urlscan.io logo urlscan.io
SecurityTrails logo

jp-direct-staging.moneytree.jp Open in urlscan Pro
52.196.203.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jp-api-staging.getmoneytree.com/
Effective URL: https://jp-direct-staging.moneytree.jp/guests/sign_in
Submission: On July 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 52.196.203.66, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is jp-direct-staging.moneytree.jp.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 4th 2020. Valid for: 3 months.
This is the only time jp-direct-staging.moneytree.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 143.204.202.79 16509 (AMAZON-02)
3 52.196.203.66 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 151.101.14.110 54113 (FASTLY)
2 162.247.242.19 23467 (NEWRELIC-...)
8 4
2    143.204.202.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
jp-api-staging.getmoneytree.com
3    52.196.203.66 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-203-66.ap-northeast-1.compute.amazonaws.com
jp-direct-staging.moneytree.jp
2    2600:9000:2057:ca00:1c:68f5:7000:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.moneytree.jp
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
Domain Requested by
3 jp-direct-staging.moneytree.jp jp-direct-staging.moneytree.jp
2 bam.nr-data.net js-agent.newrelic.com
2 assets.moneytree.jp jp-direct-staging.moneytree.jp
2 jp-api-staging.getmoneytree.com 2 redirects
1 js-agent.newrelic.com jp-direct-staging.moneytree.jp
8 5

This site contains no links.

Subject Issuer Validity Valid
jp-omoikane-staging.herokuapp.com
Let's Encrypt Authority X3		 2020-07-04 -
2020-10-02		 3 months crt.sh
*.moneytree.jp
Amazon		 2020-05-23 -
2021-06-23		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-07-22 -
2021-05-07		 10 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://jp-direct-staging.moneytree.jp/guests/sign_in
Frame ID: 23B2B41E6634797440C42D824278F707
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://jp-api-staging.getmoneytree.com/ HTTP 301
    https://jp-api-staging.getmoneytree.com/ HTTP 302
    https://jp-direct-staging.moneytree.jp/guests/sign_in Page URL

Page Statistics

8
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

190 kB
Transfer

598 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jp-api-staging.getmoneytree.com/ HTTP 301
    https://jp-api-staging.getmoneytree.com/ HTTP 302
    https://jp-direct-staging.moneytree.jp/guests/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set sign_in
jp-direct-staging.moneytree.jp/guests/
Redirect Chain
  • http://jp-api-staging.getmoneytree.com/
  • https://jp-api-staging.getmoneytree.com/
  • https://jp-direct-staging.moneytree.jp/guests/sign_in
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-direct-staging.moneytree.jp/guests/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.196.203.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-203-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6718fb501e0fc5b8f2c4c59d2e9f4e7452700aadac823d7713b401ce952bc371
Security Headers
Name Value
Strict-Transport-Security max-age=631139040; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
jp-direct-staging.moneytree.jp
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src https://* 'self'; connect-src https://* 'self'; font-src 'self' data:; img-src https://* data:; media-src https://* 'self'; object-src https://* 'self'; script-src https://* 'self' 'unsafe-inline'; style-src https://* 'self'
Content-Type
text/html; charset=utf-8
Etag
W/"2f5a014380254690664796a108fb403d"
Set-Cookie
_omoikane_session=OG1sb05HWXF1Q1VidTYzeUp5a3pGemhDMldIVW1keHlKOEx6Qm40cXpodTd3QWN1VHF6QUVlRjlrSkc1OXFrWHNRcUkrbU0xUlh0djB5MEExYmtyc1BkT0xJUjUxYVROWVFFbTR6RWJmN08yYmFXNVVsSnVkN3NDaDV6c2lPbVBDOGRnalJ1cVVjeGJWOSthcnk3ZFNBPT0tLXRWSmZKSDNCVzdGaUZvQU84c2xpeXc9PQ%3D%3D--5901684cef39845e435445eef9a65a6e39b1c85a; path=/; secure; HttpOnly
Strict-Transport-Security
max-age=631139040; includeSubdomains
Vary
Accept-Encoding, Origin
Via
1.1 spaces-router (8fc46b74df5f)
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-Id
c4ccf412-7c4b-2557-dcf8-8da95cde449f
X-Runtime
0.026877
X-Xss-Protection
1; mode=block
Date
Thu, 23 Jul 2020 10:05:35 GMT
Transfer-Encoding
chunked

Redirect headers

status
302
content-type
text/html; charset=utf-8
content-length
124
location
https://jp-direct-staging.moneytree.jp/guests/sign_in
cache-control
no-cache
content-encoding
gzip
content-security-policy-report-only
default-src https://* 'self'; connect-src https://* 'self'; font-src 'self' data:; img-src https://* data:; media-src https://* 'self'; object-src https://* 'self'; script-src https://* 'self' 'unsafe-inline'; style-src https://* 'self'
strict-transport-security
max-age=631139040; includeSubdomains
via
1.1 spaces-router (8fc46b74df5f), 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-frame-options
DENY
x-request-id
02c306da-fa46-8cd7-5bc8-8b1b9699d39c
x-runtime
0.006090
x-xss-protection
1; mode=block
date
Thu, 23 Jul 2020 10:05:34 GMT
vary
Accept-Encoding,Origin
x-cache
Miss from cloudfront
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
QR2LYKkOevgMxeFbr-XGuy-0PELpjXJxm2Srem4jyJT9yaFlhOA7oA==
mt-web-font.css
assets.moneytree.jp/mt-web-font/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.moneytree.jp/mt-web-font/css/mt-web-font.css
Requested by
Host: jp-direct-staging.moneytree.jp
URL: https://jp-direct-staging.moneytree.jp/guests/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:ca00:1c:68f5:7000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09a4d07892a8574310b69550ed4bb2ca7847879bf81c2a8646a3be2bc49eb22e

Request headers

Referer
https://jp-direct-staging.moneytree.jp/guests/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 23 Jul 2020 10:05:37 GMT
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2016 05:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"a1db5b63c2b059e3618a51cbc52fa15b"
x-cache
Miss from cloudfront
content-type
text/css
status
200
accept-ranges
bytes
content-length
4651
x-amz-cf-id
Oc4VzUKfW9F_HsQ8YaA-4_GulmaNGuPnnUElJ6vd0o9iSK7HUQmOhg==
application-ce7da6368035170f0bc14a4b1b9fedb8e57536513a205496351904227bda4d7a.css
jp-direct-staging.moneytree.jp/assets/ 		130 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jp-direct-staging.moneytree.jp/assets/application-ce7da6368035170f0bc14a4b1b9fedb8e57536513a205496351904227bda4d7a.css
Requested by
Host: jp-direct-staging.moneytree.jp
URL: https://jp-direct-staging.moneytree.jp/guests/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.196.203.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-203-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
9daaacda317e7590e6cd3b335252eb47d7f1054e7b9d140743dad95105a52183
Security Headers
Name Value
Strict-Transport-Security max-age=631139040; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jp-direct-staging.moneytree.jp/guests/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=631139040; includeSubdomains
Via
1.1 spaces-router (8fc46b74df5f)
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 03 Oct 2019 05:02:51 GMT
X-Frame-Options
DENY
Date
Thu, 23 Jul 2020 10:05:35 GMT
Content-Security-Policy-Report-Only
default-src https://* 'self'; connect-src https://* 'self'; font-src 'self' data:; img-src https://* data:; media-src https://* 'self'; object-src https://* 'self'; script-src https://* 'self' 'unsafe-inline'; style-src https://* 'self'
Content-Type
text/css
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Content-Length
21803
X-Xss-Protection
1; mode=block
application-c08b0e34114d494706a430b8f885fd476c8b2ba9b36bff9d01c24c7a73390959.js
jp-direct-staging.moneytree.jp/assets/ 		400 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jp-direct-staging.moneytree.jp/assets/application-c08b0e34114d494706a430b8f885fd476c8b2ba9b36bff9d01c24c7a73390959.js
Requested by
Host: jp-direct-staging.moneytree.jp
URL: https://jp-direct-staging.moneytree.jp/guests/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.196.203.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-203-66.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c08b0e34114d494706a430b8f885fd476c8b2ba9b36bff9d01c24c7a73390959
Security Headers
Name Value
Strict-Transport-Security max-age=631139040; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jp-direct-staging.moneytree.jp/guests/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Strict-Transport-Security
max-age=631139040; includeSubdomains
Via
1.1 spaces-router (8fc46b74df5f)
Vary
Accept-Encoding, Origin
Last-Modified
Wed, 18 Mar 2020 09:57:17 GMT
X-Frame-Options
DENY
Date
Thu, 23 Jul 2020 10:05:36 GMT
Content-Security-Policy-Report-Only
default-src https://* 'self'; connect-src https://* 'self'; font-src 'self' data:; img-src https://* data:; media-src https://* 'self'; object-src https://* 'self'; script-src https://* 'self' 'unsafe-inline'; style-src https://* 'self'
Content-Type
application/javascript
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Content-Length
122673
X-Xss-Protection
1; mode=block
moneytree.woff
assets.moneytree.jp/mt-web-font/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.moneytree.jp/mt-web-font/fonts/moneytree.woff
Requested by
Host: jp-direct-staging.moneytree.jp
URL: https://jp-direct-staging.moneytree.jp/assets/application-c08b0e34114d494706a430b8f885fd476c8b2ba9b36bff9d01c24c7a73390959.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:ca00:1c:68f5:7000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee4ec481db906b8ee3fbff2c90710042ba2ae5e5f691efc2da84b6c13a6bc1d2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://assets.moneytree.jp/mt-web-font/css/mt-web-font.css
Origin
https://jp-direct-staging.moneytree.jp

Response headers

date
Thu, 23 Jul 2020 10:05:38 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Tue, 08 Nov 2016 11:23:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
status
200
etag
"4b26d1344968d2f2889af664a0f01010"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
26448
x-amz-cf-id
somoPWkcxOOZI1IwMq_tKuip00mhitnqMG9T8mJmenUFOiQj1U7bQQ==
nr-1169.min.js
js-agent.newrelic.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1169.min.js
Requested by
Host: jp-direct-staging.moneytree.jp
URL: https://jp-direct-staging.moneytree.jp/guests/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8

Request headers

Referer
https://jp-direct-staging.moneytree.jp/guests/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 23 Jul 2020 10:05:38 GMT
content-encoding
gzip
x-amz-request-id
34323E3DCD0235EE
x-cache
HIT
status
200
content-length
10276
x-amz-id-2
9jY3iPL7VUwIJzTyN+h7Ca5OmyTHJnV5bajpkoOIyWsew9TsPn8KKSFSp2suxVMh6C06C6O/roM=
x-served-by
cache-fra19138-FRA
last-modified
Wed, 20 May 2020 21:16:15 GMT
server
AmazonS3
x-timer
S1595498738.210566,VS0,VE0
etag
"7e312620a90879b595db1bff9c42ed57"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
104009
e6374ffe58
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/e6374ffe58?a=30728524&v=1169.7b094c0&to=dgtYF0MJVQ5RS0wSB0YXXwxfFRYMUU4%3D&rst=4854&ck=1&ref=https://jp-direct-staging.moneytree.jp/guests/sign_in&qt=1&ap=26&be=2031&fe=4820&dc=3535&perf=%7B%22timing%22:%7B%22of%22:1595498733366,%22n%22:0,%22f%22:1160,%22dn%22:1160,%22dne%22:1216,%22c%22:1216,%22s%22:1221,%22ce%22:1730,%22rq%22:1730,%22rp%22:2021,%22rpe%22:2022,%22dl%22:2025,%22di%22:3534,%22ds%22:3534,%22de%22:3579,%22dc%22:4819,%22l%22:4819,%22le%22:4821%7D,%22navigation%22:%7B%7D%7D&fp=3586&fcp=3586&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://jp-direct-staging.moneytree.jp/guests/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
e6374ffe58
bam.nr-data.net/events/1/ 		24 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/e6374ffe58?a=30728524&v=1169.7b094c0&to=dgtYF0MJVQ5RS0wSB0YXXwxfFRYMUU4%3D&rst=14855&ck=1&ref=https://jp-direct-staging.moneytree.jp/guests/sign_in
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://jp-direct-staging.moneytree.jp/guests/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://jp-direct-staging.moneytree.jp
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require function| _classCallCheck function| _inherits function| _slicedToArray function| _createClass function| onDOMReady function| init_sortable function| recompute_positions function| _get object| validateHex object| validateRgb object| validateRgba object| QueryString function| $ function| jQuery object| jQuery112402519500944720823 object| ActiveAdmin function| activeadmin

1 Cookies

Domain/Path Name / Value
jp-direct-staging.moneytree.jp/ Name: _omoikane_session
Value: OG1sb05HWXF1Q1VidTYzeUp5a3pGemhDMldIVW1keHlKOEx6Qm40cXpodTd3QWN1VHF6QUVlRjlrSkc1OXFrWHNRcUkrbU0xUlh0djB5MEExYmtyc1BkT0xJUjUxYVROWVFFbTR6RWJmN08yYmFXNVVsSnVkN3NDaDV6c2lPbVBDOGRnalJ1cVVjeGJWOSthcnk3ZFNBPT0tLXRWSmZKSDNCVzdGaUZvQU84c2xpeXc9PQ%3D%3D--5901684cef39845e435445eef9a65a6e39b1c85a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=631139040; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block