baml.sdg2demo.mastercard.com Open in urlscan Pro
2607:3c00:6404:5::3a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://baml.sdg2demo.mastercard.com/
Effective URL:
https://baml.sdg2demo.mastercard.com/sdportal/home.view
Submission: On February 24 via automatic, source certstream-suspicious (February 24th 2020, 7:14:30 pm UTC)

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2607:3c00:6404:5::3a, located in United States and belongs to MASTER-7-AS, US. The main domain is baml.sdg2demo.mastercard.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 3rd 2018. Valid for: 2 years.

This is the only time baml.sdg2demo.mastercard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 13	2607:3c00:640... 2607:3c00:6404:5::3a		26380 (MASTER-7-AS) (MASTER-7-AS)
10	1

13 2607:3c00:6404:5::3a (United States) 3 redirects

ASN26380 (MASTER-7-AS, US)

baml.sdg2demo.mastercard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mastercard.com 3 redirects baml.sdg2demo.mastercard.com	373 KB
10	1

	Domain	Requested by
13	baml.sdg2demo.mastercard.com	3 redirects baml.sdg2demo.mastercard.com
10	1

This site contains no links.

Subject Issuer	Validity	Valid
baml.sdg2demo.mastercard.com Entrust Certification Authority - L1K	`2018-08-03` - `2020-11-02`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://baml.sdg2demo.mastercard.com/sdportal/home.view
Frame ID: 44CB1C855939F65C378F8C8CDA5294DE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://baml.sdg2demo.mastercard.com/ HTTP 302
https://baml.sdg2demo.mastercard.com/sdportal/home.view Page URL

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

371 kB
Transfer

760 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://baml.sdg2demo.mastercard.com/ HTTP 302
https://baml.sdg2demo.mastercard.com/sdportal/home.view Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://baml.sdg2demo.mastercard.com/pkmslogout HTTP 302
https://baml.sdg2demo.mastercard.com/sdportal/LRR.view?TAM_OP=help&USERNAME=unauthenticated&ERROR_CODE=0x13212079&ERROR_TEXT=HPDIA0121W%20%20%20The%20requested%20operation%20is%20not%20valid.&URL=%2Fpkmslogout&REFERER=https%3A%2F%2Fbaml.sdg2demo.mastercard.com%2Fsdportal%2Fhome.view&HOSTNAME=baml.sdg2demo.mastercard.com&AUTHNLEVEL=&OLDSESSION= HTTP 302
https://baml.sdg2demo.mastercard.com/sdportal/invalidLogin.view?cobrandHost=mastercard&locale=en_US&cd=3010

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set home.view Show response
baml.sdg2demo.mastercard.com/sdportal/
Redirect Chain

https://baml.sdg2demo.mastercard.com/
https://baml.sdg2demo.mastercard.com/sdportal/home.view

2 KB
2 KB

151ms
151ms

Document
text/html

2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/home.view

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

e749419cb4d8fd884dc11e41047ea28bdefa8dd22c8ac6bcab1035a51487efd4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: baml.sdg2demo.mastercard.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

content-language: en-US
content-type: text/html;charset=UTF-8
date: Mon, 24 Feb 2020 19:14:07 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, private
expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: SD_JSESSIONID=00007MfUq6q6393Pn0c-d5fUTJS:1a7qkda0a; Path=/; Secure; HttpOnly BIGipServersmartdata-demo-portal-https-pool=!BTwQOPjkCRMgdrIgIsznOVoGBdFF9bGkuqEgLS3IwDz+TI5IbhT1VXpWxs0u9eC6yIljY1FBNewX5jc=; Path=/; Expires=Mon, 24-Feb-2020 19:44:07 GMT; Secure; HttpOnly PD-S-SESSION-ID=1_2_0_G8axkZb5FCtONxSR3iK3eKA8CEzXPTMIj86y6stKBv7exHWa; Path=/; Secure; HttpOnly LB1=!xZGj14ICLux0T48wO7jXvRHaQMXoik8l659b2/DYLdMaisIkHPxlEh5ThJ8IqNnoaB3ZnsT5ilBj7w==; path=/; Httponly; Secure TS010c11e1=01d93cbca17978a8ba569d2e603177a425b4d7d9d2eb5499a7ead81b74bc345a85a5ff7bd33e0415b919e861d6c7a59618bdabb326fb1d800a319cf6b5707adaa6b97c2873d0103505b4ea65b4f5113d2626f02bb8a3b3770ed63cfb00034c2eccbe2801e8c34ef3c87bf78ef1d80159a9ed53fa44; Path=/; HTTPOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1116
Connection: Keep-Alive

Redirect headers

Location: https://baml.sdg2demo.mastercard.com/sdportal/home.view
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK bundle.js Show response
baml.sdg2demo.mastercard.com/sdportal/dictionary/portalLabels/en_US/ 29 KB
11 KB 155ms
154ms Script
text/javascript 2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/dictionary/portalLabels/en_US/bundle.js

Requested by

Host: baml.sdg2demo.mastercard.com
URL: https://baml.sdg2demo.mastercard.com/sdportal/home.view

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

b26b2b102cc5a1382403e97ba25264034490c533fa444a0b46c84c10f23c2160

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://baml.sdg2demo.mastercard.com/sdportal/home.view
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 19:14:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
content-language: en-US
cache-control: max-age=14400, private, no-transform
Connection: Keep-Alive
content-type: text/javascript;charset=UTF-8
Content-Length: 9938

GET
H/1.1 200
OK login.nocache.js Show response
baml.sdg2demo.mastercard.com/sdportal/login/ 7 KB
4 KB 304ms
148ms Script
application/x-javascript 2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/login/login.nocache.js

Requested by

Host: baml.sdg2demo.mastercard.com
URL: https://baml.sdg2demo.mastercard.com/sdportal/home.view

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

e01873ce44667475092d1b482a9c0601b8a05033738d66209ce3600672ce1ac5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://baml.sdg2demo.mastercard.com/sdportal/home.view
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 19:14:07 GMT
Content-Encoding: gzip
p3p: CP="NON CUR OTPi OUR NOR UNI"
last-modified: Thu, 26 Sep 2019 14:54:48 GMT
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
content-language: en-US
cache-control: max-age=14400, private, no-transform
Connection: Keep-Alive
content-type: application/x-javascript
content-length: 3438

GET
H/1.1

200
OK

invalidLogin.view
baml.sdg2demo.mastercard.com/sdportal/
Redirect Chain

https://baml.sdg2demo.mastercard.com/pkmslogout
https://baml.sdg2demo.mastercard.com/sdportal/LRR.view?TAM_OP=help&USERNAME=unauthenticated&ERROR_CODE=0x13212079&ERROR_TEXT=HPDIA0121W%20%20%20The%20requested%20operation%20is%20not%20valid.&URL=%...
https://baml.sdg2demo.mastercard.com/sdportal/invalidLogin.view?cobrandHost=mastercard&locale=en_US&cd=3010

3 KB
3 KB

147ms
146ms

Image
text/html

2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/invalidLogin.view?cobrandHost=mastercard&locale=en_US&cd=3010

Requested by

Host: baml.sdg2demo.mastercard.com
URL: https://baml.sdg2demo.mastercard.com/sdportal/home.view

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://baml.sdg2demo.mastercard.com/sdportal/home.view
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 19:14:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
content-language: en-US
cache-control: no-cache, no-store, max-age=0, private
Connection: Keep-Alive
content-type: text/html;charset=UTF-8
Content-Length: 1136

Redirect headers

location: https://baml.sdg2demo.mastercard.com/sdportal/invalidLogin.view?cobrandHost=mastercard&locale=en_US&cd=3010
date: Mon, 24 Feb 2020 19:14:07 GMT
cache-control: no-cache, no-store, max-age=0, private
content-length: 0
x-frame-options: SAMEORIGIN
content-language: en-US
p3p: CP="NON CUR OTPi OUR NOR UNI"

GET
H/1.1 200
OK 861E05DB806C6BD1C701955E1CF9D20A.cache.js Show response
baml.sdg2demo.mastercard.com/sdportal/login/ 374 KB
132 KB 337ms
336ms Script
application/x-javascript 2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/login/861E05DB806C6BD1C701955E1CF9D20A.cache.js

Requested by

Host: baml.sdg2demo.mastercard.com
URL: https://baml.sdg2demo.mastercard.com/sdportal/login/login.nocache.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

13b773c2016459525f866cae146f704d33de415939f5d0cb997ec3108cbfd35d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://baml.sdg2demo.mastercard.com/sdportal/home.view
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 19:14:07 GMT
Content-Encoding: gzip
p3p: CP="NON CUR OTPi OUR NOR UNI"
last-modified: Thu, 26 Sep 2019 15:38:08 GMT
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
content-language: en-US
cache-control: max-age=14400, private, no-transform
Connection: Keep-Alive
content-type: application/x-javascript
content-length: 134118

POST
H/1.1 200
OK cobrandDetailsService.rpc Show response
baml.sdg2demo.mastercard.com/sdportal/login/ 2 KB
3 KB 166ms
165ms XHR
application/json 2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/login/cobrandDetailsService.rpc

Requested by

Host:
URL: login-0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

53b37a46d27f4bc00100c2bc974356718c267a43ebdb8a2c433bbaaebc5d9732

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-GWT-Module-Base: https://baml.sdg2demo.mastercard.com/sdportal/login/
X-GWT-Permutation: 861E05DB806C6BD1C701955E1CF9D20A
Origin: https://baml.sdg2demo.mastercard.com
Referer: https://baml.sdg2demo.mastercard.com/sdportal/home.view
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Feb 2020 19:14:07 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
content-language: en-US
cache-control: no-cache, no-store, max-age=0, private
content-disposition: attachment
content-type: application/json; charset=utf-8
content-length: 2483
expires: Sat, 1 January 2000 12:00:00 GMT

GET
H/1.1 200
OK cp-app.css
baml.sdg2demo.mastercard.com/sdportal/portalstatic/mastercard/css/ 164 KB
34 KB 224ms
223ms Stylesheet
text/css 2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/portalstatic/mastercard/css/cp-app.css

Requested by

Host:
URL: login-0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

595979ab91c411ce836797161148d31dfae762a16b52a5fa0f5d2560b568b849

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://baml.sdg2demo.mastercard.com/sdportal/home.view
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 24 Feb 2020 19:14:09 GMT
Content-Encoding: gzip
p3p: CP="NON CUR OTPi OUR NOR UNI"
last-modified: Thu, 26 Sep 2019 15:29:16 GMT
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
content-language: en-US
cache-control: max-age=14400, private, no-transform
Connection: Keep-Alive
content-type: text/css
content-length: 34321

POST
H/1.1 200
OK runtimeSettingsService.rpc Show response
baml.sdg2demo.mastercard.com/sdportal/login/ 45 B
1014 B 147ms
147ms XHR
application/json 2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/login/runtimeSettingsService.rpc

Requested by

Host:
URL: login-0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

d8abad35f689788ba281599fc7114f893637f237b3ced8c0565641c86ca8b121

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

X-GWT-Module-Base: https://baml.sdg2demo.mastercard.com/sdportal/login/
X-GWT-Permutation: 861E05DB806C6BD1C701955E1CF9D20A
Origin: https://baml.sdg2demo.mastercard.com
Referer: https://baml.sdg2demo.mastercard.com/sdportal/home.view
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Feb 2020 19:14:09 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
content-language: en-US
cache-control: no-cache, no-store, max-age=0, private
content-disposition: attachment
content-type: application/json; charset=utf-8
content-length: 45
expires: Sat, 1 January 2000 12:00:00 GMT

GET
H/1.1 200
OK login-top.png
baml.sdg2demo.mastercard.com/sdportal/portalstatic/mastercard/images/ 2 KB
3 KB 146ms
145ms Image
image/png 2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/portalstatic/mastercard/images/login-top.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

8c09c08070bcb68ede315d66417107d642bafae9646e5843cd9c9228c297a424

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://baml.sdg2demo.mastercard.com/sdportal/portalstatic/mastercard/css/cp-app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 24 Feb 2020 19:14:09 GMT
Content-Encoding: gzip
p3p: CP="NON CUR OTPi OUR NOR UNI"
last-modified: Thu, 26 Sep 2019 15:31:32 GMT
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
content-language: en-US
cache-control: max-age=14400, private, no-transform
Connection: Keep-Alive
content-type: text/plain
content-length: 1934

GET
H/1.1 200
OK login-body.jpg
baml.sdg2demo.mastercard.com/sdportal/portalstatic/mastercard/images/ 177 KB
178 KB 258ms
258ms Image
image/jpeg 2607:3c00:6404:5::3a
MASTER-7-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baml.sdg2demo.mastercard.com/sdportal/portalstatic/mastercard/images/login-body.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:3c00:6404:5::3a , United States, ASN26380 (MASTER-7-AS, US),

Reverse DNS

Software

Resource Hash

53b9a77f4335b83dcad5898b8145b51fb6554d48e97bc39ddc49626e8c260e41

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://baml.sdg2demo.mastercard.com/sdportal/portalstatic/mastercard/css/cp-app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 24 Feb 2020 19:14:09 GMT
last-modified: Thu, 26 Sep 2019 15:31:32 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
content-language: en-US
cache-control: max-age=14400, private, no-transform
content-type: image/jpeg
content-length: 181416

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
baml.sdg2demo.mastercard.com/	1969-12-31 23:59:59	Name: TS010c11e1 Value: 01d93cbca14aba37ba11f48b80368404ee3bdd667feb5499a7ead81b74bc345a85a5ff7bd33e0415b919e861d6c7a59618bdabb326de3188f25756daf5cb566bf9a15c1e60e4a9bae71e351213481c6dea64a694ff3e1a176cfa649343c00ae0684bd798e0882ca5af1ed711e60563d4a23a627de8
baml.sdg2demo.mastercard.com/	1969-12-31 23:59:59	Name: LB1 Value: !dIxVnJfzl+QBK0QwO7jXvRHaQMXoilVKqd4yrpbtOYDOAgVi2YEpYTK6NX0CC8CLE0X7+ljUsBwhEQ==
baml.sdg2demo.mastercard.com/	1970-01-19 07:36:13	Name: BIGipServersmartdata-demo-portal-https-pool Value: !Q+F+Pr+ZRXu2ZPggIsznOVoGBdFF9T0OTAi8p/MzeqBQhOHUxdPuqn38a5hRSNfh+P+YDLl2SrN7tQ0=
baml.sdg2demo.mastercard.com/	1969-12-31 23:59:59	Name: PD-S-SESSION-ID Value: 1_2_0_G8axkZb5FCtONxSR3iK3eKA8CEzXPTMIj86y6stKBv7exHWa
baml.sdg2demo.mastercard.com/	1969-12-31 23:59:59	Name: SD_JSESSIONID Value: 00007MfUq6q6393Pn0c-d5fUTJS:1a7qkda0a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baml.sdg2demo.mastercard.com
2607:3c00:6404:5::3a
13b773c2016459525f866cae146f704d33de415939f5d0cb997ec3108cbfd35d
53b37a46d27f4bc00100c2bc974356718c267a43ebdb8a2c433bbaaebc5d9732
53b9a77f4335b83dcad5898b8145b51fb6554d48e97bc39ddc49626e8c260e41
595979ab91c411ce836797161148d31dfae762a16b52a5fa0f5d2560b568b849
8c09c08070bcb68ede315d66417107d642bafae9646e5843cd9c9228c297a424
b26b2b102cc5a1382403e97ba25264034490c533fa444a0b46c84c10f23c2160
d8abad35f689788ba281599fc7114f893637f237b3ced8c0565641c86ca8b121
e01873ce44667475092d1b482a9c0601b8a05033738d66209ce3600672ce1ac5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e749419cb4d8fd884dc11e41047ea28bdefa8dd22c8ac6bcab1035a51487efd4

baml.sdg2demo.mastercard.com Open in urlscan Pro 2607:3c00:6404:5::3a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

371 kBTransfer

760 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

baml.sdg2demo.mastercard.com Open in urlscan Pro
2607:3c00:6404:5::3a Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

371 kB
Transfer

760 kB
Size

5
Cookies

10 HTTP transactions
0 data transactions