staging.internal.data.rfdme.io Open in urlscan Pro
175.41.229.45 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://staging.internal.data.rfdme.io/
Submission: On April 10 via automatic, source certstream-suspicious (April 10th 2024, 12:17:12 pm UTC) — Scanned from JP

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 16 HTTP transactions. The main IP is 175.41.229.45, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is staging.internal.data.rfdme.io.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 10th 2024. Valid for: a year.

This is the only time staging.internal.data.rfdme.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	175.41.229.45 175.41.229.45	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4008:c03::5f	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:811::2004	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.175.228 172.217.175.228	15169 (GOOGLE) (GOOGLE)
16	6

5 175.41.229.45 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-229-45.ap-northeast-1.compute.amazonaws.com

staging.internal.data.rfdme.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c03::5f (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:811::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:81e::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.228 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s29-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	gstatic.com fonts.gstatic.com www.gstatic.com	376 KB
5	rfdme.io staging.internal.data.rfdme.io	2 MB
3	google.com www.google.com — Cisco Umbrella Rank: 5	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	34 KB
16	4

	Domain	Requested by
6	fonts.gstatic.com	fonts.googleapis.com
5	staging.internal.data.rfdme.io	staging.internal.data.rfdme.io
3	www.google.com	staging.internal.data.rfdme.io www.gstatic.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	staging.internal.data.rfdme.io
16	5

This site contains no links.

Subject Issuer	Validity	Valid
internal.data.rfdme.io Amazon RSA 2048 M02	`2024-04-10` - `2025-05-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://staging.internal.data.rfdme.io/
Frame ID: C6FFB2867FAB98F08DAD747E65ACDECD
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmRYjAAAAAFuFUYGpCu_OSdR8Ukw0TUJz1m6V&co=aHR0cHM6Ly9zdGFnaW5nLmludGVybmFsLmRhdGEucmZkbWUuaW86NDQz&hl=en&type=image&v=rz4DvU-cY2JYCwHSTck0_qm-&theme=light&size=normal&badge=bottomright&cb=ptdottqzqffl
Frame ID: 1B625D6FDACCE5C7ADF73B46FCBC915B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LcNmRYjAAAAAFuFUYGpCu_OSdR8Ukw0TUJz1m6V
Frame ID: 3454DEC7F0DD41B3B835CD2145597A36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RFDME - Internal Data Service - 試用區

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

6
IPs

4
Countries

2255 kB
Transfer

2640 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
staging.internal.data.rfdme.io/ 893 B
1 KB 143ms
7ms Document
text/html 175.41.229.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.internal.data.rfdme.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.229.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-229-45.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ebd5e32d4b01c40d81d10f7dfdd6faaec377da41e3a1e40f34b6f7797b1d9b75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: jp-JP,jp;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 893
content-type: text/html
date: Wed, 10 Apr 2024 12:17:07 GMT
etag: "657bc56b-37d"
last-modified: Fri, 15 Dec 2023 03:18:03 GMT
server: nginx/1.22.1

GET
H2 200 css2
fonts.googleapis.com/ 122 KB
34 KB 174ms
61ms Stylesheet
text/css 2404:6800:4008:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+TC&family=Roboto&display=swap

Requested by

Host: staging.internal.data.rfdme.io
URL: https://staging.internal.data.rfdme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c03::5f Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91ab505466693e2b2085b42d5f1803723dbf634d108102ea307b638470ec32fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staging.internal.data.rfdme.io/
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 12:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 12:17:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 12:17:07 GMT

GET
H2 200 main.d26a279d.js Show response
staging.internal.data.rfdme.io/static/js/ 1 MB
1 MB 21ms
18ms Script
application/javascript 175.41.229.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.internal.data.rfdme.io/static/js/main.d26a279d.js
Requested by: Host: staging.internal.data.rfdme.io
URL: https://staging.internal.data.rfdme.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.229.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-229-45.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 4eb66eb5b420fe3d0bf74e72c30d088067f998d374dc4554d5c040e3fa74dc3c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staging.internal.data.rfdme.io/
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 12:17:07 GMT
last-modified: Fri, 15 Dec 2023 03:18:03 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "657bc56b-14182d"
content-length: 1316909
content-type: application/javascript

GET
H2 200 main.836c910f.css
staging.internal.data.rfdme.io/static/css/ 546 KB
547 KB 7ms
5ms Stylesheet
text/css 175.41.229.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.internal.data.rfdme.io/static/css/main.836c910f.css
Requested by: Host: staging.internal.data.rfdme.io
URL: https://staging.internal.data.rfdme.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.229.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-229-45.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2e37faa8fb3ff8481b2a073cf45f7e8bb29f81fed5240bcfa98adbc39f337c35

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staging.internal.data.rfdme.io/
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 12:17:07 GMT
last-modified: Fri, 15 Dec 2023 03:18:03 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "657bc56b-88854"
content-length: 559188
content-type: text/css

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 107ms
44ms Script
text/javascript 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: staging.internal.data.rfdme.io
URL: https://staging.internal.data.rfdme.io/static/js/main.d26a279d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e97dff4d940b28c7b3d47385ae41f4a0158bf6fa134f64430988b9855abfd855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staging.internal.data.rfdme.io/
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 12:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Apr 2024 12:17:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 66ms
4ms Font
font/woff2 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://staging.internal.data.rfdme.io
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 19:50:18 GMT
x-content-type-options: nosniff
age: 59209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Apr 2025 19:50:18 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.119.woff2
fonts.gstatic.com/s/notosanstc/v35/ 19 KB
19 KB 75ms
15ms Font
font/woff2 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0e0b37dbd0c68559d6f6f2895422cc9efdeb440f489cb66564637adc5178b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://staging.internal.data.rfdme.io
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:28:22 GMT
x-content-type-options: nosniff
age: 499725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19296
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Apr 2025 17:28:22 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.118.woff2
fonts.gstatic.com/s/notosanstc/v35/ 31 KB
32 KB 72ms
13ms Font
font/woff2 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1760175c4829fcfa5c9961a397a8414bb3e0f06588f9b6e2514c2f46c8fc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://staging.internal.data.rfdme.io
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:25:04 GMT
x-content-type-options: nosniff
age: 499923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32184
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:21:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Apr 2025 17:25:04 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.117.woff2
fonts.gstatic.com/s/notosanstc/v35/ 35 KB
35 KB 68ms
9ms Font
font/woff2 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aeb1decdb629f8f24ae2e1d8143a5a18bfc58eb703d0d3092fa42b8553ebe89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://staging.internal.data.rfdme.io
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 16:42:52 GMT
x-content-type-options: nosniff
age: 588855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35520
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:24:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 16:42:52 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.116.woff2
fonts.gstatic.com/s/notosanstc/v35/ 37 KB
37 KB 69ms
12ms Font
font/woff2 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8d8c225b88ae3d0c58f0e0f099e2c1beb1a9938f4045466cdd0255cf5b92fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://staging.internal.data.rfdme.io
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 17:38:33 GMT
x-content-type-options: nosniff
age: 499114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38232
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Apr 2025 17:38:33 GMT

GET
H2 200 -nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.115.woff2
fonts.gstatic.com/s/notosanstc/v35/ 38 KB
38 KB 65ms
10ms Font
font/woff2 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b64b0ee7f30a386bf838a308feb90a73327fd94c6260788280b5a03a056cdf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://staging.internal.data.rfdme.io
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 12:20:28 GMT
x-content-type-options: nosniff
age: 86199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39204
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 19:33:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Apr 2025 12:20:28 GMT

GET
H2 200 favicon.ico
staging.internal.data.rfdme.io/ 4 KB
4 KB 5ms
4ms Other
image/x-icon 175.41.229.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.internal.data.rfdme.io/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.229.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-229-45.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: f7346b69c5bbba2a0ba6668a467fa88ab9c0aaa1dec2d8b404c19d7640410301

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staging.internal.data.rfdme.io/login
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 12:17:07 GMT
last-modified: Fri, 15 Dec 2023 03:18:03 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "657bc56b-10be"
content-length: 4286
content-type: image/x-icon

GET
H2 200 favicon.ico
staging.internal.data.rfdme.io/ 4 KB
4 KB 4ms
4ms Other
image/x-icon 175.41.229.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.internal.data.rfdme.io/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.229.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-229-45.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: f7346b69c5bbba2a0ba6668a467fa88ab9c0aaa1dec2d8b404c19d7640410301

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staging.internal.data.rfdme.io/login
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 12:17:07 GMT
last-modified: Fri, 15 Dec 2023 03:18:03 GMT
server: nginx/1.22.1
accept-ranges: bytes
etag: "657bc56b-10be"
content-length: 4286
content-type: image/x-icon

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 499 KB
199 KB 49ms
5ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://staging.internal.data.rfdme.io/
Origin: https://staging.internal.data.rfdme.io
accept-language: jp-JP,jp;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 04:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203369
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 04:07:11 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 1B62 0
0 97ms
58ms Document
text/html 172.217.175.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNmRYjAAAAAFuFUYGpCu_OSdR8Ukw0TUJz1m6V&co=aHR0cHM6Ly9zdGFnaW5nLmludGVybmFsLmRhdGEucmZkbWUuaW86NDQz&hl=en&type=image&v=rz4DvU-cY2JYCwHSTck0_qm-&theme=light&size=normal&badge=bottomright&cb=ptdottqzqffl

Requested by

Host: staging.internal.data.rfdme.io
URL: https://staging.internal.data.rfdme.io/static/js/main.d26a279d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9SuImQ4N8Mv_zuq686qiDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://staging.internal.data.rfdme.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: jp-JP,jp;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9SuImQ4N8Mv_zuq686qiDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 12:17:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 3454 0
0 55ms
54ms Document
text/html 172.217.175.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LcNmRYjAAAAAFuFUYGpCu_OSdR8Ukw0TUJz1m6V

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RpqNboPBQRK_iRVwps6nzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://staging.internal.data.rfdme.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: jp-JP,jp;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RpqNboPBQRK_iRVwps6nzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Apr 2024 12:17:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
staging.internal.data.rfdme.io
www.google.com
www.gstatic.com
172.217.175.228
175.41.229.45
2404:6800:4004:811::2004
2404:6800:4004:81e::2003
2404:6800:4004:823::2003
2404:6800:4008:c03::5f
0aeb1decdb629f8f24ae2e1d8143a5a18bfc58eb703d0d3092fa42b8553ebe89
2e37faa8fb3ff8481b2a073cf45f7e8bb29f81fed5240bcfa98adbc39f337c35
4eb66eb5b420fe3d0bf74e72c30d088067f998d374dc4554d5c040e3fa74dc3c
8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
91ab505466693e2b2085b42d5f1803723dbf634d108102ea307b638470ec32fa
9b64b0ee7f30a386bf838a308feb90a73327fd94c6260788280b5a03a056cdf2
a1760175c4829fcfa5c9961a397a8414bb3e0f06588f9b6e2514c2f46c8fc849
e0e0b37dbd0c68559d6f6f2895422cc9efdeb440f489cb66564637adc5178b31
e97dff4d940b28c7b3d47385ae41f4a0158bf6fa134f64430988b9855abfd855
ebd5e32d4b01c40d81d10f7dfdd6faaec377da41e3a1e40f34b6f7797b1d9b75
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7346b69c5bbba2a0ba6668a467fa88ab9c0aaa1dec2d8b404c19d7640410301
f8d8c225b88ae3d0c58f0e0f099e2c1beb1a9938f4045466cdd0255cf5b92fec

staging.internal.data.rfdme.io Open in urlscan Pro 175.41.229.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

67 %IPv6

4 Domains

5 Subdomains

6 IPs

4 Countries

2255 kBTransfer

2640 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

staging.internal.data.rfdme.io Open in urlscan Pro
175.41.229.45 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

6
IPs

4
Countries

2255 kB
Transfer

2640 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions