rmf.tickbox.nz Open in urlscan Pro
2606:4700:20::ac43:4526 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rmf.tickbox.nz/login
Submission: On February 14 via api (February 14th 2024, 7:08:36 pm UTC) from US — Scanned from NZ

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:20::ac43:4526, located in United States and belongs to CLOUDFLARENET, US. The main domain is rmf.tickbox.nz.
TLS certificate: Issued by E1 on January 26th 2024. Valid for: 3 months.

This is the only time rmf.tickbox.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	2606:4700:20:... 2606:4700:20::ac43:4526	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.95.129.22 52.95.129.22	() ()
12	2

12 2606:4700:20::ac43:4526 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

rmf.tickbox.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.129.22 (Sydney, Australia)

ASN- ()
PTR: s3-r-w.ap-southeast-2.amazonaws.com

maxi-induction.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	tickbox.nz 2 redirects rmf.tickbox.nz	399 KB
2	amazonaws.com maxi-induction.s3.ap-southeast-2.amazonaws.com	413 KB
12	2

	Domain	Requested by
12	rmf.tickbox.nz	2 redirects rmf.tickbox.nz
2	maxi-induction.s3.ap-southeast-2.amazonaws.com	rmf.tickbox.nz
12	2

This site contains links to these domains. Also see Links.

Domain
www.moca.co.nz

Subject Issuer	Validity	Valid
tickbox.nz E1	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-01` - `2025-01-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://rmf.tickbox.nz/login
Frame ID: 60B89B080592A3E7CAF58B2B93EDB80A
Requests: 8 HTTP requests in this frame

Frame: https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Frame ID: 1FA04AC269C21E8B705BC86D28421C1D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RMF Induction

Page Statistics

12
Requests

83 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

811 kB
Transfer

1494 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.moca.co.nz/tickbox_privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

Request Chain 9

https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
rmf.tickbox.nz/ 5 KB
4 KB 221ms
131ms Document
text/html 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44422a0b2784ba1ce2185e960b51e58fa8457967fd3ea5ea728edbb73f1f77d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8557999dece21c5e-AKL
content-encoding: br
content-security-policy-report-only: default-src data: 'unsafe-inline' 'unsafe-eval' https://*.tickbox.nz https://*.amazonaws.com https://*.youtube.com https://*.vimeo.com https://*.bootstrapcdn.com https://*.googleapis.com https://*.google-analytics.com https://*.gstatic.com; frame-src https://*.google.com https://view.officeapps.live.com https://*.youtube.com https://maxi-induction.s3.ap-southeast-2.amazonaws.com https://*.vimeo.com https://*.googleapis.com https://rainbowtick.z8.web.core.windows.net https://*.cdn.office.net/; form-action https://*.tickbox.nz; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 19:08:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJAb85oKg51NBFevd6U%2F35TrKuNrQbGYDed87h%2Bs0OxwiFK88D%2FGZQ4iyjQLqfSdgC%2FsaKgRFTfWo651XXAg5GMBTwaZjdXXqj97C%2F0%2BLLMtxpDxIAP0Wg1tHDoNVkwcXMf8BBz6WI45gfM2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 app.css
rmf.tickbox.nz/css/frontend/default/ 292 KB
54 KB 52ms
51ms Stylesheet
text/css 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/css/frontend/default/app.css

Requested by

Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180a694275ec4b1d90f0d26e5932012175c0a66c5897c9f90d27dbc9f02d2cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rmf.tickbox.nz/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:08:29 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Feb 2024 22:22:16 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65cbeb98-48dc6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpxrD3k1YFEOJzBkUjreW4lKVbabMU0SbkLBB57YJ%2Fm7aOm9F%2FOOFACRq9vhsfzdagZkwvGZrR53Xf733rGnWRabNmpNi3Y77%2F%2BOw89Mdn14SnrCjfzJ%2BWLkCVVFQdrgQ9XQFftInECXc%2B%2Ft"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8557999ece211c5e-AKL

GET
H/1.1 200
OK Matariki_Logo_trans_sml3-am%20copy.png
maxi-induction.s3.ap-southeast-2.amazonaws.com/rmf/template/ 26 KB
26 KB 238ms
89ms Image
image/png 52.95.129.22

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-induction.s3.ap-southeast-2.amazonaws.com/rmf/template/Matariki_Logo_trans_sml3-am%20copy.png
Requested by: Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.129.22 Sydney, Australia, ASN (),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3660f439474616b250f48271682b0880fb471256b7c4c730b9398f54ee4c89c6

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rmf.tickbox.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 19:08:31 GMT
Last-Modified: Wed, 15 Mar 2023 08:27:46 GMT
Server: AmazonS3
x-amz-request-id: DHMHG2YSK3J1BVBZ
ETag: "0d7ba74278998fa6e09878bb19ed2ae5"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 26652
x-amz-id-2: AaFWqBjKiPwCwVqc7pBceuw15V7pGFVQCNbOM94n8NZeAqNG9AvLGa1n2IultpytkRB/K1cBAME=

GET
H2 200 email-decode.min.js Show response
rmf.tickbox.nz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
952 B 39ms
38ms Script
application/javascript 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rmf.tickbox.nz/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:08:29 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Fri, 09 Feb 2024 17:53:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65c66685-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOyI7UOTYF4a3k1pPJa1zC0%2BDGKsl9YrNG%2F6jDqPukOVqy3y5s5XQNHQeeGw%2FTnzonevhgAJjj%2Fa0mOTbiLOfoSZssNFqJ8LnxkqTC3A1Z4S7wZheylbDCCrGrll%2B4mHtX5heF9RQpPReF5V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8557999ece231c5e-AKL
expires: Fri, 16 Feb 2024 19:08:29 GMT

GET
H2 200 rocket-loader.min.js Show response
rmf.tickbox.nz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 38ms
37ms Script
application/javascript 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rmf.tickbox.nz/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:08:29 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Fri, 09 Feb 2024 17:53:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65c66685-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOOkuMbUSLLqk8BQngQurcXLpQgYpp2n8G8yqCt72t1VGGzHGGJcajETcTS7l0saSsF5RUN5bWtY5hH%2FI0QlU97vpL3kpervp9EIijOLm%2FfulceNKHdmPoJhoYH5oJ8FFb0KaT0WHJEJ59CK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8557999ece251c5e-AKL
expires: Fri, 16 Feb 2024 19:08:29 GMT

GET
H/1.1 200
OK CRP-210429-2219-1500px-squoosh.jpg
maxi-induction.s3.ap-southeast-2.amazonaws.com/rmf/template/ 386 KB
386 KB 249ms
116ms Image
image/jpeg 52.95.129.22

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxi-induction.s3.ap-southeast-2.amazonaws.com/rmf/template/CRP-210429-2219-1500px-squoosh.jpg
Requested by: Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.129.22 Sydney, Australia, ASN (),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7bdc0a57609db490703d02e7ece4dbec98e7219072ffd6c2e70f31f1685118ef

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rmf.tickbox.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 19:08:31 GMT
Last-Modified: Sun, 12 Mar 2023 08:49:05 GMT
Server: AmazonS3
x-amz-request-id: DHMVPYJQFYSJ92V1
ETag: "7f33a7b5ea5caf69e1371e3d511e1bf7"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 395077
x-amz-id-2: 9b7Rxl53fE0F/GWsNchGikL2wRLuBMFHr2c1zw1ISH3v2s8wxe+UJIyDcuvmuQlqV5lf2KlBXi0=

GET
H2 200 fa-solid-900.woff2
rmf.tickbox.nz/css/frontend/webfonts/ 138 KB
139 KB 60ms
60ms Font
application/octet-stream 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/css/frontend/webfonts/fa-solid-900.woff2

Requested by

Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/css/frontend/default/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://rmf.tickbox.nz/css/frontend/default/app.css
Origin: https://rmf.tickbox.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:08:29 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400
content-length: 141600
last-modified: Tue, 13 Feb 2024 22:17:26 GMT
server: cloudflare
etag: "65cbea76-22920"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxxSzwH4amVF8Yv7DCM0JIuSK1l5VNEI93Mc1H4RJaOCJTy915oqBYvXau6Eapord6ReSNFQqymRmAF9o0Y7%2FO0kBbWYQYh%2B7WxTEywYXfRe2UM26ldJ0grc0XYrfExChVhFbLi2EWejJDKm"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8557999f3ebe1c5e-AKL

GET
H3 200 app.js Show response
rmf.tickbox.nz/js/frontend/default/ 619 KB
187 KB 59ms
58ms Script
application/x-javascript 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/js/frontend/default/app.js

Requested by

Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d298af2e395c5405adcfffdeeb3253fc8b7c5f22ffafa72819046770da24d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://rmf.tickbox.nz/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:08:29 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
cf-polished: origSize=633891
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Feb 2024 22:22:16 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65cbeb98-9ac23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXQxjawErXLytJ%2FegccRfyKfXAtm5l%2B8Qm2Ir7BqoMHwXebyJTtfZywsbwk9f0RRIiPAsBwraiMAoXyMy3mJ9d22KhYhfIDQGyHxQBPUW2063blfgaD7gb7rkvdGr7SRbL%2F9rrbH%2B%2BqpjlSq"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 8557999f58fb50c8-AKL

GET
H3

200

main.js Show response
rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/ Frame 1FA0
Redirect Chain

https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

8 KB
4 KB

139ms
138ms

Script
application/javascript

2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

Requested by

Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/login

Protocol

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e860b821acd92ed0d491a3ab099961a09f92f176739cba5574395d14d7fb93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:08:30 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjqcOL2blZ2HbhCx3FlR9TJGgTxcCCvGDmP7CoKJM8zRqxligeRE1yddivcz47j6sdGffQrwkOlxKEySCbOguFq3w3iuh1%2FrVj5VJgO8em1uCNjVSDRxbFwMdrJz6iF2Me%2FpNBA49oJrJj7Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8557999fb9ab50c8-AKL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 14 Feb 2024 19:08:29 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BToSVMOkkiJERilnwn%2BcY7r%2BiAhenuHgQtXuJU6ERlwzMrdcqZyt84%2BCCMc0CbGxEnobE9y1EiUWsxweq0viyxVtEKRngtB7yTWeqa3IO%2Bzp2DGMCcnocCFaPEI7kvYDjWIstlb%2B7DRs%2FO7"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8557999f692050c8-AKL
alt-svc: h3=":443"; ma=86400

POST
H3 200 8557999dece21c5e Show response
rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1FA0 0
603 B 60ms
59ms XHR
text/plain 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/jsd/r/8557999dece21c5e

Requested by

Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Feb 2024 19:08:30 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB7SoinSIGGGl5mZ3FcNOEEp9eASJy7KWndtwqwAZk1kWAzmu021hNTI4E32eec1xSrLOKM8HihjKbnI22nk2p5CZvp8qGMtNzaOnbkQHVZ5824L7h1j2mjw%2FyDe2d5trdlmlecunMkQ3XOk"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 855799a14c5150c8-AKL
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/ Frame 1FA0
Redirect Chain

https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

8 KB
4 KB

43ms
43ms

Script
application/javascript

2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

Protocol

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caa4824b9e80c0bfb30b23f0c2fa490bd3a4b45956df2aa61d9ad027a56f5161

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:08:30 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knhNddaOqAd9QPHtrzbPEZI53HIB2yyygZNqGgZI5ygX1tbiJHyc1LlKdxN0B5T9Wz9G0wnG4t6xCyEAVpQn0VoGqSUs%2FfQeuVxY%2FoAaGuD7g3h%2B12y%2FkIA5SoOvQNfSROODWBeaT3h3P0vJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 855799a2eeaa50c8-AKL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 14 Feb 2024 19:08:30 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVe3C3hc27TH5QaB1%2FV8TSem3itDorSeQrZjVHJWEy3dQlOcBm6q3Uaifdz4s6I4v2qtOFbgBltd8bwFaxTAm0IjDkSpZQryEscCqQZb%2BAl4xYTGxAeWX3JhTRc8BlqDWZOj9B8Suam8D2Z0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
cache-control: max-age=300, public
cf-ray: 855799a29e5350c8-AKL
alt-svc: h3=":443"; ma=86400

POST
H3 200 8557999dece21c5e Show response
rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1FA0 0
609 B 51ms
51ms XHR
text/plain 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rmf.tickbox.nz/cdn-cgi/challenge-platform/h/g/jsd/r/8557999dece21c5e

Requested by

Host: rmf.tickbox.nz
URL: https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Feb 2024 19:08:30 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNLj7CMd27fI58e3mdFQUGHuenTtrhVXX9jPRQzzBEQ%2BIafZViAhhZz16qjS%2FaPSLdxhrRJKxfyrvvxDtMsS77YYNz1b0f2kprLCsW0hIsEcAeqaLqOcAwU5PNQoHiDTepDw1e7mHaQzZY%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 855799a3afb350c8-AKL
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rmf.tickbox.nz/	1970-01-20 18:25:44	Name: XSRF-TOKEN Value: eyJpdiI6InpzME9MdU9uU1UzSUI4ai8yRmRuU1E9PSIsInZhbHVlIjoiOXhsM1MyZXVZTk5QUzk1Q3hJQTNxdDVmOEpPcFVJUlAyMTh0WXpLOTAwbjU1U0lkVTE5MWJybE1jVkthc24rQk03MjZGaHNuQjl1WmhMQ0RJZ3NoMnZrMjdjaFA2bncvOEdvdGs5dFlxWFQrbTdYRzVES2dPdUMvTk5hNEVYUzciLCJtYWMiOiJhNTJmYzc5MjU0MjVlNWZlZjFhOWVjMTk1MTljYTM0ZjgxZWY5NWNkNDYwMjhhOTYzNzA5ZDZkMjczZGMxMmUwIn0%3D
rmf.tickbox.nz/	1970-01-20 18:25:44	Name: maxi_session Value: eyJpdiI6ImxjajUveW5PQms1TjlIZnJwaXd3VVE9PSIsInZhbHVlIjoia0tXTE4wUFFxUXp4aXVtWWR5SWM4V3pQM09rbTZGUmI5cTlveVA3Zzk5ZkdNbEtKTnNYUGFwK3R5VC9WRFNuVW15Z3lVSGk5NEErQVpSU3krdlBFQ3RCSmltUVE5TXF5SFlqSW9zTVlkLzc2Z1poUHZaYVJCUWZoSDR1dTVuZnEiLCJtYWMiOiI1OTgzMzlhNTBkZWZiMjI0NzdkMjE4NTM4NmZiMjE0YWFiNmRkZjUzN2MwY2JlMGZmMDlmOGI5NTVjMWQ4MjAwIn0%3D
.tickbox.nz/	1970-01-21 03:11:13	Name: cf_clearance Value: YqB8RFWnc3rQ5lR6e7Dz1fyDWr_vZLwAX7rvQsVgrhw-1707937710-1.0-AU+xO8G7eOyCmwwLi0MPg7O7EoW+fW3QWTaoE9RBUXRypHFK9PA0dKWimYtkwcVcN4f047rZ/iAeeOBN3i7IjZw=

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://rmf.tickbox.nz/login Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://rmf.tickbox.nz/login(Line 72) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://rmf.tickbox.nz/login(Line 72) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://rmf.tickbox.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

maxi-induction.s3.ap-southeast-2.amazonaws.com
rmf.tickbox.nz
2606:4700:20::ac43:4526
52.95.129.22
180a694275ec4b1d90f0d26e5932012175c0a66c5897c9f90d27dbc9f02d2cc4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3660f439474616b250f48271682b0880fb471256b7c4c730b9398f54ee4c89c6
44422a0b2784ba1ce2185e960b51e58fa8457967fd3ea5ea728edbb73f1f77d9
63d298af2e395c5405adcfffdeeb3253fc8b7c5f22ffafa72819046770da24d5
72e860b821acd92ed0d491a3ab099961a09f92f176739cba5574395d14d7fb93
7bdc0a57609db490703d02e7ece4dbec98e7219072ffd6c2e70f31f1685118ef
caa4824b9e80c0bfb30b23f0c2fa490bd3a4b45956df2aa61d9ad027a56f5161
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

rmf.tickbox.nz Open in urlscan Pro 2606:4700:20::ac43:4526 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

83 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

811 kBTransfer

1494 kBSize

3 Cookies

1 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

7 Console Messages

Security Headers

Indicators

rmf.tickbox.nz Open in urlscan Pro
2606:4700:20::ac43:4526 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

83 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

811 kB
Transfer

1494 kB
Size

3
Cookies

12 HTTP transactions
0 data transactions