urlscan.io logo urlscan.io
SecurityTrails logo

payments.ricoh.com.au Open in urlscan Pro
13.70.72.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payments.ricoh.com.au/customer
Effective URL: https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Submission: On August 21 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 13.70.72.35, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is payments.ricoh.com.au.
TLS certificate: Issued by RapidSSL RSA CA 2018 on November 27th 2019. Valid for: 2 years.
This is the only time payments.ricoh.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 13.70.72.35 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 3
Apex Domain
Subdomains		 Transfer
7 ricoh.com.au
payments.ricoh.com.au
777 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com
580 B
8 3
Domain Requested by
7 payments.ricoh.com.au 1 redirects payments.ricoh.com.au
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com payments.ricoh.com.au
8 3

This site contains no links.

Subject Issuer Validity Valid
payments.ricoh.com.au
RapidSSL RSA CA 2018		 2019-11-27 -
2021-11-26		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Frame ID: 33A6CD79793606B956FF0F8F1AC58C12
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://payments.ricoh.com.au/customer HTTP 302
    https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

822 kB
Transfer

2863 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payments.ricoh.com.au/customer HTTP 302
    https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
payments.ricoh.com.au/user/
Redirect Chain
  • https://payments.ricoh.com.au/customer
  • https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.72.35 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ef5af738b1726363b3618d2941a8e1b6e422ec8da9d6708a96a42c2112b2973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
payments.ricoh.com.au
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ARRAffinity=d2206ffe61bcaf7f7efff4bfd2292b25361ce0cabd46cc65d43c2e3c5d664891
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Length
2737
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
__RequestVerificationToken=A2Ug-Ly-6RsrQ1gyUOhmoQwEa4Cfl7ho9lq9s5zPSZYJY47kXzPD8xMAwusU2ogIgBUP4swKO7aVHR3m4pnZyfVwqcRwERoEGTGg67R_QgE1; path=/; HttpOnly
X-Frame-Options
SAMEORIGIN
Request-Context
appId=cid-v1:6969ef45-fa80-4e1c-bf68-7a6e1ab24565
Access-Control-Expose-Headers
Request-Context
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Date
Fri, 21 Aug 2020 01:09:52 GMT

Redirect headers

Cache-Control
private
Location
https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
WWW-Authenticate
Bearer
Request-Context
appId=cid-v1:6969ef45-fa80-4e1c-bf68-7a6e1ab24565
Access-Control-Expose-Headers
Request-Context
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Set-Cookie
ARRAffinity=d2206ffe61bcaf7f7efff4bfd2292b25361ce0cabd46cc65d43c2e3c5d664891;Path=/;HttpOnly;Domain=payments.ricoh.com.au
Date
Fri, 21 Aug 2020 01:09:51 GMT
Content-Length
0
css
fonts.googleapis.com/ 		4 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700
Requested by
Host: payments.ricoh.com.au
URL: https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1f8f9850bcb1309309ee233e0618b1b0866a8774fce8528ce383765108ec9ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 Aug 2020 01:09:53 GMT
server
ESF
date
Fri, 21 Aug 2020 01:09:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Aug 2020 01:09:53 GMT
main.css
payments.ricoh.com.au/wwwroot/assets/styles/ 		269 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.ricoh.com.au/wwwroot/assets/styles/main.css
Requested by
Host: payments.ricoh.com.au
URL: https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.72.35 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
836f3cbad1f33abfeaf64dabc47d5d2f7e6806f38137e7bac63854a231657b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 May 2020 07:19:14 GMT
Server
Microsoft-IIS/10.0
ETag
"34cca250e421d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Date
Fri, 21 Aug 2020 01:09:52 GMT
Accept-Ranges
bytes
Content-Length
61771
X-XSS-Protection
1; mode=block
operator.css
payments.ricoh.com.au/wwwroot/assets/styles/ 		444 B
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.ricoh.com.au/wwwroot/assets/styles/operator.css
Requested by
Host: payments.ricoh.com.au
URL: https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.72.35 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ff39d88a7b585cd51821442a221c391bf356dd3d5275a9f24b287f7cfb25dba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 May 2020 07:19:14 GMT
Server
Microsoft-IIS/10.0
ETag
"2441d750e421d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Date
Fri, 21 Aug 2020 01:09:53 GMT
Accept-Ranges
bytes
Content-Length
366
X-XSS-Protection
1; mode=block
clients-skins.css
payments.ricoh.com.au/wwwroot/assets/styles/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.ricoh.com.au/wwwroot/assets/styles/clients-skins.css
Requested by
Host: payments.ricoh.com.au
URL: https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.72.35 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e303278ec184b76e800532b60397cc893478d17af2403d997eaad7d6f71022b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 May 2020 07:19:14 GMT
Server
Microsoft-IIS/10.0
ETag
"ad7f9450e421d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Date
Fri, 21 Aug 2020 01:09:53 GMT
Accept-Ranges
bytes
Content-Length
7773
X-XSS-Protection
1; mode=block
Logo.png
payments.ricoh.com.au/images/ricoh/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.ricoh.com.au/images/ricoh/Logo.png
Requested by
Host: payments.ricoh.com.au
URL: https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.72.35 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c06a86ae886d0e25ff001bf409fcb348b4649526770bfe3555c5630f3d23e993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 Apr 2020 21:01:18 GMT
Server
Microsoft-IIS/10.0
ETag
"023f4fed61cd61:0"
Content-Type
image/png
Date
Fri, 21 Aug 2020 01:09:53 GMT
Accept-Ranges
bytes
Content-Length
38004
X-XSS-Protection
1; mode=block
bundle.js
payments.ricoh.com.au/wwwroot/assets/scripts/ 		2 MB
667 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.ricoh.com.au/wwwroot/assets/scripts/bundle.js
Requested by
Host: payments.ricoh.com.au
URL: https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.72.35 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cac66b98b7b8ca5660947181dc625b7bd186881370ab4881ef403186a4560653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payments.ricoh.com.au/user/login?ReturnUrl=%2Fcustomer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 May 2020 07:19:14 GMT
Server
Microsoft-IIS/10.0
ETag
"c9a67c50e421d61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Fri, 21 Aug 2020 01:09:53 GMT
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v8/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://payments.ricoh.com.au
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 07 Aug 2020 08:16:18 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:42:54 GMT
server
sffe
age
1184015
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45196
x-xss-protection
0
expires
Sat, 07 Aug 2021 08:16:18 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| appInsights function| __extends object| Utility object| Core object| UserProfile object| AccountProfile object| InvoicesAndPayments object| CustomerPartPay object| CustomerPayment object| OperatorPayments object| Returns object| Services object| CustomerWidgets object| CustomerIssues object| CustomerAdHocPayment object| CustomerStatements object| Orders object| CustomerClaims object| OperatorProfile object| OperatorOverview object| OperatorTasks object| OperatorDashboard object| OperatorWidgets object| OperatorContacts object| OperatorPayment object| Notifications object| Reminders object| ReminderActivities object| Accounts object| OperatorAccount object| OperatorPartPay object| OperatorNotes object| OperatorReports object| Portfolios object| Businesses object| Security object| OperatorInvoices object| Documents object| OperatorConfiguration object| ReferenceTypes object| OperatorClaims object| PlansList object| Plans object| angular number| ng339 object| angular-file-upload function| $ function| jQuery function| moment function| _ object| Highcharts object| powerbi object| powerbi-client object| angular-powerbi

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block