urlscan.io logo urlscan.io
SecurityTrails logo

staging.orfium.com Open in urlscan Pro
54.196.16.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://license-tracker-sandbox.staging.orfium.com/
Effective URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Submission: On October 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 18 HTTP transactions. The main IP is 54.196.16.164, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is staging.orfium.com.
TLS certificate: Issued by R3 on September 17th 2021. Valid for: 3 months.
This is the only time staging.orfium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.20.78.240 14618 (AMAZON-AES)
1 54.196.16.164 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 65.9.66.97 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.112 16509 (AMAZON-02)
1 130.211.5.208 15169 (GOOGLE)
1 107.178.240.159 15169 (GOOGLE)
2 2a04:4e42::393 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
18 11
1    52.20.78.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-78-240.compute-1.amazonaws.com
license-tracker-sandbox.staging.orfium.com
1    54.196.16.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-16-164.compute-1.amazonaws.com
staging.orfium.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
cdn.orfium.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    65.9.66.112 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
1    130.211.5.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.5.211.130.bc.googleusercontent.com
cdn4.mxpnl.com
1    107.178.240.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com
api-js.mixpanel.com
2    2a04:4e42::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
4 cdn.orfium.com staging.orfium.com
2 res.cloudinary.com cdn.orfium.com
2 www.google-analytics.com staging.orfium.com
www.google-analytics.com
2 fonts.googleapis.com staging.orfium.com
cdn.orfium.com
1 fonts.gstatic.com fonts.googleapis.com
1 api-js.mixpanel.com cdn4.mxpnl.com
1 cdn4.mxpnl.com staging.orfium.com
1 static.hotjar.com staging.orfium.com
1 maps.googleapis.com staging.orfium.com
maps.googleapis.com
1 staging.orfium.com
1 license-tracker-sandbox.staging.orfium.com 1 redirects
18 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
staging.orfium.com
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdn.orfium.com
Amazon		 2021-08-19 -
2022-09-17		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Frame ID: 9F17BCD3FF738CBB82A3F34A7998E85C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | Orfium

Page URL History Show full URLs

  1. https://license-tracker-sandbox.staging.orfium.com/ HTTP 302
    https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

18
Requests

89 %
HTTPS

45 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

1557 kB
Transfer

5622 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://license-tracker-sandbox.staging.orfium.com/ HTTP 302
    https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
staging.orfium.com/accounts/
Redirect Chain
  • https://license-tracker-sandbox.staging.orfium.com/
  • https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.196.16.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-16-164.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
a2d5a5ec0c7f0066ca40bab5f9c27c539f4eddf04e3ce721168bd3757452100e

Request headers

Host
staging.orfium.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Cowboy
Connection
keep-alive
X-Powered-By
Express
Content-Type
text/html; charset=utf-8
Content-Length
10718
Etag
W/"29de-KC/cD3TjjCYNawYsjrjGleCJQaQ"
Date
Thu, 14 Oct 2021 01:07:33 GMT
Via
1.1 vegur

Redirect headers

Connection
keep-alive
Server
gunicorn
Date
Thu, 14 Oct 2021 01:07:33 GMT
Content-Type
text/html; charset=utf-8
Location
https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Content-Length
0
Vary
Origin
Via
1.1 vegur
css
fonts.googleapis.com/ 		672 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
388442a1e51e37650faaa206d776a1ced6816a3f9a41b66dbe7347a4537c13fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 00:17:04 GMT
server
ESF
date
Thu, 14 Oct 2021 01:07:33 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 01:07:33 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
3987
date
Thu, 14 Oct 2021 00:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 14 Oct 2021 02:01:06 GMT
bundle.b52a41d1c13cedca6c2e647e8f61b398.css
cdn.orfium.com/dist/ 		554 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.orfium.com/dist/bundle.b52a41d1c13cedca6c2e647e8f61b398.css
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
832f0ccbe710ceec072901d0357bdba22842fc3898aeb83146705a06a7b6414c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 01:07:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 16:51:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"dca551daed45edf7b911cb0c99b5bff4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
xkSQpZt2Ah.1motw9rZAqwwu4vaqbalB
x-amz-storage-class
INTELLIGENT_TIERING
content-type
text/css
x-amz-cf-id
P-ivGNB58o5dma8CJI1kpA6TxVX82cKN7WmwotjwqrbzxpMHhxcXhw==
via
1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
js
maps.googleapis.com/maps/api/ 		147 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDRlvrCj_nWelbHudzOFpFBhBZNJLQ5JMQ&libraries=places
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
821fc0cca18a65abc93b5d8d17bde69d7958fbfdcc8f6b0389e92c69c0893771
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 01:07:33 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=19
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48741
x-xss-protection
0
expires
Thu, 14 Oct 2021 01:37:33 GMT
vendor.8c6a89e0996aa628863d.js
cdn.orfium.com/dist/ 		2 MB
610 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.orfium.com/dist/vendor.8c6a89e0996aa628863d.js
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59d97471a411e08a2781bdbc896f414a8380a840ba7df1f6ad2d4fa47eff61ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
O6vES_fM0cyRWa0VVcheZMN5zFFn0lIO
content-encoding
gzip
last-modified
Tue, 25 May 2021 08:28:26 GMT
server
AmazonS3
age
70156
etag
W/"1dadd32b52fbe7ed58b0f6c83d3581fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-storage-class
INTELLIGENT_TIERING
date
Wed, 13 Oct 2021 05:38:18 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
iDVXsffMpLICcjgXVqAdz0oHBkgmLpWQJQnhQRmcQlOIWPLRJndS2g==
via
1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
bundle.2fb489e8179d593e6feb.js
cdn.orfium.com/dist/ 		3 MB
652 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.orfium.com/dist/bundle.2fb489e8179d593e6feb.js
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d9749f54232bf7cb0b6f9e23aaf3e4cc84e909e4241a63cc91e9ea5245f0386

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 01:07:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 16:45:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"b86f6c89053ffcfa0f945b34b1bd61bf"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
PHcf4jd29aPLcaweTXQ6x_NQFRwhHJJq
x-amz-storage-class
INTELLIGENT_TIERING
content-type
application/javascript
x-amz-cf-id
FQ-FFgsq1Daw46IhwghB65-Qw7pV13Y_Wblkq97J74i2Xf8Ago_sXg==
via
1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
hotjar-undefined.js
static.hotjar.com/c/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-undefined.js?sv=6
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
mixpanel-2-latest.min.js
cdn4.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.5.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.5.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 01:00:28 GMT
content-encoding
gzip
age
425
x-guploader-uploadid
ADPycdv4gxKiFaGv1OSpRpAWfqm0rhDwOzjEWCUb15xwnUZYe_ptHv48mRjQn20E1D2aA13PDBExRzenJrrMPFnAznc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:21:54 GMT
server
UploadServer
etag
"765779983eed1c9fc2821b4507eea08b"
vary
Accept-Encoding
x-goog-hash
crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation
1611858114590219
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 14 Oct 2021 01:10:28 GMT
css
fonts.googleapis.com/ 		15 KB
993 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,700&subset=latin
Requested by
Host: cdn.orfium.com
URL: https://cdn.orfium.com/dist/bundle.b52a41d1c13cedca6c2e647e8f61b398.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2ed9b901bce72cbedf731627e94b8d517f069ae1f792baf3965ca9a53d77700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 01:07:35 GMT
server
ESF
date
Thu, 14 Oct 2021 01:07:35 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 01:07:35 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1026636362&t=pageview&_s=1&dl=https%3A%2F%2Fstaging.orfium.com%2Faccounts%2Flogin%3Fnext%3Dhttps%3A%2F%2Flicense-tracker-sandbox.staging.orfium.com%2F&dp=%2Faccounts%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20Orfium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=378353149&gjid=146171191&cid=12846126.1634173654&tid=__NONE__&_gid=411349810.1634173654&_r=1&_slc=1&z=1877400152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.orfium.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 01:07:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://staging.orfium.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api-js.mixpanel.com/track/ 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1634173655714
Requested by
Host: cdn4.mxpnl.com
URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://staging.orfium.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Thu, 14 Oct 2021 01:07:35 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://staging.orfium.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
16
alt-svc
clear
content-length
1
0c5279a27dfc65b6b41b52634cbe7b80.svg
cdn.orfium.com/dist/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.orfium.com/dist/0c5279a27dfc65b6b41b52634cbe7b80.svg
Requested by
Host: staging.orfium.com
URL: https://staging.orfium.com/accounts/login?next=https://license-tracker-sandbox.staging.orfium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e86be0676cdaeb37f57c8a5405707976d20a710d82862dab89539477e0f6283

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 01:07:37 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 12:35:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"0c5279a27dfc65b6b41b52634cbe7b80"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
gWlRYEq9_q7LC5rAg3WzThJNvU7Bnd3u
via
1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
content-type
image/svg+xml
x-amz-cf-id
Wve-XLVeb0n6SMWVRWZCaKWE1qYb5UU2-YKK2PZBI8d6RT5F1RvQMw==
login-background-photo.jpg
res.cloudinary.com/apilama/image/fetch/c_thumb,q_auto/https:/cdn.orfium.com/dist/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/apilama/image/fetch/c_thumb,q_auto/https:/cdn.orfium.com/dist/login-background-photo.jpg?ac2c6b9c7c64f2adde075c0b0c001231
Requested by
Host: cdn.orfium.com
URL: https://cdn.orfium.com/dist/bundle.b52a41d1c13cedca6c2e647e8f61b398.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2d43eb9454a2186893cce69f75cdf60f629b3be2e2e71ef039e154286715a1d8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 01:07:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Sep 2021 06:15:43 GMT
server
Cloudinary
etag
"a83f572b2fcd812127c69222b883420c"
vary
Save-Data
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
server-timing
fastly;dur=164;cpu=163;start=2021-10-14T01:07:47.089Z;desc=hit,rtt;dur=0
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
44721
f9da34ac9c102e06128a14d6a0aaa985.svg
res.cloudinary.com/apilama/image/fetch/c_thumb,q_auto/https:/cdn.orfium.com/dist/ 		253 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/apilama/image/fetch/c_thumb,q_auto/https:/cdn.orfium.com/dist/f9da34ac9c102e06128a14d6a0aaa985.svg
Requested by
Host: cdn.orfium.com
URL: https://cdn.orfium.com/dist/bundle.b52a41d1c13cedca6c2e647e8f61b398.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3d3ad80a77cf98e4f60a52828a2316f7ccc50caa043222c305568910af82a140
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.orfium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 01:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="f9da34ac9c102e06128a14d6a0aaa985.svg"
server-timing
fastly;dur=164;cpu=163;start=2021-10-14T01:07:47.089Z;desc=hit,rtt;dur=0
vary
Save-Data
content-length
160
last-modified
Thu, 23 Sep 2021 10:11:18 GMT
server
Cloudinary
etag
W/"72e837ad8cf1dd70aab5cf9284cc1b5e"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging.orfium.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 17:04:31 GMT
x-content-type-options
nosniff
age
547384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Oct 2022 17:04:31 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/46/9/intl/de_ALL/ 		0
0
util.js
maps.googleapis.com/maps-api-v3/api/js/46/9/intl/de_ALL/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maps.googleapis.com
URL
https://maps.googleapis.com/maps-api-v3/api/js/46/9/intl/de_ALL/common.js
Domain
maps.googleapis.com
URL
https://maps.googleapis.com/maps-api-v3/api/js/46/9/intl/de_ALL/util.js

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| hj object| _hjSettings function| googleTagManager function| ga object| mixpanel object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| webpackJsonp object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| addResizeListener function| removeResizeListener function| SoundManager object| soundManager boolean| __forceSmoothScrollPolyfill__

4 Cookies

Domain/Path Name / Value
.orfium.com/ Name: _ga
Value: GA1.2.12846126.1634173654
.orfium.com/ Name: _gid
Value: GA1.2.411349810.1634173654
.orfium.com/ Name: mp_1f257d537460f3bb7bf7d3ed244f1b9f_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217c7c57133c6b1-02251f6315c0fb-a7d193d-1d4c00-17c7c57133d991%22%2C%22%24device_id%22%3A%20%2217c7c57133c6b1-02251f6315c0fb-a7d193d-1d4c00-17c7c57133d991%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.orfium.com/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://static.hotjar.com/c/hotjar-undefined.js?sv=6
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
cdn.orfium.com
cdn4.mxpnl.com
fonts.googleapis.com
fonts.gstatic.com
license-tracker-sandbox.staging.orfium.com
maps.googleapis.com
res.cloudinary.com
staging.orfium.com
static.hotjar.com
www.google-analytics.com
maps.googleapis.com
107.178.240.159
130.211.5.208
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:830::200a
2a04:4e42::393
52.20.78.240
54.196.16.164
65.9.66.112
65.9.66.97
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
2d43eb9454a2186893cce69f75cdf60f629b3be2e2e71ef039e154286715a1d8
388442a1e51e37650faaa206d776a1ced6816a3f9a41b66dbe7347a4537c13fe
3d3ad80a77cf98e4f60a52828a2316f7ccc50caa043222c305568910af82a140
3d9749f54232bf7cb0b6f9e23aaf3e4cc84e909e4241a63cc91e9ea5245f0386
3e86be0676cdaeb37f57c8a5405707976d20a710d82862dab89539477e0f6283
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
59d97471a411e08a2781bdbc896f414a8380a840ba7df1f6ad2d4fa47eff61ec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
821fc0cca18a65abc93b5d8d17bde69d7958fbfdcc8f6b0389e92c69c0893771
832f0ccbe710ceec072901d0357bdba22842fc3898aeb83146705a06a7b6414c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2d5a5ec0c7f0066ca40bab5f9c27c539f4eddf04e3ce721168bd3757452100e
e2ed9b901bce72cbedf731627e94b8d517f069ae1f792baf3965ca9a53d77700
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62