urlscan.io logo urlscan.io
SecurityTrails logo

mcdonalds-uk-roi.brandm8.com Open in urlscan Pro
2620:1ec:bdf::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mcdonalds-uk-roi.brandm8.com/
Effective URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Submission: On November 10 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mcdonalds-uk-roi.brandm8.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 30th 2023. Valid for: a year.
This is the only time mcdonalds-uk-roi.brandm8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2620:1ec:46::45 8075 (MICROSOFT...)
1 12 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 20.60.32.36 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.212 8075 (MICROSOFT...)
19 6
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mcdonalds-uk-roi.brandm8.com
js.monitor.azure.com
12    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mcdonalds-uk-roi.brandm8.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    20.60.32.36 (Melbourne, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
brandm8.blob.core.windows.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
13 brandm8.com
mcdonalds-uk-roi.brandm8.com
2 MB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 793
282 B
2 gstatic.com
fonts.gstatic.com
16 KB
2 windows.net
brandm8.blob.core.windows.net
6 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1535
56 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
968 B
19 6
Domain Requested by
13 mcdonalds-uk-roi.brandm8.com 2 redirects mcdonalds-uk-roi.brandm8.com
2 dc.services.visualstudio.com js.monitor.azure.com
2 fonts.gstatic.com fonts.googleapis.com
2 brandm8.blob.core.windows.net mcdonalds-uk-roi.brandm8.com
1 js.monitor.azure.com mcdonalds-uk-roi.brandm8.com
1 fonts.googleapis.com mcdonalds-uk-roi.brandm8.com
19 6

This site contains links to these domains. Also see Links.

Domain
brandmate.app
Subject Issuer Validity Valid
*.brandm8.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-30 -
2024-09-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2023-09-27 -
2024-09-27		 a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-20 -
2024-09-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-02 -
2024-08-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Frame ID: A406E93E9B09A9128F47883A7238C2C6
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://mcdonalds-uk-roi.brandm8.com/ HTTP 308
    https://mcdonalds-uk-roi.brandm8.com/ HTTP 302
    https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

2614 kB
Transfer

8196 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mcdonalds-uk-roi.brandm8.com/ HTTP 308
    https://mcdonalds-uk-roi.brandm8.com/ HTTP 302
    https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
mcdonalds-uk-roi.brandm8.com/Account/
Redirect Chain
  • http://mcdonalds-uk-roi.brandm8.com/
  • https://mcdonalds-uk-roi.brandm8.com/
  • https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
12 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
53b275a905c8009c20329957979f532b7f4d7e42ea9a10b104166f4c2489cee8
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SameOrigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache,no-store
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-type
text/html; charset=utf-8
date
Fri, 10 Nov 2023 09:25:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
strict-transport-security
max-age=15724800; includeSubDomains
x-azure-ref
20231110T092543Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a460
x-cache
PRIVATE_NOSTORE
x-content-type-options
nosniff
x-frame-options
SameOrigin
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
date
Fri, 10 Nov 2023 09:25:43 GMT
location
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
referrer-policy
no-referrer-when-downgrade
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
strict-transport-security
max-age=15724800; includeSubDomains
x-azure-ref
20231110T092543Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a45s
x-cache
TCP_MISS
x-content-type-options
nosniff
x-frame-options
SameOrigin
x-xss-protection
1; mode=block
layoutcss.min.css
mcdonalds-uk-roi.brandm8.com/css/ 		869 KB
176 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/css/layoutcss.min.css?v=x6WsrFrOuwiRTDA0VoPk0QsAytfWDELnF16t2x2rOR0
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c7a5acac5acebb08914c30345683e4d10b00cad7d60c42e7175eaddb1dab391d
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Nov 2023 02:17:42 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-encoding
br
etag
W/"1da10576bfd7526"
vary
Accept-Encoding
x-azure-ref
20231110T092544Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a476
content-type
text/css
x-cache
TCP_HIT
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
css2
fonts.googleapis.com/ 		5 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe178c8c3c40bfe2dd09722ef070949b250e6c8353fe19b90b7c837a4a209138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Nov 2023 09:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 09:15:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Nov 2023 09:25:44 GMT
shims.js
mcdonalds-uk-roi.brandm8.com/js/ 		221 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/js/shims.js?v=O4YwTInltNuXQuymBCstjCJz7756vUSxspFzV7BiQd8
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b86304c89e5b4db9742eca6042b2d8c2273efbe7abd44b1b2917357b06241df
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Nov 2023 02:17:42 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-encoding
br
etag
W/"1da10576bf39513"
vary
Accept-Encoding
x-azure-ref
20231110T092544Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a477
content-type
text/javascript
x-cache
TCP_HIT
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
corelibs.min.js
mcdonalds-uk-roi.brandm8.com/js/ 		272 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/js/corelibs.min.js?v=5dYAT4Rg7-r3lljkEGiSahhmX4heWrOl3ud_f5ZpDlw
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5d6004f8460efeaf79658e41068926a18665f885e5ab3a5dee77f7f96690e5c
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Nov 2023 02:17:43 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-encoding
br
etag
W/"1da10576c8d3c58"
vary
Accept-Encoding
x-azure-ref
20231110T092544Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a478
content-type
text/javascript
x-cache
TCP_HIT
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
bootbox.min.js
mcdonalds-uk-roi.brandm8.com/lib/bootbox/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/lib/bootbox/bootbox.min.js?v=WidHHyJ9LAigXgheMUncgNXK-_Uib59llMPuvimPgWI
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a27471f227d2c08a05e085e3149dc80d5cafbf5226f9f6594c3eebe298f8162
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Aug 2023 00:00:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-encoding
br
etag
W/"1d9d942b9a7d289"
vary
Accept-Encoding
x-azure-ref
20231110T092544Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a479
content-type
text/javascript
x-cache
TCP_HIT
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
excelexport.js
mcdonalds-uk-roi.brandm8.com/js/ 		3 MB
707 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/js/excelexport.js?v=fyPWzTEDwXCKtO39Scq-rIK74bQuJWqK7XG0KN60t4E
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f23d6cd3103c1708ab4edfd49cabeac82bbe1b42e256a8aed71b428deb4b781
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Nov 2023 02:17:49 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-encoding
br
etag
W/"1da105770352dcd"
vary
Accept-Encoding
x-azure-ref
20231110T092544Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a47a
content-type
text/javascript
x-cache
TCP_HIT
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
devextreme.min.js
mcdonalds-uk-roi.brandm8.com/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/js/devextreme.min.js?v=_VwjFgA3ETG4QkyOYZa9J7gEhAiHBhakQXdgqeKUa6o
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fd5c231600371131b8424c8e6196bd27b8048408870616a4417760a9e2946baa
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Nov 2023 02:17:49 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-encoding
br
etag
W/"1da10577020d543"
vary
Accept-Encoding
x-azure-ref
20231110T092544Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a47b
content-type
text/javascript
x-cache
TCP_HIT
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
corejs.min.js
mcdonalds-uk-roi.brandm8.com/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/js/corejs.min.js?v=-ZLoaj6FbqB0DDl1Zpos7u1tuNvxt_tcSwsfro3imf4
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f992e86a3e856ea0740c3975669a2ceeed6db8dbf1b7fb5c4b0b1fae8de299fe
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Nov 2023 02:17:43 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-encoding
br
etag
W/"1da10576c893adb"
vary
Accept-Encoding
x-azure-ref
20231110T092544Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a47c
content-type
text/javascript
x-cache
TCP_HIT
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
BrandMate-Logo-Nav.png
mcdonalds-uk-roi.brandm8.com/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcdonalds-uk-roi.brandm8.com/images/BrandMate-Logo-Nav.png
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
613d2ccc61ae5899f8bda2deb512a006b55d747b17ceddfc236f2a4ca61c19b3
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Aug 2023 00:00:59 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
etag
"1d9d942b9a7c0c1"
x-azure-ref
20231110T092544Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a47d
x-cache
TCP_HIT
content-type
image/png
accept-ranges
bytes
content-length
12097
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
flag-of-united-kingdom-flat.png
brandm8.blob.core.windows.net/mcdonalds-uk/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandm8.blob.core.windows.net/mcdonalds-uk/flag-of-united-kingdom-flat.png
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.32.36 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
981774283a79278926029bd38e20cf2839ad712f66aad72c6f7cc986ac5245df

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 10 Nov 2023 09:25:44 GMT
Last-Modified
Thu, 29 Jul 2021 05:49:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VBS7nnWPg3i+KjC/k8OE0w==
ETag
0x8D95254B02C32FC
Content-Type
image/png
x-ms-request-id
bdf2ca33-901e-0004-6db7-137ebd000000
x-ms-version
2009-09-19
Content-Length
3310
flag-of-ireland-flat.png
brandm8.blob.core.windows.net/mcdonalds-uk/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandm8.blob.core.windows.net/mcdonalds-uk/flag-of-ireland-flat.png
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.32.36 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
caae59c4cbddbe68e2f76b67a1c319bc72ec3bca9c10946ed79eb70ce5657495

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 10 Nov 2023 09:25:44 GMT
Last-Modified
Thu, 29 Jul 2021 05:49:50 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Per3uxokY74FvdXhYaKhvQ==
ETag
0x8D95254AE1C7BCC
Content-Type
image/png
x-ms-request-id
8f5533c9-701e-0051-5eb7-136e36000000
x-ms-version
2009-09-19
Content-Length
2032
jqueryvalidation.min.js
mcdonalds-uk-roi.brandm8.com/js/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/js/jqueryvalidation.min.js
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb7542a163fe4418737226977c563ee02415849fc264dc24c3e9bc4d52e00f5d
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Nov 2023 02:17:49 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
content-encoding
br
etag
W/"1da1057701d7462"
vary
Accept-Encoding
x-azure-ref
20231110T092545Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a4ea
content-type
text/javascript
x-cache
TCP_HIT
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		120 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
Origin
https://mcdonalds-uk-roi.brandm8.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:47 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver
2.8.16
vary
Accept-Encoding
x-azure-ref
20231110T092547Z-2gvxa90npd0vmen0q8xg741gu800000000kg000000001wvk
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b8ed3240-c01e-007a-0ab6-12649e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.16.min.js
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mcdonalds-uk-roi.brandm8.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 07:17:28 GMT
x-content-type-options
nosniff
age
7699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 07:17:28 GMT
fa-solid-900.woff2
mcdonalds-uk-roi.brandm8.com/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mcdonalds-uk-roi.brandm8.com/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: mcdonalds-uk-roi.brandm8.com
URL: https://mcdonalds-uk-roi.brandm8.com/css/layoutcss.min.css?v=x6WsrFrOuwiRTDA0VoPk0QsAytfWDELnF16t2x2rOR0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mcdonalds-uk-roi.brandm8.com/css/layoutcss.min.css?v=x6WsrFrOuwiRTDA0VoPk0QsAytfWDELnF16t2x2rOR0
Origin
https://mcdonalds-uk-roi.brandm8.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:25:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Aug 2023 00:01:00 GMT
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
etag
"1d9d942ba41b774"
x-azure-ref
20231110T092547Z-upb3hcba3h6ptetws7hqvzscun00000000pg00000000a4ph
x-cache
TCP_HIT
content-type
font/woff2
accept-ranges
bytes
content-length
78196
request-context
appId=cid-v1:b4f4e5f9-abc3-45f1-8d2d-4ffdc08db45b
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mcdonalds-uk-roi.brandm8.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:56:09 GMT
x-content-type-options
nosniff
age
52178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 18:56:09 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://mcdonalds-uk-roi.brandm8.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 10 Nov 2023 09:25:48 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8756efc5611005c72d9258b4ecd761472734112cf1a2530fa6fc94883ccfab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://mcdonalds-uk-roi.brandm8.com/Account/Login?ReturnUrl=%2F
accept-language
en-GB,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
7D6153DD-EBA8-44EE-9FB4-0AB9A090CED3
strict-transport-security
max-age=31536000
date
Fri, 10 Nov 2023 09:25:48 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| returnExports function| $ function| jQuery object| bootstrap object| ko object| bootbox object| regeneratorRuntime object| ExcelJS function| saveAs object| FileSaver function| JSZip object| DevExpress function| iU function| ProcessGuidStack function| NewGuid function| generateUUID function| CDATA_Section function| isChecked function| cancelEvent function| AddErrorFlashMessage function| AddSuccessFlashMessage function| FindParentByType function| setGenericML function| getTextFromLangList function| triggerTooltip function| grid_onexport function| SaveModalDialog string| SelectedVariableContext function| ValidationError object| Common function| setOtherOptionsAttributes object| GuidList object| GuidRequestCallBacks boolean| GuidLoadInProgress function| ShowLoadingSpinner function| ShowLoading function| ShowSaving function| ShowPleaseWait boolean| helpOn function| toggleHelp function| LoadHelpId function| ShowVariablePicker function| SelectVariable object| LocalStoreCache function| FillStoreCache function| BulkFillUserCache function| GetStoreDetails object| LocalConceptCache function| GetConceptDetails object| LocalUserCache function| GetUserDetails object| LocalUserGroupCache function| FillUserGroupCache function| GetUserGroupDetails function| MLGenericTextModel object| appInsights object| Microsoft object| __dynProto$Gbl

3 Cookies

Domain/Path Name / Value
mcdonalds-uk-roi.brandm8.com/ Name: .AspNetCore.Antiforgery.URVeYzm99qk
Value: CfDJ8JBDmQyAHWdOiBRb2Ii8GNg5ZYgtviEG51wQ8P56_h3EbL9TsbSE-2WoRbd4xQbbjELJEnFZGORVjMlLcrCEnXSyF8uHGCnPKBBAc86yYpfvVotJUd3Pr9qepfOsFCb05cju-osbn-BDVphJWtRDKyc
mcdonalds-uk-roi.brandm8.com/ Name: ai_user
Value: XHEbRtLhYhDQMVfVTuEArt|2023-11-10T09:25:48.019Z
mcdonalds-uk-roi.brandm8.com/ Name: ai_session
Value: MsTQvuo01gLVQqY5GEqJcS|1699608348140|1699608348140

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' az416426.vo.msecnd.net *.googleapis.com js.monitor.azure.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: *.gstatic.com *.googleapis.com brandm8.blob.core.windows.net api.brandm8.com;frame-src 'self' data: app.powerbi.com api.brandm8.com;font-src 'self' fonts.gstatic.com;connect-src 'self' dc.services.visualstudio.com *.applicationinsights.azure.com api.brandm8.com gas.mcd.com;frame-ancestors 'self' api.brandm8.com
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SameOrigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brandm8.blob.core.windows.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
js.monitor.azure.com
mcdonalds-uk-roi.brandm8.com
13.69.106.212
20.60.32.36
2620:1ec:46::45
2620:1ec:bdf::45
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
3b86304c89e5b4db9742eca6042b2d8c2273efbe7abd44b1b2917357b06241df
53b275a905c8009c20329957979f532b7f4d7e42ea9a10b104166f4c2489cee8
5a27471f227d2c08a05e085e3149dc80d5cafbf5226f9f6594c3eebe298f8162
613d2ccc61ae5899f8bda2deb512a006b55d747b17ceddfc236f2a4ca61c19b3
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f23d6cd3103c1708ab4edfd49cabeac82bbe1b42e256a8aed71b428deb4b781
981774283a79278926029bd38e20cf2839ad712f66aad72c6f7cc986ac5245df
c7a5acac5acebb08914c30345683e4d10b00cad7d60c42e7175eaddb1dab391d
caae59c4cbddbe68e2f76b67a1c319bc72ec3bca9c10946ed79eb70ce5657495
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d8756efc5611005c72d9258b4ecd761472734112cf1a2530fa6fc94883ccfab1
e5d6004f8460efeaf79658e41068926a18665f885e5ab3a5dee77f7f96690e5c
eb7542a163fe4418737226977c563ee02415849fc264dc24c3e9bc4d52e00f5d
f992e86a3e856ea0740c3975669a2ceeed6db8dbf1b7fb5c4b0b1fae8de299fe
fd5c231600371131b8424c8e6196bd27b8048408870616a4417760a9e2946baa
fe178c8c3c40bfe2dd09722ef070949b250e6c8353fe19b90b7c837a4a209138