KbsABqTWJcaxq3TCCYeEjgaLlvk=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Thu, 16 Nov 2023 17:54:54 GMT
server
AmazonS3
x-timer
S1701193451.771659,VS0,VE0
etag
"9aea0ff91a800a354637269e96e31dac"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
692632
94c36c3983
bam.nr-data.net/1/ 		40 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/94c36c3983?a=1016929421&v=1.248.0&to=dFdWTUoNWlhXQhoBUEFRS1wXEVNHQVlaC0YYVl1O&rst=5978&ck=0&s=50b1c6ea405a1def&ref=https://staging.mcards.com/admin_users/sign_in&af=err,xhr,stn,ins,spa&ap=9&be=3432&fe=2436&dc=2434&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1701193444833,%22n%22:0,%22f%22:2799,%22dn%22:2799,%22dne%22:2799,%22c%22:2799,%22s%22:2799,%22ce%22:2799,%22rq%22:2799,%22rp%22:3433,%22rpe%22:3434,%22di%22:5385,%22ds%22:5856,%22de%22:5866,%22dc%22:5867,%22l%22:5867,%22le%22:5868%7D,%22navigation%22:%7B%7D%7D&fp=5390&fcp=5390
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer
https://staging.mcards.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 28 Nov 2023 17:44:11 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://staging.mcards.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-fra-eddf8230028-FRA
94c36c3983
bam.nr-data.net/resources/1/ 		36 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/94c36c3983?a=1016929421&v=1.248.0&to=dFdWTUoNWlhXQhoBUEFRS1wXEVNHQVlaC0YYVl1O&rst=6660&ck=0&s=50b1c6ea405a1def&ref=https://staging.mcards.com/admin_users/sign_in&st=1701193444833&hr=0&fts=1701193444833&n=26&fsh=1
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
556a120c6dce813cf8b5da3c74757996d0792ca86678f42eb6e44eff74d3baa0

Request headers

Referer
https://staging.mcards.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 28 Nov 2023 17:44:11 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://staging.mcards.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
36
x-served-by
cache-fra-eddf8230028-FRA
94c36c3983
bam.nr-data.net/events/1/ 		24 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/94c36c3983?a=1016929421&v=1.248.0&to=dFdWTUoNWlhXQhoBUEFRS1wXEVNHQVlaC0YYVl1O&rst=6663&ck=0&s=50b1c6ea405a1def&ref=https://staging.mcards.com/admin_users/sign_in
Requested by
Host: staging.mcards.com
URL: https://staging.mcards.com/admin_users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://staging.mcards.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 28 Nov 2023 17:44:12 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://staging.mcards.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230055-FRA

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.248.0.PROD object| newrelic object| mdc function| cocoon_callbacks function| initAutocomplete function| fillInAddress function| setMDCTextField function| initMap function| handleLocationError function| updateMapPins function| setTypeahead function| initCountryCodeSelector function| loadMore function| DateFormatter undefined| placeSearch undefined| autocomplete function| datetimepickerFactory undefined| map undefined| infoWindow undefined| userLocation object| detailsComponents object| addressComponents boolean| centerMapToFirstPin object| zoomToPins object| Rails boolean| _rails_loaded object| Turbolinks function| $ function| jQuery object| jQuery112406899271167127581 function| SearchIndex function| Bloodhound object| intlTelInputUtils

2 Cookies

Domain/Path Name / Value
.auth.staging.mcards.com/ Name: __cf_bm
Value: jSCdf9zpQyJymZlMkPPyWSFSGDsyk.MV1qV9Dodq2xI-1701193446-0-AUeqDDoPiudWz/IhqU0/IYdMxHKz5VMTGsmueldocrFhMkgMBF2hrDP41mbS0hxlp2hB9Aut6NT38oEHeP0aA5o=
staging.mcards.com/ Name: _mcards_session
Value: oWpz63WpOlDeuDhSHw9V7xx%2Bem9OARjMAxP8dCouTjaYYHHGGpJmNzNo9CaRlrtrkzJhDZ%2FKEEWN6tkzTnAi7emxOySjJU6vT4AnzZD9R0jHvEudgJ5FEqYB%2B%2BHumfYStiR%2FhxXJnX%2BpFfRbO%2BXIBlWV%2BmbOfeWWOBmfX21Dja9WuyTZyIX10SZjlElMM8nePWPQRNnRWGBB4t3XZ7J91%2FywkZPgM9Ihp3Wzuahu3SqjgkwCpLFCiu%2Bcmaz1X8FOV3zm62A6X6ly0ZOiBBgn8oN3uzd25UR9zVu6nJhXXZatA3JzN7EMYD2HHV2du4LWOrv0S2pYkgqJcW8%3D--Y4C4dEhq0SetgwXp--0tgrFyr7p9ubW4H6wNjefA%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.staging.mcards.com
bam.nr-data.net
d8k3e78l81oib.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
staging.djr82sx622q8i.amplifyapp.com
staging.mcards.com
unpkg.com
108.138.34.62
108.138.36.115
13.239.175.61
151.101.130.137
162.247.243.29
2606:4700::6810:7daf
2606:4700::6810:a116
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
03346b2e77fb3f986a60d34fc7a37bdd0caab6b5d48813d1c33cadeae4038838
049169cdfecdfd27809d24a45e952f898c89bd4fa947ad660a60d21652f47bf9
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
451d16ed80cb8ecbd6fbbaee713f9f22328cd489f41a10a671b8c15190838b22
556a120c6dce813cf8b5da3c74757996d0792ca86678f42eb6e44eff74d3baa0
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
86ac6a0e5bdc8140740458a692f86b7c4432c1e9591fd627b78c892e319b9c17
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
97357086328cd59ae6519fac51d3efa12c2154cc3a3919ab86be6cded3a429c1
99e088adc4a664e237e868c3e2e200df03fcca5fe383c2818292f80776efe439
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
ba48f0997be77f97476a8aeec9bb7ec26b68d03ac111b61d7bb068beecdc6c4e
c6b59fb4140e0d582a6fdadf633d1f816fa2cb8ba599be9958bbeb7818e9c540
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615