urlscan.io logo urlscan.io
SecurityTrails logo

aggregation-yourbank-stage.moven.com Open in urlscan Pro
3.92.109.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aggregation-yourbank-stage.moven.com/
Effective URL: https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Submission: On May 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 3.92.109.160, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is aggregation-yourbank-stage.moven.com.
TLS certificate: Issued by R3 on May 10th 2024. Valid for: 3 months.
This is the only time aggregation-yourbank-stage.moven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 3.92.109.160 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.67.139.119 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
12 7
5    3.92.109.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-109-160.compute-1.amazonaws.com
aggregation-yourbank-stage.moven.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
5 moven.com
aggregation-yourbank-stage.moven.com
273 KB
3 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1866
ka-f.fontawesome.com — Cisco Umbrella Rank: 4530
435 KB
2 gstatic.com
fonts.gstatic.com
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
995 B
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3044
21 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
30 KB
12 6
Domain Requested by
5 aggregation-yourbank-stage.moven.com 1 redirects aggregation-yourbank-stage.moven.com
2 fonts.gstatic.com fonts.googleapis.com
2 ka-f.fontawesome.com kit.fontawesome.com
1 fonts.googleapis.com aggregation-yourbank-stage.moven.com
1 kit.fontawesome.com aggregation-yourbank-stage.moven.com
1 stackpath.bootstrapcdn.com aggregation-yourbank-stage.moven.com
1 code.jquery.com aggregation-yourbank-stage.moven.com
12 7

This site contains no links.

Subject Issuer Validity Valid
aggregation-yourbank-stage.moven.com
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Frame ID: 4219A7FB628DBEDCD7AA85332C44BB66
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Moven Aggregation [yourbank-stage]

Page URL History Show full URLs

  1. https://aggregation-yourbank-stage.moven.com/ HTTP 302
    https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

802 kB
Transfer

1666 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aggregation-yourbank-stage.moven.com/ HTTP 302
    https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
aggregation-yourbank-stage.moven.com/auth/
Redirect Chain
  • https://aggregation-yourbank-stage.moven.com/
  • https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.109.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-109-160.compute-1.amazonaws.com
Software
/
Resource Hash
ec4e8cd32346d39b39eac571fd634dee834eb14165d39b07fe53b17492c61afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
1677
Content-Type
text/html; charset=utf-8
Date
Fri, 10 May 2024 21:42:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains

Redirect headers

Connection
keep-alive
Content-Length
81
Content-Type
text/html; charset=utf-8
Date
Fri, 10 May 2024 21:42:17 GMT
Location
/auth/login.html?next=%2F
Strict-Transport-Security
max-age=31536000; includeSubDomains
style.css
aggregation-yourbank-stage.moven.com/css/ 		177 KB
178 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aggregation-yourbank-stage.moven.com/css/style.css
Requested by
Host: aggregation-yourbank-stage.moven.com
URL: https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.109.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-109-160.compute-1.amazonaws.com
Software
/
Resource Hash
27742580032a820a55fac51d700aa4d668212f6c9c3688e7c3df9031f1d5ae07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 21:42:17 GMT
Cache-Control
max-age=86400
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 11 Apr 2024 13:21:32 GMT
Connection
keep-alive
Content-Length
181623
Content-Type
text/css; charset=utf-8
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: aggregation-yourbank-stage.moven.com
URL: https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/
Origin
https://aggregation-yourbank-stage.moven.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:42:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
20576733
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-mxp6977-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1715377337.464036,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
35, 31719
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.2/js/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.2/js/bootstrap.bundle.min.js
Requested by
Host: aggregation-yourbank-stage.moven.com
URL: https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6249266ea92f60bbb67c338022758e4f5adfbcac60c4d57dd16a9b25f489343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:42:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
age
13968048
cdn-cachedat
09/21/2023 19:27:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"fb63ebd7050580f171cb88b16f94e00c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
99a16c0db7f4862cecf5567335f44702
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
881d1926dac9bf88-WAW
cdn-requestpullsuccess
True
e5f27bd1b1.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/e5f27bd1b1.js
Requested by
Host: aggregation-yourbank-stage.moven.com
URL: https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f0ed24d49f735d756c61c1f5d26688e0a234b5019c8fb60e247d60323aa540

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/
Origin
https://aggregation-yourbank-stage.moven.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:42:17 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
881d19270bd28f41-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F84-max8hTXS0JwV1RLi
favicon.svg
aggregation-yourbank-stage.moven.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aggregation-yourbank-stage.moven.com/favicon.svg
Requested by
Host: aggregation-yourbank-stage.moven.com
URL: https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.109.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-109-160.compute-1.amazonaws.com
Software
/
Resource Hash
feb2d3c76d726c3c24ed7c1e9e56187d779a4ccf903d13efe0675ff9208ddd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 21:42:17 GMT
Cache-Control
max-age=86400
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 11 Apr 2024 13:21:32 GMT
Connection
keep-alive
Content-Length
4198
Content-Type
image/svg+xml
css2
fonts.googleapis.com/ 		5 KB
995 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,600;1,400;1,600&display=swap
Requested by
Host: aggregation-yourbank-stage.moven.com
URL: https://aggregation-yourbank-stage.moven.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05e1d6c736d92dfbfb0b25909633cce1fbe3f2124f7cb34b3e09a75cf4a1a3f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 May 2024 21:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 May 2024 21:42:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 May 2024 21:42:18 GMT
free-v4-shims.min.js
ka-f.fontawesome.com/releases/v5.15.4/js/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/js/free-v4-shims.min.js?token=e5f27bd1b1
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e5f27bd1b1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550b2edb27bbe4bb79b74b464f26770dabec71527c4508676f67ec1ca981bef6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:42:18 GMT
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"da4227cf1e84c37056b854e5ea53863a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnnIfhfjybS2mAnyHc0BiffuyNM6M8jb644L9t30FNYniYVpddubMkBHE4egfiyftRma2ZSlYJ2cyUV2WnrKB5yA7Ex1A2K86x8k%2B7ivna86GrSg5P%2FuuBLj4UOHZEhllTRXs3Hn3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
881d192b6ac465dc-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
iuWuspMcO1qrhdOdwJuLyKUT20NgzF9X0LVTDQ_LHf2m9yolBZbKkg==
free.min.js
ka-f.fontawesome.com/releases/v5.15.4/js/ 		1 MB
426 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/js/free.min.js?token=e5f27bd1b1
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e5f27bd1b1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa86f69ce9347b3e57d75b59267733c91edd31e175305d37f0f55c2633bb5a07

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:42:18 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
VIE50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"736ac10fbfffa53b1fb75fbebdd7ff88"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZrvs5mmpnF%2FwqxiMgTvcPSbhEe5dMdO7NYWaInYN%2FTLAf75bt6Q58o8Zyf%2BaMkeU7OA3JyXPDl9Hdv7lJVYODLbSOVIEgp0CTOVUQB9wvDC2ot3rgwiGKphQqxgBBa92yS68mLCsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
881d192b6ac265dc-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
k4UfcRoHrOYRsINik_BxH8QnP9TudIme1kpj12Q44WbnK2XACNdJxQ==
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,600;1,400;1,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://aggregation-yourbank-stage.moven.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 19:32:23 GMT
x-content-type-options
nosniff
age
353395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 May 2025 19:32:23 GMT
7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,600;1,400;1,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://aggregation-yourbank-stage.moven.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:46:56 GMT
x-content-type-options
nosniff
age
309322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21796
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:35:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:46:56 GMT
favicon.ico
aggregation-yourbank-stage.moven.com/ 		88 KB
88 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aggregation-yourbank-stage.moven.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.109.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-109-160.compute-1.amazonaws.com
Software
/
Resource Hash
f05c2e5e8552e466dda729fcfc37006fcd1355805fc504b071a857ebf3ce70b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://aggregation-yourbank-stage.moven.com/auth/login.html?next=%2F
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 21:42:18 GMT
Cache-Control
max-age=86400
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 11 Apr 2024 13:21:32 GMT
Connection
keep-alive
Content-Length
90022
Content-Type
image/vnd.microsoft.icon

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| FontAwesomeKitConfig function| a object| ___FONT_AWESOME___ object| fontawesome-free-shims object| FontAwesomeConfig object| FontAwesome

4 Cookies

Domain/Path Name / Value
aggregation-yourbank-stage.moven.com/ Name: x-moven-device-id
Value: device_id_bb5d61fc23fc485aaad4feee67ea2c2c_tmw
aggregation-yourbank-stage.moven.com/ Name: x-moven-device-id.sig
Value: f9lgEJMq5ZvtHnnsgasLUTuD6o4
aggregation-yourbank-stage.moven.com/ Name: _jsessionid
Value: eyJmbGFzaCI6e30sIl9leHBpcmUiOjE3MTUzNzkxMzcyNzMsIl9tYXhBZ2UiOjE4MDAwMDB9
aggregation-yourbank-stage.moven.com/ Name: _jsessionid.sig
Value: QfftoDvnvFm1DOhwEWzQp99pDW4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains