urlscan.io logo urlscan.io
SecurityTrails logo

app.sansan-meishi-maker.com Open in urlscan Pro
104.18.18.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.sansan-meishi-maker.com/signin
Effective URL: https://app.sansan-meishi-maker.com/signin
Submission: On November 29 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 104.18.18.101, located in and belongs to CLOUDFLARENET, US. The main domain is app.sansan-meishi-maker.com.
TLS certificate: Issued by SecureCore RSA OV CA on September 29th 2023. Valid for: a year.
This is the only time app.sansan-meishi-maker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.18.18.101 13335 (CLOUDFLAR...)
3 1
Apex Domain
Subdomains		 Transfer
4 sansan-meishi-maker.com
app.sansan-meishi-maker.com
760 KB
3 1
Domain Requested by
4 app.sansan-meishi-maker.com 1 redirects app.sansan-meishi-maker.com
3 1

This site contains no links.

Subject Issuer Validity Valid
*.sansan-meishi-maker.com
SecureCore RSA OV CA		 2023-09-29 -
2024-10-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.sansan-meishi-maker.com/signin
Frame ID: 8BF543C509D11D343E4DABFDC9A541A2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sansan名刺メーカー

Page URL History Show full URLs

  1. http://app.sansan-meishi-maker.com/signin HTTP 301
    https://app.sansan-meishi-maker.com/signin Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

760 kB
Transfer

2407 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.sansan-meishi-maker.com/signin HTTP 301
    https://app.sansan-meishi-maker.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
app.sansan-meishi-maker.com/
Redirect Chain
  • http://app.sansan-meishi-maker.com/signin
  • https://app.sansan-meishi-maker.com/signin
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.sansan-meishi-maker.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1699df448790b98c476126e8d9ded2ccdb0f18a310ebad0549afc60dddc3fd
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self' *.firebaseapp.com;script-src 'self' apis.google.com;style-src 'self' 'unsafe-inline';connect-src 'self' identitytoolkit.googleapis.com securetoken.googleapis.com https://rum-ingest.us1.signalfx.com/v1/rum https://print-download.sansan-meishi-maker.com;img-src 'self' data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-expose-headers
Server-Timing
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82d934a06bf53bf7-NRT
content-encoding
gzip
content-security-policy
default-src 'self';frame-src 'self' *.firebaseapp.com;script-src 'self' apis.google.com;style-src 'self' 'unsafe-inline';connect-src 'self' identitytoolkit.googleapis.com securetoken.googleapis.com https://rum-ingest.us1.signalfx.com/v1/rum https://print-download.sansan-meishi-maker.com;img-src 'self' data:
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 07:40:58 GMT
expect-ct
max-age=0
expires
0
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
server-timing
traceparent;desc="00-d90d672666b49fdf7eb36fe997fde71a-4658dac6563bffa5-01"
strict-transport-security
max-age=15552000; includeSubDomains
surrogate-control
no-store
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-cloud-trace-context
d90d672666b49fdf7eb36fe997fde71a;o=1
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

CF-RAY
82d934a03e3f7348-NRT
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 29 Nov 2023 07:40:58 GMT
Expires
Wed, 29 Nov 2023 08:40:58 GMT
Location
https://app.sansan-meishi-maker.com/signin
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
main.bf329768.js
app.sansan-meishi-maker.com/static/js/ 		2 MB
753 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sansan-meishi-maker.com/static/js/main.bf329768.js
Requested by
Host: app.sansan-meishi-maker.com
URL: https://app.sansan-meishi-maker.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541c9548da53a94b0427e03c9403e430f45bf480caa45eaf0e3ad4a60aaefba1
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self' *.firebaseapp.com;script-src 'self' apis.google.com;style-src 'self' 'unsafe-inline';connect-src 'self' identitytoolkit.googleapis.com securetoken.googleapis.com https://rum-ingest.us1.signalfx.com/v1/rum https://print-download.sansan-meishi-maker.com;img-src 'self' data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:40:58 GMT
content-security-policy
default-src 'self';frame-src 'self' *.firebaseapp.com;script-src 'self' apis.google.com;style-src 'self' 'unsafe-inline';connect-src 'self' identitytoolkit.googleapis.com securetoken.googleapis.com https://rum-ingest.us1.signalfx.com/v1/rum https://print-download.sansan-meishi-maker.com;img-src 'self' data:
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
via
1.1 google, 1.1 google
surrogate-control
no-store
x-dns-prefetch-control
off
server-timing
traceparent;desc="00-0d20cf3e0234abe00eacc7aac4144725-26af82b89f505944-01"
x-xss-protection
0
pragma
no-cache
referrer-policy
no-referrer
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
etag
W/"2583e4-49773873e8"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-expose-headers
Server-Timing
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-cloud-trace-context
0d20cf3e0234abe00eacc7aac4144725;o=1
x-download-options
noopen
cf-ray
82d934a0bc593bf7-NRT
expires
0
smm-logo.png
app.sansan-meishi-maker.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.sansan-meishi-maker.com/smm-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207ae4094ef8ac10dcdede4e50d89b851822343eb53a18804df97a68bafd5bcf
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self' *.firebaseapp.com;script-src 'self' apis.google.com;style-src 'self' 'unsafe-inline';connect-src 'self' identitytoolkit.googleapis.com securetoken.googleapis.com https://rum-ingest.us1.signalfx.com/v1/rum https://print-download.sansan-meishi-maker.com;img-src 'self' data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:40:58 GMT
content-security-policy
default-src 'self';frame-src 'self' *.firebaseapp.com;script-src 'self' apis.google.com;style-src 'self' 'unsafe-inline';connect-src 'self' identitytoolkit.googleapis.com securetoken.googleapis.com https://rum-ingest.us1.signalfx.com/v1/rum https://print-download.sansan-meishi-maker.com;img-src 'self' data:
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google, 1.1 google
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
surrogate-control
no-store
x-dns-prefetch-control
off
server-timing
traceparent;desc="00-08402aff3a2d78b43842a188c3140c1c-5b22adb637d5058e-01"
content-length
4668
x-xss-protection
0
pragma
no-cache
referrer-policy
no-referrer
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
etag
W/"123c-49773873e8"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-expose-headers
Server-Timing
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-cloud-trace-context
08402aff3a2d78b43842a188c3140c1c
x-download-options
noopen
accept-ranges
bytes
cf-ray
82d934a31f573bf7-NRT
expires
0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| _

2 Cookies

Domain/Path Name / Value
.sansan-meishi-maker.com/ Name: __cf_bm
Value: ZDPCGCfT5UfMKia5hqhEALoI0qpEWg6xP.YKpz3WG20-1701243658-0-AeFIHgyjAueHibI7YUIWpZfq+lepn4InEacSQUk16UZo4G+4uF7M2G4RnCAUmqkBRm+sNBo/1ezw0hhX2bOf43I=
app.sansan-meishi-maker.com/ Name: _splunk_rum_sid
Value: %7B%22id%22%3A%227b5d0e4daa0adcfd24cab4b99f17d5f9%22%2C%22startTime%22%3A1701243658684%7D

1 Console Messages

Source Level URL
Text
security error URL: https://app.sansan-meishi-maker.com/signin
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' apis.google.com". Either the 'unsafe-inline' keyword, a hash ('sha256-/RVe9SKNL5DbSTZn6zlcdBs/6i46RLV52rackqk8eCM='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';frame-src 'self' *.firebaseapp.com;script-src 'self' apis.google.com;style-src 'self' 'unsafe-inline';connect-src 'self' identitytoolkit.googleapis.com securetoken.googleapis.com https://rum-ingest.us1.signalfx.com/v1/rum https://print-download.sansan-meishi-maker.com;img-src 'self' data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.sansan-meishi-maker.com
104.18.18.101
1a1699df448790b98c476126e8d9ded2ccdb0f18a310ebad0549afc60dddc3fd
207ae4094ef8ac10dcdede4e50d89b851822343eb53a18804df97a68bafd5bcf
541c9548da53a94b0427e03c9403e430f45bf480caa45eaf0e3ad4a60aaefba1