URL: https://adm.koken-service.work/
Submission: On September 19 via automatic, source certstream-suspicious — Scanned from JP

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 210.191.73.187, located in Kumamoto, Japan and belongs to QTNET QTnet,Inc., JP. The main domain is adm.koken-service.work.
TLS certificate: Issued by E6 on September 11th 2024. Valid for: 3 months.
This is the only time adm.koken-service.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 210.191.73.187 7679 (QTNET QTnet)
4 210.191.73.140 7679 (QTNET QTnet)
17 3
Apex Domain
Subdomains
Transfer
4 sit-hcg-app.work
stg-api-base.sit-hcg-app.work Failed
294 KB
1 koken-service.work
adm.koken-service.work
7 KB
17 2
Domain Requested by
4 stg-api-base.sit-hcg-app.work adm.koken-service.work
1 adm.koken-service.work
17 2

This site contains no links.

Subject Issuer Validity Valid
app.koken-service.work
E6
2024-09-11 -
2024-12-10
3 months crt.sh
stg-adm-base.sit-hcg-app.work
E6
2024-08-01 -
2024-10-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://adm.koken-service.work/
Frame ID: A2055AD19DEEA5A3CF9915F547CBE38F
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

地域Pay連携自治体アプリ

Detected technologies

Overall confidence: 75%
Detected patterns
  • /Chart(?:\.bundle)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

29 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

301 kB
Transfer

297 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
adm.koken-service.work/
5 KB
7 KB
Document
General
Full URL
https://adm.koken-service.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.191.73.187 Kumamoto, Japan, ASN7679 (QTNET QTnet,Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
f9ba362d25c156f4b3b69028c5047131de78c24b45680552960f6650317a5c9c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:; object-src 'self'; script-src 'self' https://ajax.googleapis.com 'nonce-e4aefa8c9cf2a80f6be727151c128c8b'; style-src 'self' https://fonts.googleapis.com; form-action 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://zipcloud.ibsnet.co.jp; child-src 'self'; frame-src 'self'; media-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
Keep-Alive
Content-Security-Policy
default-src 'self'; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:; object-src 'self'; script-src 'self' https://ajax.googleapis.com 'nonce-e4aefa8c9cf2a80f6be727151c128c8b'; style-src 'self' https://fonts.googleapis.com; form-action 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://zipcloud.ibsnet.co.jp; child-src 'self'; frame-src 'self'; media-src 'self'
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Sep 2024 09:16:22 GMT
ETag
W/"f9ba362d25c156f4b3b69028c5047131"
Keep-Alive
timeout=5, max=100
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
684be65d-9a38-4ecf-9950-606097e40da4
X-Runtime
0.011749
X-XSS-Protection
1; mode=block
link
<https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/login.css?ver=0.000000>; rel=preload; as=style; nopush,<https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/jquery-3.6.2.min.js>; rel=preload; as=script; nopush,<https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/lazyload.min.js>; rel=preload; as=script; nopush,<https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/chart.js>; rel=preload; as=script; nopush,<https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/common.js?ver=0.00000000000000000111136>; rel=preload; as=script; nopush,<https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/common.css?ver=0.00022>; rel=preload; as=style; nopush
login.css
stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/
0
0

jquery-3.6.2.min.js
stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/
0
0

lazyload.min.js
stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/
0
0

chart.js
stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/
0
0

common.js
stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/
0
0

common.css
stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/
0
0

jquery-3.6.2.min.js
stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/
88 KB
88 KB
Script
General
Full URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/jquery-3.6.2.min.js
Requested by
Host: adm.koken-service.work
URL: https://adm.koken-service.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.191.73.140 Kumamoto, Japan, ASN7679 (QTNET QTnet,Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
da4ad864a87ffcf71c851b5df87f95cb242867f7b711cae4c6133cc9cc0048f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://adm.koken-service.work/

Response headers

ETag
"15f56-5f86989264659"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
89942
Keep-Alive
timeout=5, max=100
Date
Thu, 19 Sep 2024 09:16:23 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Apr 2023 07:30:39 GMT
Content-Type
application/javascript
Server
Apache
lazyload.min.js
stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/
2 KB
2 KB
Script
General
Full URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/lazyload.min.js
Requested by
Host: adm.koken-service.work
URL: https://adm.koken-service.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.191.73.140 Kumamoto, Japan, ASN7679 (QTNET QTnet,Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://adm.koken-service.work/

Response headers

ETag
"8a2-5f86989264e29"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
2210
Keep-Alive
timeout=5, max=100
Date
Thu, 19 Sep 2024 09:16:23 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Apr 2023 07:30:39 GMT
Content-Type
application/javascript
Server
Apache
chart.js
stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/
193 KB
193 KB
Script
General
Full URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/chart.js
Requested by
Host: adm.koken-service.work
URL: https://adm.koken-service.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.191.73.140 Kumamoto, Japan, ASN7679 (QTNET QTnet,Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
44048d30d96646d22b79ece77df60c0d4c415dc3118e28c469a185fe0c53eafc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://adm.koken-service.work/

Response headers

ETag
"3042e-5f8698925f451"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
197678
Keep-Alive
timeout=5, max=100
Date
Thu, 19 Sep 2024 09:16:23 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 03 Apr 2023 07:30:39 GMT
Content-Type
application/javascript
Server
Apache
common.js
stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/
9 KB
10 KB
Script
General
Full URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/common.js?ver=0.00000000000000000111136
Requested by
Host: adm.koken-service.work
URL: https://adm.koken-service.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.191.73.140 Kumamoto, Japan, ASN7679 (QTNET QTnet,Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
7a82da7e6561c5cfeaf607a7b28da981300e68c4599e0af2ea48b2a293bb138b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://adm.koken-service.work/

Response headers

ETag
"2506-5fbd8af82def5"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
9478
Keep-Alive
timeout=5, max=100
Date
Thu, 19 Sep 2024 09:16:23 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 May 2023 00:22:39 GMT
Content-Type
application/javascript
Server
Apache
common.css
stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/
0
0

login.css
stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/
0
0

icon.png
stg-api-base.sit-hcg-app.work/base_app/api/public/images/Common/
0
0

loading-three-dots.svg
stg-api-base.sit-hcg-app.work/base_app/api/public/images/Common/
0
0

favicon.ico
stg-api-base.sit-hcg-app.work/base_app/api/public/
0
0

favicon.ico
stg-api-base.sit-hcg-app.work/base_app/api/public/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/login.css?ver=0.000000
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/jquery-3.6.2.min.js
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/lazyload.min.js
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/chart.js
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/common.js?ver=0.00000000000000000111136
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/common.css?ver=0.00022
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/common.css?ver=0.00022
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/login.css?ver=0.000000
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/images/Common/icon.png
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/images/Common/loading-three-dots.svg
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/favicon.ico
Domain
stg-api-base.sit-hcg-app.work
URL
https://stg-api-base.sit-hcg-app.work/base_app/api/public/favicon.ico

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| lazyload function| LazyLoad function| Color function| Chart boolean| window_open_flg string| web_check_url function| iOS function| fAjax function| fAjaxProc function| fAjaxProcEnd function| fLoadingBgEnd function| fResetMsg function| fBeforeWrapperRewrite function| fAjaxWrapperRewriting function| fLinkBtnClick function| fWindowLocation function| fShowPopMsg function| fShowPopMsg2 function| fScrollLock function| fScrollUnlock object| Unity function| fUnityLoadingStart function| fUnauthorizedProc function| send_qr_code function| press_backButton

1 Cookies

Domain/Path Name / Value
adm.koken-service.work/ Name: _base_app_api_session
Value: e4aefa8c9cf2a80f6be727151c128c8b

14 Console Messages

Source Level URL
Text
security error URL: https://adm.koken-service.work/
Message:
Refused to load the stylesheet 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/login.css?ver=0.000000' because it violates the following Content Security Policy directive: "style-src 'self' https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://adm.koken-service.work/
Message:
Refused to load the script 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/jquery-3.6.2.min.js' because it violates the following Content Security Policy directive: "script-src 'self' https://ajax.googleapis.com 'nonce-e4aefa8c9cf2a80f6be727151c128c8b'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://adm.koken-service.work/
Message:
Refused to load the script 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/lazyload.min.js' because it violates the following Content Security Policy directive: "script-src 'self' https://ajax.googleapis.com 'nonce-e4aefa8c9cf2a80f6be727151c128c8b'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://adm.koken-service.work/
Message:
Refused to load the script 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/chart.js' because it violates the following Content Security Policy directive: "script-src 'self' https://ajax.googleapis.com 'nonce-e4aefa8c9cf2a80f6be727151c128c8b'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://adm.koken-service.work/
Message:
Refused to load the script 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/javascripts/common.js?ver=0.00000000000000000111136' because it violates the following Content Security Policy directive: "script-src 'self' https://ajax.googleapis.com 'nonce-e4aefa8c9cf2a80f6be727151c128c8b'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://adm.koken-service.work/
Message:
Refused to load the stylesheet 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/common.css?ver=0.00022' because it violates the following Content Security Policy directive: "style-src 'self' https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://adm.koken-service.work/(Line 8)
Message:
Refused to load the image 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/favicon.ico' because it violates the following Content Security Policy directive: "img-src 'self' data:".
security error URL: https://adm.koken-service.work/(Line 9)
Message:
Refused to load the image 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/favicon.ico' because it violates the following Content Security Policy directive: "img-src 'self' data:".
security error URL: https://adm.koken-service.work/(Line 14)
Message:
Refused to load the stylesheet 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/common.css?ver=0.00022' because it violates the following Content Security Policy directive: "style-src 'self' https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://adm.koken-service.work/(Line 83)
Message:
Refused to load the stylesheet 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/stylesheets/login.css?ver=0.000000' because it violates the following Content Security Policy directive: "style-src 'self' https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://adm.koken-service.work/(Line 114)
Message:
Refused to load the image 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/images/Common/icon.png' because it violates the following Content Security Policy directive: "img-src 'self' data:".
security error URL: https://adm.koken-service.work/(Line 166)
Message:
Refused to load the image 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/images/Common/loading-three-dots.svg' because it violates the following Content Security Policy directive: "img-src 'self' data:".
security error URL: https://adm.koken-service.work/
Message:
Refused to load the image 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/favicon.ico' because it violates the following Content Security Policy directive: "img-src 'self' data:".
security error URL: https://adm.koken-service.work/
Message:
Refused to load the image 'https://stg-api-base.sit-hcg-app.work/base_app/api/public/favicon.ico' because it violates the following Content Security Policy directive: "img-src 'self' data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; font-src 'self' https://fonts.gstatic.com; img-src 'self' data:; object-src 'self'; script-src 'self' https://ajax.googleapis.com 'nonce-e4aefa8c9cf2a80f6be727151c128c8b'; style-src 'self' https://fonts.googleapis.com; form-action 'self'; base-uri 'self'; frame-ancestors 'self'; connect-src 'self' https://zipcloud.ibsnet.co.jp; child-src 'self'; frame-src 'self'; media-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block