urlscan.io logo urlscan.io
SecurityTrails logo

mcrd23002-staging.brandmovers.co Open in urlscan Pro
34.227.218.110  Public Scan

Go To Rescan Add Verdict Report
URL: https://mcrd23002-staging.brandmovers.co/
Submission: On June 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 12 HTTP transactions. The main IP is 34.227.218.110, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mcrd23002-staging.brandmovers.co.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 14th 2024. Valid for: a year.
This is the only time mcrd23002-staging.brandmovers.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 34.227.218.110 14618 (AMAZON-AES)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 52.216.153.100 16509 (AMAZON-02)
12 6
6    34.227.218.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-218-110.compute-1.amazonaws.com
mcrd23002-staging.brandmovers.co
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.datatables.net
2    52.216.153.100 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
s-site-mcrd23-assets.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
6 brandmovers.co
mcrd23002-staging.brandmovers.co
132 KB
2 amazonaws.com
s-site-mcrd23-assets.s3.amazonaws.com
1 MB
1 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 5477
102 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 354
18 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 824
30 KB
12 5
Domain Requested by
6 mcrd23002-staging.brandmovers.co mcrd23002-staging.brandmovers.co
code.jquery.com
2 s-site-mcrd23-assets.s3.amazonaws.com
1 cdn.datatables.net mcrd23002-staging.brandmovers.co
1 cdn.jsdelivr.net mcrd23002-staging.brandmovers.co
1 code.jquery.com mcrd23002-staging.brandmovers.co
12 5

This site contains no links.

Subject Issuer Validity Valid
*.brandmovers.co
Amazon RSA 2048 M02		 2024-04-14 -
2025-05-13		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
datatables.net
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mcrd23002-staging.brandmovers.co/
Frame ID: B9543E0E6A0D93076D7351B9DC0EBF0D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Card Example

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

12
Requests

92 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

1369 kB
Transfer

1807 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mcrd23002-staging.brandmovers.co/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcrd23002-staging.brandmovers.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.218.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-218-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7678dc28162fecb6ec2a190c44295e2cea3a9f72eb8094bbda3d53012e4964e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Jun 2024 08:13:41 GMT
Keep-Alive
timeout=15
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
widget.css
mcrd23002-staging.brandmovers.co/css/ 		99 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mcrd23002-staging.brandmovers.co/css/widget.css
Requested by
Host: mcrd23002-staging.brandmovers.co
URL: https://mcrd23002-staging.brandmovers.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.218.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-218-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2a7d143cd765e56ac67959bf63bf9712c773441058aede4dcd98e394561a22d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mcrd23002-staging.brandmovers.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 08:13:41 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
101335
Last-Modified
Thu, 30 May 2024 16:28:40 GMT
Server
nginx
ETag
"6658a938-18bd7"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
https://mcrd23002-staging.brandmovers.co
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: mcrd23002-staging.brandmovers.co
URL: https://mcrd23002-staging.brandmovers.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mcrd23002-staging.brandmovers.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 08:13:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3777001
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-etou8220112-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717920821.228933,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1, 347361
widget.js
mcrd23002-staging.brandmovers.co/js/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcrd23002-staging.brandmovers.co/js/widget.js
Requested by
Host: mcrd23002-staging.brandmovers.co
URL: https://mcrd23002-staging.brandmovers.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.218.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-218-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4bf0e5dfa9d55429330a26f04da6ed5e549415edace89fb6f674e3895a58b5d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mcrd23002-staging.brandmovers.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 08:13:41 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
24906
Last-Modified
Thu, 30 May 2024 16:28:40 GMT
Server
nginx
ETag
"6658a938-614a"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://mcrd23002-staging.brandmovers.co
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.min.js
Requested by
Host: mcrd23002-staging.brandmovers.co
URL: https://mcrd23002-staging.brandmovers.co/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60c6bec0033a424572cfdf7da1d5fb94f4719286006a7f2cb9e76ee24d99babf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mcrd23002-staging.brandmovers.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 09 Jun 2024 08:13:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
1027695
x-jsd-version
5.3.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17719
x-served-by
cache-fra-etou8220085-FRA
x-jsd-version-type
version
etag
W/"eca1-s8rO+fzPpCquvWHwRvISPspZiXM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.dataTables.js
cdn.datatables.net/1.13.6/js/ 		446 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/1.13.6/js/jquery.dataTables.js
Requested by
Host: mcrd23002-staging.brandmovers.co
URL: https://mcrd23002-staging.brandmovers.co/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3387575de0f057a1a264be95bc60ef40134f87a72c94a6970c94d1b7491d297
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mcrd23002-staging.brandmovers.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 08:13:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4124893
last-modified
Fri, 19 Apr 2024 08:45:39 GMT
server
cloudflare
etag
W/"66222f33-6f9ef"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bGU1zFdNWBx7AHzPqNl8mhgKhdMny%2Bda%2F24n4uyfe4P%2FiBfu2kWQ61khjAcPpsGDI8I3e3o0RqWp1DMF%2FiYVBZH4Oibk6j38HMCyswDl2NP%2F1QGYEMEHTUPuQJahtJ4tP035t3oARnrpfw7q3pXzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
x-frame-options
SAMEORIGIN
cf-ray
890fa9efc9b31ee7-AMS
access-control-allow-headers
origin, x-requested-with, content-type
expires
Thu, 31 Dec 2037 23:55:55 GMT
customer-details
mcrd23002-staging.brandmovers.co/api/bank-accounts/ 		610 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcrd23002-staging.brandmovers.co/api/bank-accounts/customer-details
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.218.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-218-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f72a8dee4091e9f529ebb08ca5a410c151eb1180dfc5b87ab914bcb530bce31b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mcrd23002-staging.brandmovers.co/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 08:13:42 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
X-RateLimit-Remaining
59
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
X-RateLimit-Limit
60
Connection
keep-alive
Keep-Alive
timeout=15
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
favicon.ico
mcrd23002-staging.brandmovers.co/ 		0
556 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mcrd23002-staging.brandmovers.co/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.218.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-218-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mcrd23002-staging.brandmovers.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 08:13:41 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
0
Last-Modified
Thu, 30 May 2024 16:28:40 GMT
Server
nginx
ETag
"6658a938-0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/x-icon
Access-Control-Allow-Origin
https://mcrd23002-staging.brandmovers.co
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bank-accounts
mcrd23002-staging.brandmovers.co/api/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcrd23002-staging.brandmovers.co/api/bank-accounts
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.218.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-218-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2d55d587eb755f1d56302c39c88afe78fbc26ec6b1d71d493328ac53de1a2237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://mcrd23002-staging.brandmovers.co/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 08:13:43 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
X-RateLimit-Remaining
58
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
X-RateLimit-Limit
60
Connection
keep-alive
Keep-Alive
timeout=15
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
point-details
mcrd23002-staging.brandmovers.co/api/bank-accounts/ 		0
0
Rewards+-+Credit+Platinum.png
s-site-mcrd23-assets.s3.amazonaws.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-site-mcrd23-assets.s3.amazonaws.com/Rewards+-+Credit+Platinum.png
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.216.153.100 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c27ffbcd3a5a41da6fdbfc4f146db92fdd3fcae73958fb8fc56185411e1a0e2e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mcrd23002-staging.brandmovers.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 08:13:44 GMT
Last-Modified
Wed, 03 Jan 2024 14:55:41 GMT
Server
AmazonS3
x-amz-request-id
YSN15P5GG22EVGDQ
ETag
"aa01a6ded341d5325aeb2943d666354f"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1074015
x-amz-id-2
38YooYKlwpAHCQe39cOunCNbnE24ouPp+SoXAB4gQoXgPJ04/0jGHN6sY7arqUPOmYeAnW4zhOk=
Rewards+-+Credit+Titanium.png
s-site-mcrd23-assets.s3.amazonaws.com/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-site-mcrd23-assets.s3.amazonaws.com/Rewards+-+Credit+Titanium.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.153.100 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5ae2f1e65dd51ba3f1a0795372bf7ac91ba5b0d2036ec0a8ba1e8e030dc34e83

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mcrd23002-staging.brandmovers.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 08:13:44 GMT
Last-Modified
Wed, 03 Jan 2024 14:41:41 GMT
Server
AmazonS3
x-amz-request-id
YSNAPWH3S9JK7GA8
ETag
"088eec902b3ed884aa58edd68425c9d1"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
38104
x-amz-id-2
mscA1m7+I7WzyTUY35SBaVN1IxGksJcAWM0oN2pdQ4LDwTto0sJricCzKTzYKhTUqcyQ1aCH2PA=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mcrd23002-staging.brandmovers.co
URL
https://mcrd23002-staging.brandmovers.co/api/bank-accounts/point-details

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getQueryStringParameterByKey string| AuthInfo function| $ function| jQuery number| uidEvent object| bootstrap function| DataTable

2 Cookies

Domain/Path Name / Value
mcrd23002-staging.brandmovers.co/ Name: XSRF-TOKEN
Value: eyJpdiI6IkxLTGRBcFI1Y24vMlA4Z3VNMFJPcWc9PSIsInZhbHVlIjoiRm02aVc0ZXl6WHFJVmpuWWhPQjV0TUpiWGlISWpXcVlzcGR6U0FZaVR4Q0pzSlJ3RTI5SEN4M2JXUFdZNmNjTEFqYlI0OENydVZNNjRaMmlFN2JYb1FmaWd5Rk5pMWFxcmlrYlJYeHZEdE83NjhYRHFnbCtaNGpFRWFLc2hsNXIiLCJtYWMiOiJlZTVmODlkOWRkZWI4MGI4NmU3YjYxZjEyMGFkMzc4NjdhYzg2Yjk5MGE3M2JjZWEzYzJiMTE0NDJiMzM2ZTRhIiwidGFnIjoiIn0%3D
mcrd23002-staging.brandmovers.co/ Name: security_bank_widget_session
Value: eyJpdiI6IlZid2pKbUQyMm9yS0pVNU52aFN4RGc9PSIsInZhbHVlIjoiUjduMDRQd2dwVHU1RWJUNUNJTVV2NmxvZ2hEdXA1VTlNcHF0SmpVUndLOHY5dDNPSkt6VHZyMFBxTGc4TWdxSXg2STEwQWt0SFBYNkFUaVZ6UUVoOW1hSTlaU1NmeWo1L1M5NEFGaFlXTTd1RCtSbWt4NDdSQ2h2QlZ1bWFYblEiLCJtYWMiOiI4NDgzYmQyOTViNTU5ZmNlMWIwODFjMTg1YjdmNzQzZjBmNDAwNDE4YjIyZDc2MzljNzQyNGFiMDA2NTc2MWFlIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block