urlscan.io logo urlscan.io
SecurityTrails logo

rbcsupport.globetax.com Open in urlscan Pro
2600:9000:2182:6400:1c:cbc3:f280:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://rbcsupport.globetax.com/
Submission: On August 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 17 HTTP transactions. The main IP is 2600:9000:2182:6400:1c:cbc3:f280:93a1, located in United States and belongs to AMAZON-02, US. The main domain is rbcsupport.globetax.com.
TLS certificate: Issued by Amazon on September 20th 2019. Valid for: a year.
This is the only time rbcsupport.globetax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2600:9000:2182:6400:1c:cbc3:f280:93a1 (United States)

ASN16509 (AMAZON-02, US)
rbcsupport.globetax.com
2    2600:9000:20eb:6a00:11:537a:1f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
aui-cdn.atlassian.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    51.91.224.95 (France)

ASN16276 (OVH, FR)
PTR: i.postimg.cc
i.postimg.cc
1    18.184.99.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-99-128.eu-central-1.compute.amazonaws.com
globetax.atlassian.net
1    18.184.99.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-99-153.eu-central-1.compute.amazonaws.com
api.media.atlassian.com
1    2606:4700:10::6816:82d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn1.iconfinder.com
1    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Domain Requested by
6 rbcsupport.globetax.com rbcsupport.globetax.com
3 cdnjs.cloudflare.com ajax.googleapis.com
2 aui-cdn.atlassian.com rbcsupport.globetax.com
aui-cdn.atlassian.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn1.iconfinder.com rbcsupport.globetax.com
1 api.media.atlassian.com rbcsupport.globetax.com
1 globetax.atlassian.net 1 redirects
1 i.postimg.cc rbcsupport.globetax.com
1 fonts.googleapis.com rbcsupport.globetax.com
1 ajax.googleapis.com rbcsupport.globetax.com
17 10

This site contains links to these domains. Also see Links.

Domain
support.globetax.com
www.glintech.com
Subject Issuer Validity Valid
rbcsupport.globetax.com
Amazon		 2019-09-20 -
2020-10-20		 a year crt.sh
*.atl-paas.net
Amazon		 2020-03-06 -
2021-04-06		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
postimg.cc
Let's Encrypt Authority X3		 2020-07-15 -
2020-10-13		 3 months crt.sh
*.media.atlassian.com
DigiCert SHA2 High Assurance Server CA		 2019-10-03 -
2021-12-17		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://rbcsupport.globetax.com/
Frame ID: 5330FBB9D1BB9846D32D950452BE3278
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

17
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

381 kB
Transfer

733 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://globetax.atlassian.net/wiki/download/attachments/20217897/GlobeTax_BG4_small.jpg HTTP 302
  • https://api.media.atlassian.com/file/680ad604-63db-4f06-88f1-c12c4ec7a4bc/binary?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJmOTBiYWY3OS02NTAwLTQ4YWEtOTE3NC00N2Q5MWUwNTRlNTYiLCJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOjY4MGFkNjA0LTYzZGItNGYwNi04OGYxLWMxMmM0ZWM3YTRiYyI6WyJyZWFkIl19LCJleHAiOjE1OTgxNTIxOTYsIm5iZiI6MTU5ODA2OTIxNn0.p_afHiO3HtHhy_i3AOHL9CdtC8O49KFMnuc9xCuit3A&client=f90baf79-6500-48aa-9174-47d91e054e56&name=GlobeTax_BG4_small.jpg

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rbcsupport.globetax.com/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rbcsupport.globetax.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6400:1c:cbc3:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5d51259318fc5603acbab07f5ed640be2ce362c610798832c6bc0d25725a7ec

Request headers

:method
GET
:authority
rbcsupport.globetax.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
content-length
2889
date
Sat, 22 Aug 2020 04:05:17 GMT
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 14:38:17 GMT
etag
"59f7936156ab978f2fc9632507d7c4fc"
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
wB04l8wNy7gRunp0Gw23-DN5HzvN2UdLrEnJYXPJSJAGzQfseZPqTQ==
age
160
aui.min.css
aui-cdn.atlassian.com/aui-adg/6.0.9/css/ 		171 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aui-cdn.atlassian.com/aui-adg/6.0.9/css/aui.min.css
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6a00:11:537a:1f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0a34e35816980b2a083cdb9364b8671efffcc95bc90a17347f33042a82043a2

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 15 Feb 2020 09:02:29 GMT
content-encoding
gzip
last-modified
Wed, 03 Jan 2018 04:36:26 GMT
server
AmazonS3
age
16311928
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
SBgIgsHaa658guPHzJa64IQ3UR_3UhyK
status
200
cache-control
max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C1
content-type
text/css
x-amz-cf-id
rImPLWrkJAvA9I3T6Z5MW7BiyVqJ1MV1Dkl313h1J3hwaksVEHxLlw==
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
main.css
rbcsupport.globetax.com/css/ 		74 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rbcsupport.globetax.com/css/main.css
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6400:1c:cbc3:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27749126ee6ad524505e44a83543c670ed72bc7d08545d53ef71687023b80ae8

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:57 GMT
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 14:38:22 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"f7d5e238c8f71dd3f16e75e59893ce8c"
x-cache
Miss from cloudfront
content-type
text/css
status
200
content-length
24730
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-id
dXg8Qzp7tpGMtBmcwpXNVWnyOojwAyxF9RuvbzaP5EN68WnvG-YJNA==
custom.css
rbcsupport.globetax.com/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rbcsupport.globetax.com/css/custom.css
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6400:1c:cbc3:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb291aa0ad3311eafe905cb56f0fbca1f1b1eb0885d18d0d61652776d28a02f8

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:57 GMT
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 14:38:14 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"f3435c93edf53e237c1fda3c6cd50c77"
x-cache
Miss from cloudfront
content-type
text/css
status
200
content-length
1557
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-id
J69KvLsQfuLjxYcikgYSDYzlLIeJwwPYvTlxhgT5OhkHm5yRUDLSDQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 09:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
931151
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 09:28:45 GMT
main.js
rbcsupport.globetax.com/scripts/ 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbcsupport.globetax.com/scripts/main.js
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6400:1c:cbc3:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4688ca34089d77488a0f4b9db2055270e739c45d40bded36aef0511bef926a1b

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:57 GMT
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 14:38:22 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"66de370aee288fc5f9f6afa63a87da5a"
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
content-length
43837
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-id
hpIcsw5U6TF6HGX7u-O51Z7I8ZZ3EyatlvUhcWOUzAphg8pjT4OGpQ==
custom.js
rbcsupport.globetax.com/scripts/ 		0
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rbcsupport.globetax.com/scripts/custom.js
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6400:1c:cbc3:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:57 GMT
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 14:38:14 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"7029066c27ac6f5ef18d660d5741979a"
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
content-length
20
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-id
BiaqyCPPtKwD5YDG3jUJnSmKt-bdFV6NeGbz9ef-vPqwkaUFTSpYwA==
css
fonts.googleapis.com/ 		5 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6e206730b9cfa13f568754d8c0985b03f8a7b55265eb88b3c0f8c80cd445e19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rbcsupport.globetax.com/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 Aug 2020 03:03:30 GMT
server
ESF
date
Sat, 22 Aug 2020 04:07:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Aug 2020 04:07:56 GMT
logo.png
rbcsupport.globetax.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rbcsupport.globetax.com/images/logo.png
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6400:1c:cbc3:f280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
111ac67ac9907dfc83a08557c5588672bbe82aafe9b26ab59689309a168af20b

Request headers

Referer
https://rbcsupport.globetax.com/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:56 GMT
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 14:38:22 GMT
server
AmazonS3
x-amz-error-code
NoSuchKey
x-amz-cf-pop
DUS51-C1
etag
"b528acbbdd1a368aa464550ae28704b5"
x-amz-error-message
The specified key does not exist.
content-type
text/html
status
404
x-amz-error-detail-key
images/logo.png
x-cache
Error from cloudfront
content-length
924
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-id
yCeON_6kX0PmWp39DO0sNbkE72sP0v41CM57CZFra_XuqrnQCIgc0A==
Globe_Tax_Globe_Color_Lo.png
i.postimg.cc/KY1mW7nQ/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/KY1mW7nQ/Globe_Tax_Globe_Color_Lo.png
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.91.224.95 , France, ASN16276 (OVH, FR),
Reverse DNS
i.postimg.cc
Software
nginx /
Resource Hash
0a8102194ab25fd769a216ed6682bb72bf35b2bb713daf65fa5d291e59f6082a

Request headers

Referer
https://rbcsupport.globetax.com/css/custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:56 GMT
last-modified
Fri, 21 Sep 2018 08:21:59 GMT
server
nginx
status
200
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
36412
expires
Thu, 31 Dec 2037 23:55:55 GMT
binary
api.media.atlassian.com/file/680ad604-63db-4f06-88f1-c12c4ec7a4bc/
Redirect Chain
  • https://globetax.atlassian.net/wiki/download/attachments/20217897/GlobeTax_BG4_small.jpg
  • https://api.media.atlassian.com/file/680ad604-63db-4f06-88f1-c12c4ec7a4bc/binary?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJmOTBiYWY3OS02NTAwLTQ4YWEtOTE3NC00N2Q5MWUwNTRlNTYiLCJhY2Nlc3MiOnsidXJuOmZpbGVzd...
114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.media.atlassian.com/file/680ad604-63db-4f06-88f1-c12c4ec7a4bc/binary?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJmOTBiYWY3OS02NTAwLTQ4YWEtOTE3NC00N2Q5MWUwNTRlNTYiLCJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOjY4MGFkNjA0LTYzZGItNGYwNi04OGYxLWMxMmM0ZWM3YTRiYyI6WyJyZWFkIl19LCJleHAiOjE1OTgxNTIxOTYsIm5iZiI6MTU5ODA2OTIxNn0.p_afHiO3HtHhy_i3AOHL9CdtC8O49KFMnuc9xCuit3A&client=f90baf79-6500-48aa-9174-47d91e054e56&name=GlobeTax_BG4_small.jpg
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.184.99.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-99-153.eu-central-1.compute.amazonaws.com
Software
globaledge-envoy /
Resource Hash
dfb255ca655304850d9f4f33df2dcb7432261c8e46ced7b7711fc40fcf2ddeb1
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rbcsupport.globetax.com/css/custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-content-type-options
nosniff
atl-traceid
8bd7c5a0653b3abd
x-b3-traceid
8bd7c5a0653b3abd
x-dns-prefetch-control
off
status
200
x-envoy-upstream-service-time
674
x-b3-parentspanid
92aaabe779567f81
content-disposition
inline; filename="GlobeTax_BG4_small.jpg"
content-length
116896
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
server
globaledge-envoy
x-logging-id
V1xZRhzmw
x-media-region
us-west-1
date
Sat, 22 Aug 2020 04:07:57 GMT
x-download-options
noopen
strict-transport-security
max-age=63072000; preload
expect-ct
report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/dt-api-filestore", max-age=86400
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Media-Region
cache-control
private
x-b3-spanid
9e5f5244683b8776
x-b3-sampled
1
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=315360000; includeSubDomains; preload
x-content-type-options
nosniff
server
AtlassianProxy/1.15.8.1
atl-traceid
a8ac4a8da485cdb1
x-confluence-request-time
1598069276697
expect-ct
report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/global-proxy", enforce, max-age=86400
status
302
content-type
text/html;charset=UTF-8
location
https://api.media.atlassian.com/file/680ad604-63db-4f06-88f1-c12c4ec7a4bc/binary?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJmOTBiYWY3OS02NTAwLTQ4YWEtOTE3NC00N2Q5MWUwNTRlNTYiLCJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOjY4MGFkNjA0LTYzZGItNGYwNi04OGYxLWMxMmM0ZWM3YTRiYyI6WyJyZWFkIl19LCJleHAiOjE1OTgxNTIxOTYsIm5iZiI6MTU5ODA2OTIxNn0.p_afHiO3HtHhy_i3AOHL9CdtC8O49KFMnuc9xCuit3A&client=f90baf79-6500-48aa-9174-47d91e054e56&name=GlobeTax_BG4_small.jpg
cache-control
no-cache, no-store, must-revalidate
date
Sat, 22 Aug 2020 04:07:56 GMT
atl-confluence-via
h:confluence-prod-us-7-2.prod.atl-paas.net
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
698627-icon-111-search-512.png
cdn1.iconfinder.com/data/icons/hawcons/32/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.iconfinder.com/data/icons/hawcons/32/698627-icon-111-search-512.png
Requested by
Host: rbcsupport.globetax.com
URL: https://rbcsupport.globetax.com/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:82d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05cd2701440deccc341bd43495346170d0235da44163bbbe177369fe6a85af2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rbcsupport.globetax.com/css/custom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:56 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
990679
cf-polished
origFmt=png, origSize=13162
status
200
content-disposition
inline; filename="698627-icon-111-search-512.webp"
vary
Accept
x-amz-request-id
0N2N1KCTAT2R3ZDP
x-amz-id-2
6FvLL/+r4SGXS0VbX0CpXVQghcOujRxiYr8ZHakAdXiJJ892YOZMv9Z5M/YN5bsKecy5Hv1e/wI=
accept-ranges
bytes
last-modified
Sun, 15 Oct 2017 04:40:28 GMT
server
cloudflare
etag
"0f7ddc24583501b1de6e5e652c6fb450"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
x-amz-version-id
fGvJG__a7b_qZ.fpBEd0ZoGKPBHJo.7O
cf-request-id
04b5f317ac0000dfa9910e3200000001
content-length
4094
cf-ray
5c69bad2abc6dfa9-FRA
cf-bgj
imgq:100,h2pri
atlassian-icons.woff
aui-cdn.atlassian.com/aui-adg/6.0.9/css/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://aui-cdn.atlassian.com/aui-adg/6.0.9/css/fonts/atlassian-icons.woff
Requested by
Host: aui-cdn.atlassian.com
URL: https://aui-cdn.atlassian.com/aui-adg/6.0.9/css/aui.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6a00:11:537a:1f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Origin
https://rbcsupport.globetax.com
Referer
https://aui-cdn.atlassian.com/aui-adg/6.0.9/css/aui.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:57 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
status
200
content-length
59780
last-modified
Wed, 03 Jan 2018 04:36:26 GMT
server
AmazonS3
etag
"54bc0a9f5c0be190be428468b783c09c"
access-control-max-age
600
access-control-allow-methods
GET
x-amz-version-id
v1uwnREyTvq7eRdc3ZwgLvgaa20Ay05C
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
content-type
application/font-woff
x-amz-cf-id
XT-0672kONPLuhauK_QJEPZHsWMw2_yCwJCCwj8c1qmjQmrLxbuQ_g==
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v9/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rbcsupport.globetax.com
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 10:52:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:20:41 GMT
server
sffe
age
839738
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10292
x-xss-protection
0
expires
Thu, 12 Aug 2021 10:52:18 GMT
shCore.min.css
cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/styles/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/styles/shCore.min.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7fc3de159dd250afb3e80de87a574ec33debd6c939360af5ee0e7f0f0ff7578
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
17005661
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04b5f317d600000746d285a200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:12 GMT
server
cloudflare
etag
W/"5afd4820-13a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5c69bad2fcf00746-FRA
expires
Thu, 12 Aug 2021 04:07:56 GMT
shCore.js
cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/ 		16 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shCore.js?_=1598069276522
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584a26f39cef2db245f41d4f6b8e3d0f7dfac5c06f0f454a49dfb94f6fb1517b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
12030629
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04b5f317d600000746d285b200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:12 GMT
server
cloudflare
etag
W/"5afd4820-3f2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5c69bad2fcf30746-FRA
expires
Thu, 12 Aug 2021 04:07:56 GMT
shAutoloader.min.js
cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/ 		1 KB
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shAutoloader.min.js?_=1598069276523
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
216f30a41d88fe8f4ce676af22890e229289ca5fbde7392ba2c17089efa463f5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://rbcsupport.globetax.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 04:07:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10367155
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04b5f317ec00000746d285d200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:12 GMT
server
cloudflare
etag
W/"5afd4820-427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5c69bad31d2b0746-FRA
expires
Thu, 12 Aug 2021 04:07:56 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| XRegExp object| SyntaxHighlighter

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.media.atlassian.com
aui-cdn.atlassian.com
cdn1.iconfinder.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
globetax.atlassian.net
i.postimg.cc
rbcsupport.globetax.com
18.184.99.128
18.184.99.153
2600:9000:20eb:6a00:11:537a:1f80:93a1
2600:9000:2182:6400:1c:cbc3:f280:93a1
2606:4700:10::6816:82d
2606:4700::6811:4f6b
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:81a::2003
51.91.224.95
0a8102194ab25fd769a216ed6682bb72bf35b2bb713daf65fa5d291e59f6082a
111ac67ac9907dfc83a08557c5588672bbe82aafe9b26ab59689309a168af20b
216f30a41d88fe8f4ce676af22890e229289ca5fbde7392ba2c17089efa463f5
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
27749126ee6ad524505e44a83543c670ed72bc7d08545d53ef71687023b80ae8
4688ca34089d77488a0f4b9db2055270e739c45d40bded36aef0511bef926a1b
584a26f39cef2db245f41d4f6b8e3d0f7dfac5c06f0f454a49dfb94f6fb1517b
a0a34e35816980b2a083cdb9364b8671efffcc95bc90a17347f33042a82043a2
bb291aa0ad3311eafe905cb56f0fbca1f1b1eb0885d18d0d61652776d28a02f8
c05cd2701440deccc341bd43495346170d0235da44163bbbe177369fe6a85af2
c7fc3de159dd250afb3e80de87a574ec33debd6c939360af5ee0e7f0f0ff7578
dfb255ca655304850d9f4f33df2dcb7432261c8e46ced7b7711fc40fcf2ddeb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5d51259318fc5603acbab07f5ed640be2ce362c610798832c6bc0d25725a7ec
f6e206730b9cfa13f568754d8c0985b03f8a7b55265eb88b3c0f8c80cd445e19