Submitted URL: http://codman-exploration.swab.test.nl.mrdm.com/
Effective URL: https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2d...
Submission Tags: @phish_report
Submission: On October 06 via api from FI — Scanned from NL

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6813:9913, located in United States and belongs to CLOUDFLARENET, US. The main domain is accounts-test.mrdm.io.
TLS certificate: Issued by E6 on August 31st 2024. Valid for: 3 months.
This is the only time accounts-test.mrdm.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 34.90.148.19 396982 (GOOGLE-CL...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
1 2600:9000:235... 16509 (AMAZON-02)
1 2 104.199.42.204 15169 (GOOGLE)
18 5
Apex Domain
Subdomains
Transfer
13 mrdm.com
codman-exploration.swab.test.nl.mrdm.com
exploration-reporting.swab.test.nl.mrdm.com
4 MB
3 mrdm.io
accounts-test.mrdm.io
39 KB
2 mrdm.nl
mrdm.nl
3 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6411
63 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
31 KB
18 5
Domain Requested by
11 codman-exploration.swab.test.nl.mrdm.com codman-exploration.swab.test.nl.mrdm.com
3 accounts-test.mrdm.io 1 redirects codman-exploration.swab.test.nl.mrdm.com
2 mrdm.nl 1 redirects accounts-test.mrdm.io
2 exploration-reporting.swab.test.nl.mrdm.com codman-exploration.swab.test.nl.mrdm.com
1 cdn.auth0.com accounts-test.mrdm.io
1 code.jquery.com accounts-test.mrdm.io
18 6

This site contains links to these domains. Also see Links.

Domain
support.mrdm.com
Subject Issuer Validity Valid
codman-exploration.swab.test.nl.mrdm.com
R10
2024-10-06 -
2025-01-04
3 months crt.sh
exploration-reporting.swab.test.nl.mrdm.com
R11
2024-08-18 -
2024-11-16
3 months crt.sh
accounts-test.mrdm.io
E6
2024-08-31 -
2024-11-29
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.auth0.com
Amazon RSA 2048 M03
2024-01-25 -
2025-02-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4YmJiWkFWOEhmTnFBZURzM2NTTHI5d01rQkg
Frame ID: 5C7CBDDCEF3A1FE4BFA46BE6B1FFCCA0
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Log in | Codman Exploration

Page URL History Show full URLs

  1. http://codman-exploration.swab.test.nl.mrdm.com/ HTTP 307
    https://codman-exploration.swab.test.nl.mrdm.com/ Page URL
  2. https://accounts-test.mrdm.io/authorize?client_id=l70dLxbbbZAV8HfNqAeDs3cSLr9wMkBH&scope=openid+profile+em... HTTP 302
    https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

3788 kB
Transfer

18490 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://codman-exploration.swab.test.nl.mrdm.com/ HTTP 307
    https://codman-exploration.swab.test.nl.mrdm.com/ Page URL
  2. https://accounts-test.mrdm.io/authorize?client_id=l70dLxbbbZAV8HfNqAeDs3cSLr9wMkBH&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fcodman-exploration.swab.test.nl.mrdm.com&audience=https%3A%2F%2Fcodman.mrdm.io&response_type=code&response_mode=query&state=bGRvRnoyVnVMQWYxSjA1YmwwMXFsNHZDRmNZZGI4NzF%2BUzhPcDZwZnpGaw%3D%3D&nonce=eE9tLXdIRk1wQnNsY0Vfd01Zay5FVi1tTnhuNFJUSTM3TUtlbXlsWS5MUw%3D%3D&code_challenge=HJPxNz7wjomB5sBiQL6vaC_yknjkEuo3dissn1qyxNM&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMS4yIn0%3D HTTP 302
    https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4YmJiWkFWOEhmTnFBZURzM2NTTHI5d01rQkg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://codman-exploration.swab.test.nl.mrdm.com/ HTTP 307
  • https://codman-exploration.swab.test.nl.mrdm.com/
Request Chain 15
  • https://mrdm.nl/wp-content/themes/mrdm/assets/img/logo.svg HTTP 301
  • https://mrdm.nl/files/auth0/logo.svg

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
codman-exploration.swab.test.nl.mrdm.com/
Redirect Chain
  • http://codman-exploration.swab.test.nl.mrdm.com/
  • https://codman-exploration.swab.test.nl.mrdm.com/
828 B
675 B
Document
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
054a1852565c957a290afe58d190410d6a1fa15923eea62191424ceb44e5feea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,public,must-revalidate,proxy-revalidate
content-encoding
gzip
content-type
text/html
date
Sun, 06 Oct 2024 16:28:37 GMT
etag
W/"66fd52ce-33c"
last-modified
Wed, 02 Oct 2024 14:03:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

Location
https://codman-exploration.swab.test.nl.mrdm.com/
Non-Authoritative-Reason
HttpsUpgrades
styles.css
codman-exploration.swab.test.nl.mrdm.com/
407 KB
50 KB
Stylesheet
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/styles.css
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
d1fdebbc824f1d7ae95e6322370559b029a4c0629c72d84235d31527805125b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
etag
W/"66fd52cc-65a21"
referrer-policy
strict-origin-when-cross-origin
date
Sun, 06 Oct 2024 16:28:37 GMT
content-type
text/css
last-modified
Wed, 02 Oct 2024 14:03:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
runtime.js
codman-exploration.swab.test.nl.mrdm.com/
13 KB
3 KB
Script
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/runtime.js
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
da28c9537dbd90b860a35f47ffec54ef8dd3b703fd5111d0982820be06870481
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://codman-exploration.swab.test.nl.mrdm.com
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
etag
W/"66fd52cc-3347"
referrer-policy
strict-origin-when-cross-origin
date
Sun, 06 Oct 2024 16:28:37 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 14:03:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
polyfills.js
codman-exploration.swab.test.nl.mrdm.com/
1 MB
290 KB
Script
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/polyfills.js
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
a241f9f5b9697a93dbe9a9c2974612a9078241f5526e42e8f510548af7ac7bf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://codman-exploration.swab.test.nl.mrdm.com
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
etag
W/"66fd52cc-13e586"
referrer-policy
strict-origin-when-cross-origin
date
Sun, 06 Oct 2024 16:28:37 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 14:03:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
vendor.js
codman-exploration.swab.test.nl.mrdm.com/
15 MB
3 MB
Script
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/vendor.js
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
c551273cf4d19076cb436b0b7f32034757c0a8d177d68856379ff6725a35a9ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://codman-exploration.swab.test.nl.mrdm.com
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
etag
W/"66fd52cc-ec0d10"
referrer-policy
strict-origin-when-cross-origin
date
Sun, 06 Oct 2024 16:28:37 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 14:03:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
main.js
codman-exploration.swab.test.nl.mrdm.com/
706 KB
96 KB
Script
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/main.js
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
b43b7118a141c25d94f20f6f1d1ad5fdd178b5a097457378117eae73bdf06647
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://codman-exploration.swab.test.nl.mrdm.com
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
etag
W/"66fd52cc-b074b"
referrer-policy
strict-origin-when-cross-origin
date
Sun, 06 Oct 2024 16:28:37 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 14:03:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
SourceSansPro-Regular.ttf
codman-exploration.swab.test.nl.mrdm.com/
287 KB
287 KB
Font
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/SourceSansPro-Regular.ttf
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://codman-exploration.swab.test.nl.mrdm.com
Referer
https://codman-exploration.swab.test.nl.mrdm.com/styles.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400, public
etag
"66fd52cc-47a8c"
expires
Mon, 07 Oct 2024 16:28:37 GMT
accept-ranges
bytes
content-length
293516
date
Sun, 06 Oct 2024 16:28:37 GMT
content-type
application/octet-stream
last-modified
Wed, 02 Oct 2024 14:03:56 GMT
env-settings.json
codman-exploration.swab.test.nl.mrdm.com/assets/config/
1 KB
773 B
XHR
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/assets/config/env-settings.json
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache,public,must-revalidate,proxy-revalidate
content-encoding
gzip
etag
W/"6701e849-40c"
date
Sun, 06 Oct 2024 16:28:38 GMT
content-type
application/json
last-modified
Sun, 06 Oct 2024 01:30:49 GMT
vary
Accept-Encoding
en.json
codman-exploration.swab.test.nl.mrdm.com/localization/
72 KB
16 KB
XHR
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/localization/en.json
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache,public,must-revalidate,proxy-revalidate
content-encoding
gzip
etag
W/"66fd52cc-11e15"
date
Sun, 06 Oct 2024 16:28:39 GMT
content-type
application/json
last-modified
Wed, 02 Oct 2024 14:03:56 GMT
vary
Accept-Encoding
en
exploration-reporting.swab.test.nl.mrdm.com/localization/
41 KB
11 KB
XHR
General
Full URL
https://exploration-reporting.swab.test.nl.mrdm.com/localization/en
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
Content-Disposition
cache-control
no-store,no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
request-context
appId=cid-v1:6cd94c62-4d01-4f0c-9314-6dda1babe2d9
access-control-allow-origin
https://codman-exploration.swab.test.nl.mrdm.com
date
Sun, 06 Oct 2024 16:28:39 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
favicon.ico
codman-exploration.swab.test.nl.mrdm.com/
35 KB
35 KB
Other
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400, public
content-encoding
gzip
etag
W/"66fd52ce-8c46"
expires
Mon, 07 Oct 2024 16:28:39 GMT
date
Sun, 06 Oct 2024 16:28:39 GMT
content-type
image/x-icon
last-modified
Wed, 02 Oct 2024 14:03:58 GMT
vary
Accept-Encoding
nl-NL.json
codman-exploration.swab.test.nl.mrdm.com/localization/
100 KB
23 KB
XHR
General
Full URL
https://codman-exploration.swab.test.nl.mrdm.com/localization/nl-NL.json
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache,public,must-revalidate,proxy-revalidate
content-encoding
gzip
etag
W/"66fd52cc-18ee5"
date
Sun, 06 Oct 2024 16:28:39 GMT
content-type
application/json
last-modified
Wed, 02 Oct 2024 14:03:56 GMT
vary
Accept-Encoding
nl-NL
exploration-reporting.swab.test.nl.mrdm.com/localization/
43 KB
11 KB
XHR
General
Full URL
https://exploration-reporting.swab.test.nl.mrdm.com/localization/nl-NL
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.148.19 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.148.90.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://codman-exploration.swab.test.nl.mrdm.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
Content-Disposition
cache-control
no-store,no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
request-context
appId=cid-v1:6cd94c62-4d01-4f0c-9314-6dda1babe2d9
access-control-allow-origin
https://codman-exploration.swab.test.nl.mrdm.com
date
Sun, 06 Oct 2024 16:28:39 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
Primary Request identifier
accounts-test.mrdm.io/u/login/
Redirect Chain
  • https://accounts-test.mrdm.io/authorize?client_id=l70dLxbbbZAV8HfNqAeDs3cSLr9wMkBH&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fcodman-exploration.swab.test.nl.mrdm.com&audience=https%3A%2...
  • https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4Ym...
37 KB
37 KB
Document
General
Full URL
https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4YmJiWkFWOEhmTnFBZURzM2NTTHI5d01rQkg
Requested by
Host: codman-exploration.swab.test.nl.mrdm.com
URL: https://codman-exploration.swab.test.nl.mrdm.com/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8bb4d1a5b8981fa82eded0cb8e01f976fb85f2e683ef31bfb8311015d5b4cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://codman-exploration.swab.test.nl.mrdm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8ce7069cd83365f7-AMS
content-language
nl
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Sun, 06 Oct 2024 16:28:40 GMT
etag
W/"9265-MJLYs6hIas8/VMKcVM0HRql287s"
expires
Sun, 06 Oct 2024 16:28:39 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
365
x-auth0-requestid
22c46d0daa80a3d70fd1
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1728232126
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8ce7069aeda265f7-AMS
content-length
446
content-type
text/html; charset=utf-8
date
Sun, 06 Oct 2024 16:28:39 GMT
location
/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4YmJiWkFWOEhmTnFBZURzM2NTTHI5d01rQkg
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
b6d5a6b9e9bee5931fba
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1728232120
jquery-3.5.1.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: accounts-test.mrdm.io
URL: https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4YmJiWkFWOEhmTnFBZURzM2NTTHI5d01rQkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d84"
age
3388851
x-cache
HIT, HIT
date
Sun, 06 Oct 2024 16:28:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
275214, 38121
x-served-by
cache-lga21981-LGA, cache-ams21054-AMS
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1728232120.433378,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30879
server
nginx
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.98.0/css/
278 KB
63 KB
Stylesheet
General
Full URL
https://cdn.auth0.com/ulp/react-components/1.98.0/css/main.cdn.min.css
Requested by
Host: accounts-test.mrdm.io
URL: https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4YmJiWkFWOEhmTnFBZURzM2NTTHI5d01rQkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:be00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f51bfea694d99efdac2e8223be8bfa713bee494c44605fec6a2e721f992dce5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag
noindex
content-encoding
gzip
x-amz-version-id
luswKmXpm3BjsutKev5KrAldTKHN0L3q
etag
W/"f9b40d0f5e35dff7282c1da9eff1c3fc"
age
40728
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Geu43_5s7vyzN3BxCSAeeR2t2HiVGMUYgP2_x2knR5ktS78dtHSNzg==
date
Sun, 06 Oct 2024 05:09:53 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 14:22:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
FAILED
cache-control
max-age=86400
via
1.1 80b00aa2dcc58ca61b2465a37c89fc92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
logo.svg
mrdm.nl/files/auth0/
Redirect Chain
  • https://mrdm.nl/wp-content/themes/mrdm/assets/img/logo.svg
  • https://mrdm.nl/files/auth0/logo.svg
2 KB
3 KB
Image
General
Full URL
https://mrdm.nl/files/auth0/logo.svg
Requested by
Host: accounts-test.mrdm.io
URL: https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4YmJiWkFWOEhmTnFBZURzM2NTTHI5d01rQkg
Protocol
H2
Server
104.199.42.204 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
204.42.199.104.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
5bb7df481d6f3aff5e146b5e7c19e3fda0cbffde6e1fbfdfa718e95453a24aca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

etag
"62b1b36e-9e5"
accept-ranges
bytes
content-length
2533
date
Sun, 06 Oct 2024 16:28:40 GMT
content-type
image/svg+xml
last-modified
Tue, 21 Jun 2022 12:02:54 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
location
https://mrdm.nl/files/auth0/logo.svg
content-length
244
date
Sun, 06 Oct 2024 16:28:40 GMT
content-type
text/html; charset=iso-8859-1
x-powered-by
PleskLin
server
nginx
x-frame-options
SAMEORIGIN
favicon.ico
accounts-test.mrdm.io/
9 B
173 B
Other
General
Full URL
https://accounts-test.mrdm.io/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://accounts-test.mrdm.io/u/login/identifier?state=hKFo2SBNc1hKR0lKVldEenR4SW5RTGt2ZjdUeXRBVmwyZWtwVKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG8xUFJId0pwRUliRU5OTmxURmd2VGpqMEstYUxJVThzo2NpZNkgbDcwZEx4YmJiWkFWOEhmTnFBZURzM2NTTHI5d01rQkg

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=300
cf-cache-status
HIT
etag
W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
age
117
x-content-type-options
nosniff
cf-ray
8ce706a18dff65f7-AMS
x-auth0-not-found
1
content-length
9
x-auth0-requestid
6a35c1ede989339ff1ac
date
Sun, 06 Oct 2024 16:28:40 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| ulpFlags string| userLang

5 Cookies

Domain/Path Name / Value
accounts-test.mrdm.io/ Name: did
Value: s%3Av0%3Adff53dae-0de5-4158-b75f-e3217d7beb34.S6opjX5fuYu6a7U60eKXZK%2BZDTX%2Buv1HWotx7gxEvSw
accounts-test.mrdm.io/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQIxUQzc1ZyFengEzvd9JaLpnUan9QhgQkLJ6xQVk8n2E57Jgqiv5bjMyfR8UTyJvda_4jOjg0WDjKQ4f2LctQGemY29va2llg6dleHBpcmVz1_-iH-gAZwavN65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.sTG9mKAvUqbmvNAPK%2BbwMZILJkn2vr1UnHEpNgPnJ5Q
accounts-test.mrdm.io/ Name: did_compat
Value: s%3Av0%3Adff53dae-0de5-4158-b75f-e3217d7beb34.S6opjX5fuYu6a7U60eKXZK%2BZDTX%2Buv1HWotx7gxEvSw
accounts-test.mrdm.io/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQIxUQzc1ZyFengEzvd9JaLpnUan9QhgQkLJ6xQVk8n2E57Jgqiv5bjMyfR8UTyJvda_4jOjg0WDjKQ4f2LctQGemY29va2llg6dleHBpcmVz1_-iH-gAZwavN65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.sTG9mKAvUqbmvNAPK%2BbwMZILJkn2vr1UnHEpNgPnJ5Q
.accounts-test.mrdm.io/ Name: __cf_bm
Value: 5ngEUrIIjAtcxRX38hfUUPVBxnq38iyBhJfc3U4rBEc-1728232119-1.0.1.1-WFiQgewOXUINjzTr_qCBJljeqt_X3aJaRH5KaOLdz4XEKUPZOYQWu.nsYXlzYgSo

1 Console Messages

Source Level URL
Text
network error URL: https://accounts-test.mrdm.io/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload