malicious.fashionstore.jp Open in urlscan Pro
13.230.149.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://malicious.fashionstore.jp/
Effective URL:
https://malicious.fashionstore.jp/
Submission: On June 09 via api (June 9th 2024, 8:26:09 pm UTC) from US — Scanned from JP

Summary HTTP 106 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 106 HTTP transactions. The main IP is 13.230.149.252, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is malicious.fashionstore.jp.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.

This is the only time malicious.fashionstore.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	13.230.149.252 13.230.149.252	16509 (AMAZON-02) (AMAZON-02)
4	18.65.216.51 18.65.216.51	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:400a:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:400a:813::200a	15169 (GOOGLE) (GOOGLE)
30	184.26.43.87 184.26.43.87	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	18.65.216.46 18.65.216.46	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2404:6800:400... 2404:6800:400a:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	175.41.207.102 175.41.207.102	16509 (AMAZON-02) (AMAZON-02)
20	2404:6800:400... 2404:6800:400a:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:400a:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c01::9c	15169 (GOOGLE) (GOOGLE)
2	31.13.82.7 31.13.82.7	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:400a:80a::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.25.163 172.217.25.163	15169 (GOOGLE) (GOOGLE)
1	142.250.207.36 142.250.207.36	15169 (GOOGLE) (GOOGLE)
13	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
106	21

7 13.230.149.252 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-149-252.ap-northeast-1.compute.amazonaws.com

malicious.fashionstore.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.65.216.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-51.nrt57.r.cloudfront.net

cf-baseassets.thebase.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80e::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:813::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 184.26.43.87 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-26-43-87.deploy.static.akamaitechnologies.com

baseec-img-mng.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.216.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-46.nrt57.r.cloudfront.net

static.thebase.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80e::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.41.207.102 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-207-102.ap-northeast-1.compute.amazonaws.com

track.thebase.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:400a:80e::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80e::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c01::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80a::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.25.163 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s19-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.207.36 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	akamaized.net baseec-img-mng.akamaized.net	6 MB
20	gstatic.com fonts.gstatic.com	580 KB
13	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 879	48 KB
8	thebase.in cf-baseassets.thebase.in static.thebase.in track.thebase.in	161 KB
7	fashionstore.jp malicious.fashionstore.jp	99 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	5 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	81 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70 ajax.googleapis.com — Cisco Umbrella Rank: 461	121 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 293	964 B
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 20792	126 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 175 www.google.com — Cisco Umbrella Rank: 5	323 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	414 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	221 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 354	27 KB
106	15

	Domain	Requested by
30	baseec-img-mng.akamaized.net	malicious.fashionstore.jp
20	fonts.gstatic.com	fonts.googleapis.com
13	js-agent.newrelic.com	malicious.fashionstore.jp
7	malicious.fashionstore.jp	malicious.fashionstore.jp
6	www.facebook.com	malicious.fashionstore.jp
4	connect.facebook.net	malicious.fashionstore.jp
4	cf-baseassets.thebase.in	malicious.fashionstore.jp
3	static.thebase.in	malicious.fashionstore.jp
2	bam.nr-data.net	malicious.fashionstore.jp
2	www.google.co.jp	malicious.fashionstore.jp
2	stats.g.doubleclick.net	malicious.fashionstore.jp www.googletagmanager.com
2	www.google-analytics.com	malicious.fashionstore.jp
2	www.googletagmanager.com	malicious.fashionstore.jp
2	cdn.jsdelivr.net	malicious.fashionstore.jp
2	fonts.googleapis.com	malicious.fashionstore.jp
1	www.google.com	malicious.fashionstore.jp
1	analytics.google.com	www.googletagmanager.com
1	track.thebase.in	malicious.fashionstore.jp
1	ajax.googleapis.com	malicious.fashionstore.jp
106	19

This site contains links to these domains. Also see Links.

Domain
thebase.com
www.instagram.com
x.com
line.me
youtube.com

Subject Issuer	Validity	Valid
thebase.in R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.thebase.in Amazon RSA 2048 M03	`2024-05-03` - `2025-06-01`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.co.jp WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://malicious.fashionstore.jp/
Frame ID: 9521F015D6677AABF6C44C43F9893CF7
Requests: 106 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MALICIOUS.X

Page URL History Show full URLs

http://malicious.fashionstore.jp/ HTTP 307
https://malicious.fashionstore.jp/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

106
Requests

99 %
HTTPS

55 %
IPv6

15
Domains

19
Subdomains

21
IPs

3
Countries

7112 kB
Transfer

9085 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://thebase.com/?from=malicious-fashionstore-jp&p=shop&click_content=header

Search URL Search Domain Scan URL

URL: https://thebase.com/inquiry/malicious-fashionstore-jp
Title: CONTACT

Search URL Search Domain Scan URL

URL: https://thebase.com/pages/shop_membership_term
Title: ・会員規約

Search URL Search Domain Scan URL

URL: https://www.instagram.com/MALICIOUS.X/

Search URL Search Domain Scan URL

URL: https://x.com/MALICIOUS_Xx

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/%40492twbsq

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCYOMYr6AE6Xhz_HejGT2FFw

Search URL Search Domain Scan URL

URL: https://thebase.com/?from=malicious-fashionstore-jp&p=shop&click_content=footer
Title: Powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://malicious.fashionstore.jp/ HTTP 307
https://malicious.fashionstore.jp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
malicious.fashionstore.jp/
Redirect Chain

http://malicious.fashionstore.jp/
https://malicious.fashionstore.jp/

524 KB
86 KB

1084ms
1046ms

Document
text/html

13.230.149.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.230.149.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-149-252.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 91dead79c0ffa18da74f9421b80eca3ba02a1b2fd0141dadf4ad6dfa6c396658

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 09 Jun 2024 20:26:03 GMT
server: nginx

Redirect headers

Location: https://malicious.fashionstore.jp/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 BASEshop-24515246fb087d964f79.css
cf-baseassets.thebase.in/db48e11465a1ede43dc470356882f3ce/asset/shop/ 5 KB
2 KB 23ms
2ms Stylesheet
text/css 18.65.216.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf-baseassets.thebase.in/db48e11465a1ede43dc470356882f3ce/asset/shop/BASEshop-24515246fb087d964f79.css
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.216.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-216-51.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 557759d73d431044a4407ae156478cbd1b4a5db0ca9630f7e8a5e84907842dfa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 06:35:50 GMT
content-encoding: br
via: 1.1 5cf2560f7c8afa4de402da0380c23964.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 25 Dec 2024 00:00:00 GMT", rule-id="assets%e5%89%8a%e9%99%a4-issues3965"
last-modified: Fri, 07 Jun 2024 06:24:19 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P4
age: 222614
etag: W/"42dda9a81273e8b7d6c34c219ab6de8d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: TmbzxhhFvYoCOqemc7S83ZDkwDkTduw1XO3QEmr13zuqWqXxuPqevA==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
857 B 109ms
49ms Stylesheet
text/css 2404:6800:400a:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre%20Caslon%20Text:wght@400;700;900&display=swap

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c17195235ff4ae19c56c7c2d743f422c5ddf1f7256854a1d42d10b03bae684c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 20:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 20:26:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 20:26:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 339 KB
90 KB 109ms
49ms Stylesheet
text/css 2404:6800:400a:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c187f00e71ef1ee14a0ae02bb9dd30ce5f3305f6ff6d78c573381174d85db08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 20:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 20:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 20:26:03 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 73ms
9ms Script
text/javascript 2404:6800:400a:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 08:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30462
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 08:34:12 GMT

GET
H2 200 f0a6224b6038823177befa571821db0a.png
baseec-img-mng.akamaized.net/images/user/logo/ 8 KB
9 KB 25ms
5ms Image
image/png 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/user/logo/f0a6224b6038823177befa571821db0a.png?imformat=generic&q=90&im=Resize,width=2048,aspect=fit,type=downsize
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 51d03cce0664ff5ecd200b110040c74a827b435c24639433d1ae765386bbb218

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 20 Nov 2022 22:41:29 GMT
server: Akamai Image Manager
etag: "ea81100a871ec652b34a00682b4ccbda"
content-type: image/png
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 8688
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 igicon.png
malicious.fashionstore.jp/img/shop/ 5 KB
5 KB 4ms
4ms Image
image/png 13.230.149.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malicious.fashionstore.jp/img/shop/igicon.png
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.230.149.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-149-252.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 387904efebbd557fcc676f0c67ecca7370641eb012729b67691f1d8eb312c27c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 07 Jun 2024 06:20:50 GMT
server: nginx
etag: "1328-61a46cd0d6e12"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 4904

GET
H2 200 twi-x-icon.png
malicious.fashionstore.jp/img/shop/ 2 KB
2 KB 4ms
4ms Image
image/png 13.230.149.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malicious.fashionstore.jp/img/shop/twi-x-icon.png
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.230.149.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-149-252.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: be1bf91daa1cb75bb076d56eaf2b94c46d2992aae6fe2f819fc88dd74d59b8f4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 07 Jun 2024 06:20:50 GMT
server: nginx
etag: "648-61a46cd0d71fa"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 1608

GET
H2 200 lineicon.png
malicious.fashionstore.jp/img/shop/ 3 KB
3 KB 4ms
4ms Image
image/png 13.230.149.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malicious.fashionstore.jp/img/shop/lineicon.png
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.230.149.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-149-252.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c4b4c25cd73917a969724b721007e9158a6da632adf6ff1968788434140ac997

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 07 Jun 2024 06:20:50 GMT
server: nginx
etag: "aff-61a46cd0d6e12"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2815

GET
H2 200 youtubeicon.png
malicious.fashionstore.jp/img/shop/ 1 KB
1 KB 4ms
4ms Image
image/png 13.230.149.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malicious.fashionstore.jp/img/shop/youtubeicon.png
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.230.149.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-149-252.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 325933f3f711a5acf5e15713bec23e3df00740a553292458f744e91cf134f7c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 07 Jun 2024 06:20:50 GMT
server: nginx
etag: "4eb-61a46cd0d71fa"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 1259

GET
H2 200 9011e8acd2b04546b48c99661b4f6ef7
baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/ 478 KB
479 KB 3ms
3ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/9011e8acd2b04546b48c99661b4f6ef7
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a591f6956b2bd4d5e9dd1cc421a8ea3d10b1ebbd8e3c25abe02961346eb08f8e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: SIlACBJyo3RtF6RDEz3lsNUALYN1qYap
date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 16 Oct 2020 17:13:09 GMT
server: AmazonS3
x-amz-request-id: T5KA4HM0W250A0V0
etag: "ed63fda2b44e910bad0d82963a2cfa71"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 489966
x-amz-id-2: WA1SN/Rh6421JN83XyfXVngbvWIov1QL/0uULx52/kSs52a0zFyl410XzE3l1WQT+0hAOiASqDg=

GET
H2 200 05bc0f1112661ab880ae66208cc8acbf
baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/ 889 KB
889 KB 4ms
3ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/05bc0f1112661ab880ae66208cc8acbf
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 904b29334b540ec6bddb7dff6e159bcf071418d0737b9d4bb9ba4f31ba20c18a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ibK7vn7khBWB.1F1FSp1YlFeJHH9RsxU
date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 16 Oct 2020 17:13:10 GMT
server: AmazonS3
x-amz-request-id: BYFGTYCQ8H1FJVNF
etag: "0d3327cb441cdc681906aded5191c79e"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 909944
x-amz-id-2: KMbMrZCT7aXZeB1d4PeTt4xBp845LKx9SNgCiIs7onNGGwUvEQpx5Tj4gJFGOTXkOEZKgTqC7is=

GET
H2 200 3dd35c6270dc994967cfc56914545373
baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/ 717 KB
718 KB 13ms
13ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/3dd35c6270dc994967cfc56914545373
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 600d36c51c1558462ae2f71a0dea8021dbb7579a4f9b11c7404bb7a483640581

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: V3gwGBHWfamk1_9yhU_r_U7L3bND8Wx0
date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 16 Oct 2020 17:13:10 GMT
server: AmazonS3
x-amz-request-id: F8MSNP8PWRQGD6AW
etag: "df176a3c9e376be32fa44a39f8cff8f5"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 734562
x-amz-id-2: 5925FR49GCNC96CpKSkJmZ3YHr13RZwLwwldHhhcaEJDV2/N0A1T7jWQ+f3P7tD3WYWAnyR9STUUJoJNrVMrTA==

GET
H2 200 948695dd39e104cf2d4bbb51817320d9
baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/ 1 MB
1 MB 12ms
12ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/948695dd39e104cf2d4bbb51817320d9
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 62a2b378af9502f890328228a0b56714e558e59ff5276493ad0c0b33fa99d39f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: iO4qF9H5n2BGvQME8AbG36GWMHRFisIp
date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 16 Oct 2020 17:13:10 GMT
server: AmazonS3
x-amz-request-id: NVVQ5RVQ6G2GEA4Y
etag: "74541622a0816c1419b449f2a293106c"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1414295
x-amz-id-2: VD5Sl7KztMhPPYTWD2TTImaByJovOj4a6hMynaBq7Ewpe+JzhvdXse+S5qY9U69FWNt67MyyxIE=

GET
H2 200 2bcf6a1d5eecb5440abb905f75a9fe19
baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/ 693 KB
694 KB 12ms
10ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/shop_front/malicious-fashionstore-jp/2bcf6a1d5eecb5440abb905f75a9fe19
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8170a7e1faada3df62367b511d7431c1232c030587cdb3d34fbf1dcb88e07e75

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ziGkjKQ.BhALOWQHcevStX.AOGIxQ6s2
date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 16 Oct 2020 17:13:11 GMT
server: AmazonS3
x-amz-request-id: M6DVZTMMAPPGKWQV
etag: "408b1daee9e64a18bc06059f3ad6eaf0"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 710024
x-amz-id-2: ATWIhwh6Uts3tOZWRNVk+GJ5UDBMwhahT/OKAWIHRt9rGO6h2bAW17QljMJRCSQ4lQ71Cx6kQZlyMzfJGgmfYg==

GET
H2 200 baselogo_gray.png
static.thebase.in/img/logo/ 1 KB
2 KB 24ms
3ms Image
image/png 18.65.216.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.thebase.in/img/logo/baselogo_gray.png
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.216.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-216-46.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a664ab007b8e91125766f46f758acbf3f33d55d2e1222725081b52e748adeb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 15:29:21 GMT
via: 1.1 a51b178f0f09367e8f5a5a76d22d01b2.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 05:34:43 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P4
age: 17803
etag: "a1b70947014593619d9e16e1f29bf7b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1317
x-amz-cf-id: V8r502-f_wnZvBjRq3BnPdmWU_CKmH5aTkJboQSxNSFKUMTc6k4y_g==

GET
H2 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios/dist/ 51 KB
18 KB 17ms
2ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 09 Jun 2024 20:26:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 25023
x-jsd-version: 1.7.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17816
x-served-by: cache-fra-etou8220107-FRA, cache-nrt-rjtf7700034-NRT
x-jsd-version-type: version
etag: W/"cc17-STt0F4pjQp//KqsIGzocpz02IIU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 intersection-observer.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.10.0/ 29 KB
9 KB 2ms
2ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.10.0/intersection-observer.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

43c4e5ad4850cd4d89aca8062ca82c1edb9ce56a2494e508c4f352414c70ea93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 09 Jun 2024 20:26:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5510092
x-jsd-version: 0.10.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8689
x-served-by: cache-fra-eddf8230109-FRA, cache-nrt-rjtf7700034-NRT
x-jsd-version-type: version
etag: W/"7475-ecJz/zo51mKYF2TcH8W2ecedJZM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 BASEshop-b6aa2cf981666211f86d.js Show response
cf-baseassets.thebase.in/db48e11465a1ede43dc470356882f3ce/asset/shop/ 11 KB
4 KB 2ms
2ms Script
application/javascript 18.65.216.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf-baseassets.thebase.in/db48e11465a1ede43dc470356882f3ce/asset/shop/BASEshop-b6aa2cf981666211f86d.js
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.216.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-216-51.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bf1bec4fec81476c7639da8f7b27824f48bd73c1cd0ae59dfb49ac7d72b96ad

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 06:35:50 GMT
content-encoding: br
via: 1.1 5cf2560f7c8afa4de402da0380c23964.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 25 Dec 2024 00:00:00 GMT", rule-id="assets%e5%89%8a%e9%99%a4-issues3965"
last-modified: Fri, 07 Jun 2024 06:24:19 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P4
age: 222614
etag: W/"e242fa8c1d772bfb2056e93f258f74e7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: vH-Q_YVCMPmy2LuCttH4ZW-DTfPSEx33ANxmYhq-WcmQ9jKlMw6naA==

GET
H2 200 message.apps-f2678f2167656d12ca3c.css
cf-baseassets.thebase.in/db48e11465a1ede43dc470356882f3ce/asset/shop/ 14 KB
3 KB 3ms
2ms Stylesheet
text/css 18.65.216.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf-baseassets.thebase.in/db48e11465a1ede43dc470356882f3ce/asset/shop/message.apps-f2678f2167656d12ca3c.css
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.216.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-216-51.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34a2e94b7a2e19dc0d3d4cd5326fb4dc49847383bd030a9b7d6ed797a67237f5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 06:35:51 GMT
content-encoding: br
via: 1.1 5cf2560f7c8afa4de402da0380c23964.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 25 Dec 2024 00:00:00 GMT", rule-id="assets%e5%89%8a%e9%99%a4-issues3965"
last-modified: Fri, 07 Jun 2024 06:24:20 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P4
age: 222613
etag: W/"256a49ecaebd4e7657fb8ce42de02e95"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: i9N6lbkFgKiCuifWlTYg69TlTTVEeft-QpCjoSAaIxeVtzE7YvIZXQ==

GET
H2 200 message.apps-9f9aca4e1132331bc501.js Show response
cf-baseassets.thebase.in/db48e11465a1ede43dc470356882f3ce/asset/shop/ 503 KB
137 KB 2ms
2ms Script
application/javascript 18.65.216.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf-baseassets.thebase.in/db48e11465a1ede43dc470356882f3ce/asset/shop/message.apps-9f9aca4e1132331bc501.js
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.216.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-216-51.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61b552b501b8bb345a48ee2aaa4e827c65c25fba1e42f9580def9481d8a9c51a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 06:35:51 GMT
content-encoding: br
via: 1.1 5cf2560f7c8afa4de402da0380c23964.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 25 Dec 2024 00:00:00 GMT", rule-id="assets%e5%89%8a%e9%99%a4-issues3965"
last-modified: Fri, 07 Jun 2024 06:24:20 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P4
age: 222613
etag: W/"78a5d5a70fde918466c417744037dc75"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: LwjslnKsl23BN3mOk8pLPzX74QlTUQxy3he1PdKTp0xO-70VYZ9lOA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 363 KB
117 KB 114ms
52ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K652NBTK

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be79d8177764d1863a241ce55adb81636c0c302d55d00c5104a8f897fa104393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119224
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Jun 2024 20:26:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 28ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jun 2024 20:26:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=13, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: ssuer0QPDXkuFUnOdFL4AOqZR5Ms6TcS9mALJ+rapZ2FAv/ENgnzn1Zw10y0gNNzPqQQMhkWbY4aQcIsoB3r8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 index.php
track.thebase.in/ 108 B
272 B 19ms
7ms Image
image/png 175.41.207.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.thebase.in/index.php?dc_action=access/index&type=2&view_shop_id=malicious-fashionstore-jp&url=http%3A%2F%2Fmalicious.fashionstore.jp%2F&time=1717964763
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.207.102 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-207-102.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0ee7ce04e2656eeb176a3fa57208d9c5e39062b77bcccf1ccbfb13264ebe5b6d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
server: nginx
content-length: 108
content-type: image/png

GET
H2 200 DdT578IGsGw1aF1JU10PUbTvNNaDMfID8vdkPx4.woff2
fonts.gstatic.com/s/librecaslontext/v5/ 25 KB
25 KB 108ms
46ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librecaslontext/v5/DdT578IGsGw1aF1JU10PUbTvNNaDMfID8vdkPx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre%20Caslon%20Text:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2819c345e64c715cc4235a5e9c3576351d28b4c0bbbeb934fcbd50ceab0406a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 05:56:03 GMT
x-content-type-options: nosniff
age: 52200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25260
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Jun 2025 05:56:03 GMT

GET
H2 200 DdT878IGsGw1aF1JU10PUbTvNNaDMfq41-I.woff2
fonts.gstatic.com/s/librecaslontext/v5/ 24 KB
25 KB 94ms
33ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librecaslontext/v5/DdT878IGsGw1aF1JU10PUbTvNNaDMfq41-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre%20Caslon%20Text:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29310efc1007f608549e29ff78fa5ce8dffe0c1aa82c21b082d1de9dfc7334f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 19:54:13 GMT
x-content-type-options: nosniff
age: 88310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24972
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 19:54:13 GMT

GET
H2 200 shopicon.ttf
static.thebase.in/font/v1/ 23 KB
13 KB 10ms
4ms Font
application/x-font-ttf 18.65.216.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thebase.in/font/v1/shopicon.ttf?md4x76
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.216.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-216-46.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29bcca70798ba6df3c468b9231dd91e59125d1ca9c734f7d89ecbe81557caefa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 04:41:58 GMT
content-encoding: gzip
via: 1.1 7813c3b749fe8e3a44c4359da4183e70.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-P4
age: 56646
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Dec 2023 10:24:37 GMT
server: AmazonS3
etag: W/"0390b674012962a95365abb0c76b28d6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 3C2UUYhw5UCPlX8yl43izAESMpdB_sTPfroSYSkkh3MmuJsqyfSbzw==

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.117.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 17 KB
17 KB 102ms
41ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717a28a6502bdeb005cd9b7e79f3b7eab10650179efe723430b9e491baaaaf3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 09:12:43 GMT
x-content-type-options: nosniff
age: 40400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16904
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:01:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Jun 2025 09:12:43 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.116.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 22 KB
22 KB 96ms
35ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0be6d86574faad32324007d5bded82ab15e1dce7bbd030c9bcb643b207cf0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 19:28:41 GMT
x-content-type-options: nosniff
age: 89842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22880
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 19:28:41 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 106 KB
106 KB 90ms
30ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad7a30377fc09d83a44f9699c932297adeff454fd4a268140a950187a2977a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 18:27:39 GMT
x-content-type-options: nosniff
age: 93504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108692
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:03:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 18:27:39 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.114.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 22 KB
23 KB 71ms
11ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cec575343421963a33f8c9b73299e1594df78760335069200bfbfc8e8f25200b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 04:42:56 GMT
x-content-type-options: nosniff
age: 56587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22736
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Jun 2025 04:42:56 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.113.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 22 KB
22 KB 76ms
16ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a42179ab7867ef8b53358dae249e1c8180959c1a4dad2143fb6f73223d10925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 22:13:01 GMT
x-content-type-options: nosniff
age: 79982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22488
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 22:13:01 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.111.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 24 KB
24 KB 110ms
49ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7054df3dc617022b622feed547f71b290246f102cd112a00252414cd096ba975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 22:13:02 GMT
x-content-type-options: nosniff
age: 79981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24720
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 22:13:02 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.115.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 24 KB
24 KB 104ms
44ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

397f315ad454037442708464fbaf5b1e80773541560a3536ebef919f107d5401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 13:09:10 GMT
x-content-type-options: nosniff
age: 112613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24912
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:01:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 13:09:10 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.112.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 23 KB
24 KB 107ms
47ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd95aab66a5596d5fad6352d03af66df4ae2d3494a00162f52df2df9905e291f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 19:48:18 GMT
x-content-type-options: nosniff
age: 88665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24036
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 19:48:18 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.71.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 29 KB
29 KB 99ms
39ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.71.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad9022cd8cc4724758576edc9f0c342646924947e896406e43e4defd949a558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 05:56:05 GMT
x-content-type-options: nosniff
age: 52198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30044
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:01:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Jun 2025 05:56:05 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 24 KB
24 KB 86ms
26ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad88e7a6d5bf79b170839cbd9a28aabc9d5e28e9713a002450a8b28c0b6cfcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 17:11:34 GMT
x-content-type-options: nosniff
age: 98069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24640
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:02:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 17:11:34 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.108.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 27 KB
27 KB 108ms
48ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed429f6afa589b6fdb7a91b0444feab7627c961a651873f79e3e105c44a2b5f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 22:13:01 GMT
x-content-type-options: nosniff
age: 79982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27912
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:03:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 22:13:01 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.109.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 21 KB
21 KB 102ms
42ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26375c963a49d0b12b9633fede8c44a4a81ace8f9d65a05bc64c55208078fb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 21:13:37 GMT
x-content-type-options: nosniff
age: 83546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21648
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:05:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 21:13:37 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.104.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 26 KB
26 KB 104ms
45ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec8292b60ac1bc0c4fdea7b6b2cc294574d2710ac3244d8761053ce4b42f50d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 10:25:11 GMT
x-content-type-options: nosniff
age: 122452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26532
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 10:25:11 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.110.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 24 KB
24 KB 82ms
22ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3c8007fd47f317a1663ab94e6e6aa54b8717fce37cf7ef01eaa9d34cc830da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 13:09:10 GMT
x-content-type-options: nosniff
age: 112613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24744
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:05:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 13:09:10 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.92.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 27 KB
27 KB 108ms
48ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.92.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4607529d21cc699ac4056a62386c46fce7aa3378b54b15ec837a51068afba22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:57:43 GMT
x-content-type-options: nosniff
age: 127700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27820
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:01:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 08:57:43 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.105.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 25 KB
25 KB 105ms
46ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d59c75c5b2c598d883fd81d43e3b09ebb13bc9603fb77a12e85a03529cd36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 19:28:42 GMT
x-content-type-options: nosniff
age: 89841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25160
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:00:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 19:28:42 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.106.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 31 KB
31 KB 96ms
37ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48047163a28f0a95f1415be88f8d1798dbd681ee38a12278e997c85ead21bfaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:04:32 GMT
x-content-type-options: nosniff
age: 127291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31636
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:01:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 09:04:32 GMT

GET
H2 200 01e6dfccfa892522e2a1939a9a5d7c42.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 58 KB
58 KB 29ms
24ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/01e6dfccfa892522e2a1939a9a5d7c42.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0f292b03ae32ffb6ce553fc43e47ab76c3d2dab3a0297ad0762d31b8399b4fd6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Thu, 21 Dec 2023 18:16:06 GMT
server: Akamai Image Manager
etag: "21138f02382f42ec739ecd3720cab555"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 59458
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 fb6f9327d7a5450e41de964f1ee17e10.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 77 KB
77 KB 30ms
25ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/fb6f9327d7a5450e41de964f1ee17e10.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a64a0d940e4318218d15b181022e228c48d434c32a0742bb661944251946a11f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Tue, 16 Aug 2022 07:45:12 GMT
x-serial: 790
server: Akamai Image Manager
x-check-cacheable: YES
etag: "7c325755fe43ffda443ac22626f7716d"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 78666
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 de1a3bce45e46b3e8b7b45b1a48d4499.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 56 KB
56 KB 47ms
42ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/de1a3bce45e46b3e8b7b45b1a48d4499.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0da7886b7173adc21d7d32061422b4d24cd8be4a7425921337e21e906ad06e8c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Fri, 01 Dec 2023 06:17:06 GMT
server: Akamai Image Manager
etag: "2f3b40ed2edf0b6546f0fe3c8e9340b1"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 57204
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 be7fe55de359f3ded23c2a9ac2912836.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 67 KB
67 KB 78ms
73ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/be7fe55de359f3ded23c2a9ac2912836.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: f0a7bf4479cd56824cf7bae1eb955a460163e6a7c47b4352a75776d6fe64ad7e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Tue, 16 Aug 2022 07:45:20 GMT
x-serial: 316
server: Akamai Image Manager
x-check-cacheable: YES
etag: "79477215fb4d6b348a4084790c8d583a"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 68595
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 554abec56149244046a31d984f4c8381.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 45 KB
45 KB 30ms
25ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/554abec56149244046a31d984f4c8381.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3cd21c1708b4b478307a65e6459d336d54c07e32717f072d4b928895ac02495f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Thu, 01 Jun 2023 12:11:10 GMT
x-serial: 155
server: Akamai Image Manager
x-check-cacheable: YES
etag: "5074385e1d9582b05a87ffe3e843db69"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 46231
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 fc9b164bdc7824bbcd5b06442ca6db3a.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 92 KB
92 KB 12ms
8ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/fc9b164bdc7824bbcd5b06442ca6db3a.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 06fb45e1b2214c1024b151e68e6bf97796b85da40952682b29c70f2d74ac65cd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Wed, 22 Nov 2023 09:12:24 GMT
x-serial: 638
server: Akamai Image Manager
x-check-cacheable: YES
etag: "3540ed7eaa64a37c69a9f3eee39581a2"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 94004
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 871cf04c13058738546678fb3a0c7038.png
baseec-img-mng.akamaized.net/images/item/origin/ 72 KB
72 KB 14ms
9ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/871cf04c13058738546678fb3a0c7038.png?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6c6f61d2961f28a66ba658de4d0d37a3d40c45ff36d9de5554b3a54b02abe5f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

unused62: 8096267
date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Tue, 19 Oct 2021 04:09:04 GMT
x-serial: 1332
server: Akamai Image Manager
x-check-cacheable: YES
etag: "efd7e4f75d0d440aab2ad28be17146d3"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 73707
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 085c9362344c7f92df58fc99ccca7afc.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 60 KB
60 KB 15ms
10ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/085c9362344c7f92df58fc99ccca7afc.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fea75c4087ecfa5d6030b1087a64b5bae3e7a483e2a690e6358ef5774ad9e974

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

unused62: 8096267
date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sat, 13 Nov 2021 09:48:28 GMT
server: Akamai Image Manager
x-serial: 981
x-check-cacheable: YES
etag: "597c05367d62d7478c760a1369b06255"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 60969
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 1ddd55024294bf9f62484d64ed6985ec.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 57 KB
57 KB 16ms
12ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/1ddd55024294bf9f62484d64ed6985ec.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: dfffe8dfdaa4f4136e1156a19cbf5c605b9fff9f5a65bae2403497cdcf006243

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 07:04:25 GMT
x-serial: 404
server: Akamai Image Manager
etag: "4eabf069e5870260efe9e3faf53db58b"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 58416
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 ca8636f7f5a73a32b7efcdd7cbd72e46.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 50 KB
50 KB 17ms
13ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/ca8636f7f5a73a32b7efcdd7cbd72e46.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 2fbf7a491db5cc0d205b486328703f355cdaff325c82900dbede81e7f4c3d220

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:11:56 GMT
x-serial: 1758
server: Akamai Image Manager
etag: "beaeee2eba77de53a9a0105b570b0dc2"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 51024
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 185424628837abd808587df7c98d2f22.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 60 KB
60 KB 18ms
14ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/185424628837abd808587df7c98d2f22.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: bb6b7136ee3554791495564a5dcf20ddfcb0f03402f9d201c1d574a98a8d37b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:11:59 GMT
x-serial: 1000
server: Akamai Image Manager
etag: "558b3a8eab2c3017a83a61c1d0044724"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 61562
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 277b6b32177458af22a861a4d5babe05.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 53 KB
53 KB 18ms
15ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/277b6b32177458af22a861a4d5babe05.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 429f0434e294a654e720d2a264ffad94265349368afbd02bf468bd82dfefdc8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:13:25 GMT
x-serial: 1997
server: Akamai Image Manager
etag: "08c1fd622760db8931f95976f0e77447"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 53962
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 952b843c365eb2281723982d39391ae0.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 53 KB
53 KB 19ms
16ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/952b843c365eb2281723982d39391ae0.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 187d1621265e6ee8497796d0211e582056d3791d33cea7c63f180187a766d845

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:12:00 GMT
server: Akamai Image Manager
etag: "73306051e459fcace1daee0882cb0176"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 54502
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 23e82da92fd9294da54da77ff4ff4f79.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 55 KB
55 KB 20ms
17ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/23e82da92fd9294da54da77ff4ff4f79.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: f4d04dce4c5bcc1df0f9e008262d2516b807bc6138fb6f8ba369288fd24ede35

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:12:00 GMT
server: Akamai Image Manager
etag: "236c013404ef86cbb931f9215d5ab08f"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 56405
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 436cadc4bfb76e62fafdec265bab3968.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 53 KB
54 KB 21ms
18ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/436cadc4bfb76e62fafdec265bab3968.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7939a46651785f9c4b366d4b53848753c4f07f53a83d9c717fdc938e11522613

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:12:03 GMT
x-serial: 1680
server: Akamai Image Manager
etag: "b9b1fa7d2f0f7ccfa7be125ae380e8ee"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 54662
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 5b0e33b57fdf88335cb76c1050ca13e3.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 54 KB
54 KB 21ms
18ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/5b0e33b57fdf88335cb76c1050ca13e3.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1b2fe52a1919c14515526c8723931538e81987b14055230a7c93e7cc8e72534a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:12:01 GMT
x-serial: 1968
server: Akamai Image Manager
etag: "e81389467b1817b6ec0e4f4671ae570c"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 55374
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 cd77e2c32ef894a9fef52871c9d5efa2.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 64 KB
64 KB 22ms
19ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/cd77e2c32ef894a9fef52871c9d5efa2.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6297f1b12db39c9c3475538f551a0a49280fec05f31c7985a0f954f89a765792

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:12:02 GMT
x-serial: 484
server: Akamai Image Manager
etag: "3783fcdbe46ca628be5a7db36914f26d"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 65604
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 93e40f1e808128c4e18fa6aed42f40b4.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 57 KB
58 KB 22ms
20ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/93e40f1e808128c4e18fa6aed42f40b4.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 79d531e027ace180b7b9dff17e650718b8b6dc2dc9fa1961ed13e4d7e0005120

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:12:01 GMT
x-serial: 1498
server: Akamai Image Manager
etag: "2e57d3a39538929356fc032ec1b8bd2f"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 58694
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 44cf02baf67998633ef627b9f0e63465.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 51 KB
52 KB 24ms
22ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/44cf02baf67998633ef627b9f0e63465.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: fc7eee1ed1d7424d68700df0a741c1cd84c39961dc92691438aff584fdb195c7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:12:02 GMT
server: Akamai Image Manager
etag: "a38426d06cd6c813521e4bdd6ac40822"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 52693
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 cbee039fda745c308abdd8635dfd937d.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 53 KB
53 KB 23ms
21ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/cbee039fda745c308abdd8635dfd937d.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c753907f165141db11945bdda128aa3524715543bbd461d1d5170ee81fa23478

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 10:12:02 GMT
server: Akamai Image Manager
etag: "620df2b513c9e05633998630f8ac8947"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 54497
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 17bab52085c9555f03f2806aadb6ccb0.jpg
baseec-img-mng.akamaized.net/images/item/origin/ 61 KB
61 KB 47ms
45ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/item/origin/17bab52085c9555f03f2806aadb6ccb0.jpg?imformat=generic&q=90&im=Resize,width=640,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 52da8b92b5d12c8b235b4ea1daebe4e0640148d791c7cc678a9bd96991fc901f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 02 Jun 2024 13:01:08 GMT
server: Akamai Image Manager
etag: "5251ca23c5454883be8f278d12922fb4"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 62087
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 ping Show response
malicious.fashionstore.jp/message/ 14 B
267 B 122ms
122ms XHR
application/json 13.230.149.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://malicious.fashionstore.jp/message/ping?shop_id=malicious-fashionstore-jp
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.230.149.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-149-252.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
tracestate: 2804831@nr=0-1-2907216-663072695-21a46b3bec2d06eb----1717964763593
traceparent: 00-21be5165243dac38bae99e4ea7326900-21a46b3bec2d06eb-01
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MDcyMTYiLCJhcCI6IjY2MzA3MjY5NSIsImlkIjoiMjFhNDZiM2JlYzJkMDZlYiIsInRyIjoiMjFiZTUxNjUyNDNkYWMzOGJhZTk5ZTRlYTczMjY5MDAiLCJ0aSI6MTcxNzk2NDc2MzU5MywidGsiOiIyODA0ODMxIn19
Content-Type: application/json
Accept: application/json
Referer: https://malicious.fashionstore.jp/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
server: nginx
content-length: 14
content-type: application/json; charset=UTF-8

GET
H2 200 195656637925048 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 195ms
194ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/195656637925048?v=2.9.157&r=stable&domain=malicious.fashionstore.jp&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a7b8a6284115a153d519df2f71425a79d56a183f3a78646c3147049033861f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jun 2024 20:26:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=64, mss=1297, tbw=63473, tp=-1, tpl=-1, uplat=191, ullat=0
pragma: public
x-fb-debug: aDC1aj2dRencUmkksN0WfJx5cmdAgK2TBpkH5n6zxKtZgYpqf0hGJtj1l53kC4Eo+FKKAWwNLZCOrfka1OljFQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 blog_articles Show response
malicious.fashionstore.jp/ 4 KB
1 KB 155ms
154ms XHR
application/json 13.230.149.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://malicious.fashionstore.jp/blog_articles
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.230.149.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-149-252.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9ad2c0e38779649c3a5c2a14c7b91481d22c8b6db49be62e1cbeae479eb9da6c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
tracestate: 2804831@nr=0-1-2907216-663072695-966a5050f83ca1f6----1717964763656
traceparent: 00-339ea54ee589062421e10d1085a3e100-966a5050f83ca1f6-01
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MDcyMTYiLCJhcCI6IjY2MzA3MjY5NSIsImlkIjoiOTY2YTUwNTBmODNjYTFmNiIsInRyIjoiMzM5ZWE1NGVlNTg5MDYyNDIxZTEwZDEwODVhM2UxMDAiLCJ0aSI6MTcxNzk2NDc2MzY1NiwidGsiOiIyODA0ODMxIn19
Accept: application/json, text/plain, */*
Referer: https://malicious.fashionstore.jp/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
content-encoding: gzip
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 65ms
10ms Script
text/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 09 Jun 2024 20:18:51 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 432
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 09 Jun 2024 22:18:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 313 KB
104 KB 52ms
51ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-574HL6KGKQ&l=dataLayer&cx=c

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbf60f227e308096e74141614a2ca1bab202cec48c26fb0fcd3d7929eefb761c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 09 Jun 2024 20:26:03 GMT

GET
H2 200 xn7mYHs72GKoTvER4Gn3b5eMbNmuYw.woff2
fonts.gstatic.com/s/notoserifjp/v28/ 33 KB
33 KB 11ms
10ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserifjp/v28/xn7mYHs72GKoTvER4Gn3b5eMbNmuYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto%20Serif%20JP:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

520470b583e5fc9ff507a8b5294c28f8bcc46af5bb568c01fd37b8793c5e7231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://malicious.fashionstore.jp
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 13:09:10 GMT
x-content-type-options: nosniff
age: 112613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33488
x-xss-protection: 0
last-modified: Mon, 13 May 2024 22:01:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 13:09:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
227 B 44ms
43ms XHR
text/plain 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1220694544&t=pageview&_s=1&dl=https%3A%2F%2Fmalicious.fashionstore.jp%2F&ul=ja-jp&de=UTF-8&dt=MALICIOUS.X&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=903279845&gjid=611998472&cid=488588974.1717964764&tid=UA-23653112-21&_gid=1573528170.1717964764&_slc=1&gtm=45He4650n91K652NBTKv9176368878za200&cd2=official_catalog&cd3=malicious-fashionstore-jp&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1010559611

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

001b65ec63532fdc561148c2e313cbb54b830470a766aeb9eb7bc9c5a19d8c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 20:26:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://malicious.fashionstore.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 153ms
51ms XHR
text/plain 2404:6800:4008:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23653112-21&cid=488588974.1717964764&jid=903279845&gjid=611998472&_gid=1573528170.1717964764&_u=YGBAiEABBAAAAGAAI~&z=1939662787

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c01::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 09 Jun 2024 20:26:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://malicious.fashionstore.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8f03f440cae01a689770a9857d56bca0.jpg
baseec-img-mng.akamaized.net/images/user/blog/46044/blog/ 131 KB
131 KB 7ms
6ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/user/blog/46044/blog/8f03f440cae01a689770a9857d56bca0.jpg?imformat=generic&q=90&im=Resize,width=716,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 10956959dd9a44a91e76c8e5f4925b0af890768f560bdf1b1c35bdae049c2c1d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sat, 20 Apr 2024 10:22:40 GMT
x-serial: 198
server: Akamai Image Manager
etag: "ae870c1fc1750b4e00f292570169ad8e"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 134245
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 101bade91f2495be3c4836e62a1cadec.jpg
baseec-img-mng.akamaized.net/images/user/blog/46044/blog/ 113 KB
113 KB 9ms
8ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/user/blog/46044/blog/101bade91f2495be3c4836e62a1cadec.jpg?imformat=generic&q=90&im=Resize,width=716,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 546869dadb1f7dcbdb34b2c3d9cee351ebec46da02f9a449ed40092778b31ed6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Tue, 02 Apr 2024 17:58:09 GMT
server: Akamai Image Manager
etag: "4f4e056f0010784feb93a42ea2352775"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 115915
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET
H2 200 8837496210e5356f3871f331ead8e5cf.jpg
baseec-img-mng.akamaized.net/images/user/blog/46044/blog/ 76 KB
76 KB 10ms
10ms Image
image/jpeg 184.26.43.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baseec-img-mng.akamaized.net/images/user/blog/46044/blog/8837496210e5356f3871f331ead8e5cf.jpg?imformat=generic&q=90&im=Resize,width=716,type=normal
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.43.87 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-43-87.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5ffb294cee9e543591b1f7da7da67e927451968d512bc4399249c57d89b30909

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 20:26:03 GMT
last-modified: Sun, 31 Dec 2023 12:53:50 GMT
server: Akamai Image Manager
etag: "53fe44421eb676397711ec5beeb8807e"
content-type: image/jpeg
cache-control: private, no-transform, max-age=86400, max-age=86400
content-length: 77910
expires: Mon, 10 Jun 2024 20:26:03 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H3 200 782656085163501 Show response
connect.facebook.net/signals/config/ 26 KB
5 KB 541ms
541ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/782656085163501?v=2.9.157&r=stable&domain=malicious.fashionstore.jp&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

e022358ff383b104abae3e3d37541404919d1e3377ec7a18678bda5a7c98369f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jun 2024 20:26:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4332, tp=9, tpl=0, uplat=536, ullat=0
pragma: public
x-fb-debug: AfE9vuebLIYBLNGm2R00CeeH6Q3ISYVZuAPihpWlCY2y0N4nNiKocgYKThRHARkJT6YRrbTtoqP9IpV+X6D8wg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 14ms
2ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=195656637925048&ev=PageView&dl=https%3A%2F%2Fmalicious.fashionstore.jp%2F&rl=&if=false&ts=1717964763859&sw=1600&sh=1200&v=2.9.157&r=stable&a=plthebase&ec=0&o=4126&fbp=fb.2.1717964763858.97094639158939012&ler=empty&cdl=API_unavailable&it=1717964763648&coo=false&tm=1&rqm=GET

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Jun 2024 20:26:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 185ms
174ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=195656637925048&ev=PageView&dl=https%3A%2F%2Fmalicious.fashionstore.jp%2F&rl=&if=false&ts=1717964763859&sw=1600&sh=1200&v=2.9.157&r=stable&a=plthebase&ec=0&o=4126&fbp=fb.2.1717964763858.97094639158939012&ler=empty&cdl=API_unavailable&it=1717964763648&coo=false&tm=1&rqm=FGET

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1fa11a92af0d4689","source_keys":["1","2"]},{"key_piece":"0x48eb11eacf2c1c80","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 09 Jun 2024 20:26:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=3108, tp=-1, tpl=-1, uplat=169, ullat=0
pragma: no-cache
x-fb-debug: hI/1yR2kc6DPcgbiyLmBu4ZsiVZxre+MQaHHBzRNhyMO5RXOyQ/avLkG7HUstEp4zZbtKMozILrl4Yj6M8sqmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 113ms
48ms Ping
text/plain 2404:6800:400a:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-574HL6KGKQ&gtm=45je4650v875996347z89176368878za200zb9176368878&_p=1717964763291&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=488588974.1717964764&ul=ja-jp&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fmalicious.fashionstore.jp%2F&sid=1717964763&sct=1&seg=0&dt=MALICIOUS.X&en=page_view&_fv=1&_ss=1&ep.shop_theme=official_catalog&ep.page_location_origin1=https%3A%2F%2Fmalicious.fashionstore.jp%2F&ep.timestamp=2024%2F06%2F10%2005%3A26%3A03&up.shop_id=malicious-fashionstore-jp&tfd=1733
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-574HL6KGKQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 20:26:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://malicious.fashionstore.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 48ms
48ms Ping
text/plain 2404:6800:4008:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-574HL6KGKQ&cid=488588974.1717964764&gtm=45je4650v875996347z89176368878za200zb9176368878&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-574HL6KGKQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c01::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 20:26:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://malicious.fashionstore.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 100ms
46ms Image
image/gif 172.217.25.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-574HL6KGKQ&cid=488588974.1717964764&gtm=45je4650v875996347z89176368878za200zb9176368878&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1861059060

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 20:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 95ms
45ms Image
image/gif 142.250.207.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23653112-21&cid=488588974.1717964764&jid=903279845&_u=YGBAiEABBAAAAGAAI~&z=1503874844

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 20:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 52ms
48ms Image
image/gif 172.217.25.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23653112-21&cid=488588974.1717964764&jid=903279845&_u=YGBAiEABBAAAAGAAI~&z=1503874844

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 20:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 450654856107317 Show response
connect.facebook.net/signals/config/ 25 KB
5 KB 517ms
516ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/450654856107317?v=2.9.157&r=stable&domain=malicious.fashionstore.jp&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C219%2C154%2C111%2C134%2C127%2C115%2C119

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d45e90bcb678a1dc650c2a32b991dba78cabda1af94955b7831e78c669d4fe6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jun 2024 20:26:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=29, mss=1232, tbw=12252, tp=18, tpl=0, uplat=511, ullat=0
pragma: public
x-fb-debug: LaC4fV+B93rfy7ujqN/w7LTPg2qQLjYnB2/aaKS1crhUGQ30LPfkDvRm7A37Gu+cENp/+CurbXbBY4rGSJAb4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
124 B 11ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782656085163501&ev=PageView&dl=https%3A%2F%2Fmalicious.fashionstore.jp%2F&rl=&if=false&ts=1717964764954&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.2.1717964763858.97094639158939012&ler=empty&cdl=API_unavailable&it=1717964763648&coo=false&tm=1&rqm=GET

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=6877, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Jun 2024 20:26:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
473 B 124ms
119ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=782656085163501&ev=PageView&dl=https%3A%2F%2Fmalicious.fashionstore.jp%2F&rl=&if=false&ts=1717964764954&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.2.1717964763858.97094639158939012&ler=empty&cdl=API_unavailable&it=1717964763648&coo=false&tm=1&rqm=FGET

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb7be6dd7e6a288fe","source_keys":["1","2"]},{"key_piece":"0x9b13a706d5c5bff7","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 09 Jun 2024 20:26:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=7688, tp=-1, tpl=-1, uplat=116, ullat=0
pragma: no-cache
x-fb-debug: 0aoncHiHVSFfPFW8Nh3bL5Tr8mVNMseq91LMp5eQxEM7vKVDbQ3FaLrYenaG8q9Zi96s+Rak4RQcAByc3I6qEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 9ms
4ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=450654856107317&ev=PageView&dl=https%3A%2F%2Fmalicious.fashionstore.jp%2F&rl=&if=false&ts=1717964764957&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.2.1717964763858.97094639158939012&ler=empty&cdl=API_unavailable&it=1717964763648&coo=false&tm=1&rqm=GET

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=7014, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Jun 2024 20:26:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
497 B 116ms
113ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=450654856107317&ev=PageView&dl=https%3A%2F%2Fmalicious.fashionstore.jp%2F&rl=&if=false&ts=1717964764957&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.2.1717964763858.97094639158939012&ler=empty&cdl=API_unavailable&it=1717964763648&coo=false&tm=1&rqm=FGET

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xbf3b63f117baf380","source_keys":["1","2"]},{"key_piece":"0x66d61bafa0082e26","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 09 Jun 2024 20:26:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=7169, tp=-1, tpl=-1, uplat=109, ullat=0
pragma: no-cache
x-fb-debug: /RpFvN7cHOTH6jypTAqzJQgrbsV1qUrzsPbvxfdITLHXPN4UfunDjHJQvIEgmv2P7pSdXHiwCC5gc62OJ2Anog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 async-api.30bd804e-1.236.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 220ms
70ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ClpGWMCBcYCUYENJA79oj7cgVuH6OaBw
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: ASSXV3NSWPMF2Q95
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1456
x-amz-id-2: qg403s9iSKfSOa9HoTGBCqjSqldl4Dkg+ALm7ywdpPkwJ+0jdqj3yLtE94Ct/M3JLhaHnkPYaPO5BUt4pElBmg==
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 20:57:40 GMT
server: AmazonS3
etag: "ce1527db8799a0ba1913b5c7b7f666aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 50314

GET
H2 200 860.03a8b7a5-1.236.0.min.js Show response
js-agent.newrelic.com/ 14 KB
6 KB 215ms
68ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: gB9EP.5ryWZIwH7RQhX4oA68gOyGXPRc
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: ASSR0VKPBX80Y03K
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5507
x-amz-id-2: HisDZGLjDN+Odn6pm6pMWWNgEbQNeuKTAVadAzYiZ272gl3BmtO6Nv6otK2N4ktk5o4GxAHR6Kw=
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 20:57:05 GMT
server: AmazonS3
etag: "5c2d33afe15ef1ea0f7dfd3d77677165"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 50229

GET
H2 200 session-manager.2a64278a-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
901 B 218ms
73ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a64278a-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: SsYbc40vF7coUg.zeTYgLM88CvSHP8Ac
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: ASSPEH9SVQ1DC6AF
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 686
x-amz-id-2: gEOAXbIqaFp8kOFKsyV/l70nxLK8LRYn06so8EtBpgx3e+5UWn1rwxjCNtLSJ2ecRiwnfOpnYD1pC2Zzi16b9w==
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 21:35:37 GMT
server: AmazonS3
etag: "a097cb2068fb2d63e521cacf139c921d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 48975

GET
H2 200 favicon.png
static.thebase.in/ 947 B
1 KB 2ms
2ms Other
image/png 18.65.216.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thebase.in/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.216.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-216-46.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 696ad886456275565f87481332c3ca20f7edcab4837b4b202f732223c972cc55

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 13:35:38 GMT
via: 1.1 a51b178f0f09367e8f5a5a76d22d01b2.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 05:34:42 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P4
age: 24628
etag: "5b2bbcac7bc81a78849655a43c857bff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 947
x-amz-cf-id: sMpHOWtDgJLr3CYoAgR2O_oTqXM8MdrMTca3zd-zYYxd-iDieCCN6w==

GET
H2 200 lazy-feature-loader.2f55ce66-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
630 B 69ms
68ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: AoWWu9_.PBU5bQyJIBgMcnXM0S2uYlqn
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAAGAQZ1PSA1R1F2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 421
x-amz-id-2: GYY71j/LWQbxuwxiOR9zZMEXF0ElV80DQUyGpzwHhq8RwW/E+U93gDs72iSu5VwQrYdmsMR/bBk=
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 20:58:23 GMT
server: AmazonS3
etag: "e43b565f398109176254b8a9394de5ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 49288

GET
H2 200 148.1a20d5fe-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 69ms
68ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 27hyUF2MmzVIZmpgRHUgD0gF9836bmSx
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAAMCRRCN7V4C06S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3382
x-amz-id-2: Y17H2m/pQs2gYdi2dgEd3CoDV7vcuLmIUjVH/sKeCiCq323VIVVdRsLJNrCl0DLIfuKyUnTSTcM=
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 20:56:04 GMT
server: AmazonS3
etag: "bed1f74897d091a7dfc2b06e8a1e29a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 49213

GET
H2 200 page_view_event-aggregate.06482edd-1.236.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 71ms
70ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hzDCTq4MMt37av6rZrMy6pZ_grMxVGC2
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAANF87R2XDNWM7B
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4296
x-amz-id-2: wf5nXt8mrMS+fnFOyKh1eyI4ROJ+JaO3BtZrRRKAGwzv/4jSTBiwAsqd7WV1hxNRUSO3rPZWeGZpngHkxjN+hA==
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 21:34:30 GMT
server: AmazonS3
etag: "553d27144d4f9fbe7e31b802107a2071"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 49600

GET
H2 200 page_view_timing-aggregate.bd6de33a-1.236.0.min.js Show response
js-agent.newrelic.com/ 15 KB
6 KB 73ms
72ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 34JJvT_Hc26HhyXntOX8fvZ9mloIy.Ma
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAASW2QC85XKH2M2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5634
x-amz-id-2: RrDJBTK4zLZQGEsfhR9mYb8TmZyA7KTgTKG6xHWGTpYXfOBLvyNhBKvvJbuDgEzj//UvatIj9/5HAD15bkuED3YhkI61YIym
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 21:34:59 GMT
server: AmazonS3
etag: "01e96e9ff5c360298d13581ad38e60a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 49599

GET
H2 200 metrics-aggregate.3dc53903-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 76ms
76ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Zd7iRh_nyGT5Jl7yYIBZG_dRIUpKHO9i
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAANXXVANTWPHXJX
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2987
x-amz-id-2: DOxt8P1pKuxJpQMiSfN+98ddQtfC4YdUp0TYUWBPvRjl5RaqcdbtXKiY23B+z8RkjB1FfQJ7I6X4DvCxcy91DLPsIorcBiaX
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 20:58:39 GMT
server: AmazonS3
etag: "a912f1cb80b2d3cf15f10d9d022b6188"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 50117

GET
H2 200 jserrors-aggregate.49e41428-1.236.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 77ms
76ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.49e41428-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: gtBM4GKuMukahVd9NQUYfXgsxiTAdQL3
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAAX5GP3FHKEY0W7
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3814
x-amz-id-2: DetcfZo7iaXQ7H9+oa3pvRtk+TSuqAcB8obJs9w/LkigCK2SBxguYkX0LpX6odG2eKdMWObeUK0=
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 20:58:09 GMT
server: AmazonS3
etag: "ea0f213ac446fa34c085f244b9573b9d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 49571

GET
H2 200 ajax-aggregate.998ef92b-1.236.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 80ms
79ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.998ef92b-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4RFYRqAfNJzZv3o_5YXaoBJ6WgEOM5as
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAAT3XE49JMSSKPR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3137
x-amz-id-2: mKrlXu1SjIVkSZdfk+wn2VukdxZnQI2BjC5aY/JIQJxaYMI4DT0W4czfSLj0ZQ3WIxFLauP5GqW3o2jEx+IcrTltKwoMSKQZ
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 20:57:29 GMT
server: AmazonS3
etag: "07e3c83179c7da2e2f464a72b084aacf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 49338

GET
H2 200 session_trace-aggregate.83105561-1.236.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 80ms
79ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.83105561-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: i7FiQ4ZQq6WkusXBROeoFJl9n3Tv0mKC
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAAQ7XQXSHSD4RRN
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4711
x-amz-id-2: uI9+qF8gRRf5KswsONlsWyrxU1qgywftntsIdmWb+62yshr5cd1s6yDd08UPYZUTWiFA47m/+qu5G/NvhNR+PQ==
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 21:36:06 GMT
server: AmazonS3
etag: "4ef8d054860549421e884b3d2d74b83e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 49360

GET
H2 200 page_action-aggregate.ac76d497-1.236.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 82ms
81ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dq9G4xn01_QwtwzwaNCz9IM9g3AQWz7v
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAATKMPJ97GPRR1X
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1947
x-amz-id-2: 8BImCjiU3oR8YZKL/eg+Fc96g+nqvG1H4HATKXwAkeezQvl7jrJx/glR5SFVvtUVDbaVxB7TTMM=
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 21:34:23 GMT
server: AmazonS3
etag: "8862791debd0b259297a0ccf618932eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 49140

GET
H2 200 spa-aggregate.e6b09d52-1.236.0.min.js Show response
js-agent.newrelic.com/ 20 KB
8 KB 83ms
82ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.e6b09d52-1.236.0.min.js

Requested by

Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: drxqY6SpM4cwKd1P3dYcbVYIBU2GvQuP
content-encoding: br
via: 1.1 varnish
date: Sun, 09 Jun 2024 20:26:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: MAAW9DJAJH6JBGED
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7714
x-amz-id-2: GVJN2TzFtD63ATbtxGXIkbH1rmV1AEGgDcRP7t5thDjF+pNkyf+McOmDdFUGfWfitSYg55QS8qKPRr3zHeXRXyWGlK4qGpM8jiMDroxdFJk=
x-served-by: cache-qpg1274-QPG
last-modified: Wed, 18 Oct 2023 21:36:35 GMT
server: AmazonS3
etag: "27ef55ddf9eded9cf24ce8747e8bbe04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 48696

POST
H/1.1 200 NRJS-4c41e18b2dabf750af0 Show response
bam.nr-data.net/1/ 150 B
617 B 838ms
692ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-4c41e18b2dabf750af0?a=663072695&sa=1&v=1.236.0&t=Unnamed%20Transaction&rst=3337&ck=0&s=9797a5dc9d0539aa&ref=https://malicious.fashionstore.jp/&af=err,xhr,stn,ins,spa&be=1085&fe=1851&dc=420&perf=%7B%22timing%22:%7B%22of%22:1717964762165,%22n%22:0,%22f%22:1,%22dn%22:23,%22dne%22:23,%22c%22:23,%22s%22:27,%22ce%22:39,%22rq%22:39,%22rp%22:1085,%22rpe%22:1099,%22di%22:1486,%22ds%22:1486,%22de%22:1505,%22dc%22:2925,%22l%22:2925,%22le%22:2937%7D,%22navigation%22:%7B%7D%7D&fp=1311&fcp=1404
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4b9d0e4a60fce4c5c756f8725ab629d3b59976c3e411b94f4d884f9c277579e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 09 Jun 2024 20:26:06 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://malicious.fashionstore.jp
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://malicious.fashionstore.jp
Content-Length: 150
x-served-by: cache-nrt-rjtf7700067-NRT

POST
H/1.1 200 NRJS-4c41e18b2dabf750af0 Show response
bam.nr-data.net/events/1/ 24 B
347 B 158ms
158ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-4c41e18b2dabf750af0?a=663072695&sa=1&v=1.236.0&t=Unnamed%20Transaction&rst=4218&ck=0&s=9797a5dc9d0539aa&ref=https://malicious.fashionstore.jp/
Requested by: Host: malicious.fashionstore.jp
URL: https://malicious.fashionstore.jp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://malicious.fashionstore.jp/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 09 Jun 2024 20:26:06 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://malicious.fashionstore.jp
access-control-allow-credentials: true
Connection: close
Content-Length: 24
x-served-by: cache-nrt-rjtf7700067-NRT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T8F8LPHS84&cx=c&_slc=1

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.malicious.fashionstore.jp/message	1970-01-21 05:58:20	Name: base-message-cookie[I18n] Value: Q2FrZQ%3D%3D.918DH3zMq9Nozhyjy462c36V7xskrPjzFQ%2BXvkobVbooRA%3D%3D
malicious.fashionstore.jp/	1969-12-31 23:59:59	Name: THEBASE_V1 Value: b5e1f046ecfef87ebdb80dc2883ea159
.malicious.fashionstore.jp/	1969-12-31 23:59:59	Name: CakeCookie[base_cookie_7_I18n] Value: Q2FrZQ%3D%3D.918DH3zMq9Nozhyjy462c36V7xskrPjzFQ%2BXvkobVbooRA%3D%3D
.malicious.fashionstore.jp/	1970-01-20 23:22:20	Name: _gcl_au Value: 1.1.704504609.1717964764
.malicious.fashionstore.jp/	1970-01-20 21:14:11	Name: _gid Value: GA1.3.1573528170.1717964764
.malicious.fashionstore.jp/	1970-01-20 21:12:44	Name: _dc_gtm_UA-23653112-21 Value: 1
.malicious.fashionstore.jp/	1970-01-20 23:22:20	Name: _fbp Value: fb.2.1717964763858.97094639158939012
.malicious.fashionstore.jp/	1970-01-21 06:48:44	Name: _ga_574HL6KGKQ Value: GS1.1.1717964763.1.0.1717964763.60.0.0
.malicious.fashionstore.jp/	1970-01-21 06:48:44	Name: _ga Value: GA1.1.488588974.1717964764

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
bam.nr-data.net
baseec-img-mng.akamaized.net
cdn.jsdelivr.net
cf-baseassets.thebase.in
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
malicious.fashionstore.jp
static.thebase.in
stats.g.doubleclick.net
track.thebase.in
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagmanager.com
13.230.149.252
142.250.207.36
162.247.243.29
172.217.25.163
175.41.207.102
18.65.216.46
18.65.216.51
184.26.43.87
2404:6800:4008:c01::9c
2404:6800:400a:80a::200e
2404:6800:400a:80e::2003
2404:6800:400a:80e::2008
2404:6800:400a:80e::200a
2404:6800:400a:80e::200e
2404:6800:400a:813::200a
2602:816:5001::39
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:200::485
31.13.82.7
001b65ec63532fdc561148c2e313cbb54b830470a766aeb9eb7bc9c5a19d8c52
06fb45e1b2214c1024b151e68e6bf97796b85da40952682b29c70f2d74ac65cd
0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0da7886b7173adc21d7d32061422b4d24cd8be4a7425921337e21e906ad06e8c
0ee7ce04e2656eeb176a3fa57208d9c5e39062b77bcccf1ccbfb13264ebe5b6d
0f292b03ae32ffb6ce553fc43e47ab76c3d2dab3a0297ad0762d31b8399b4fd6
10956959dd9a44a91e76c8e5f4925b0af890768f560bdf1b1c35bdae049c2c1d
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1
187d1621265e6ee8497796d0211e582056d3791d33cea7c63f180187a766d845
1a42179ab7867ef8b53358dae249e1c8180959c1a4dad2143fb6f73223d10925
1a7b8a6284115a153d519df2f71425a79d56a183f3a78646c3147049033861f2
1b2fe52a1919c14515526c8723931538e81987b14055230a7c93e7cc8e72534a
1c187f00e71ef1ee14a0ae02bb9dd30ce5f3305f6ff6d78c573381174d85db08
22d59c75c5b2c598d883fd81d43e3b09ebb13bc9603fb77a12e85a03529cd36d
26375c963a49d0b12b9633fede8c44a4a81ace8f9d65a05bc64c55208078fb22
2819c345e64c715cc4235a5e9c3576351d28b4c0bbbeb934fcbd50ceab0406a0
29310efc1007f608549e29ff78fa5ce8dffe0c1aa82c21b082d1de9dfc7334f0
29bcca70798ba6df3c468b9231dd91e59125d1ca9c734f7d89ecbe81557caefa
2a664ab007b8e91125766f46f758acbf3f33d55d2e1222725081b52e748adeb3
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2fbf7a491db5cc0d205b486328703f355cdaff325c82900dbede81e7f4c3d220
325933f3f711a5acf5e15713bec23e3df00740a553292458f744e91cf134f7c8
34a2e94b7a2e19dc0d3d4cd5326fb4dc49847383bd030a9b7d6ed797a67237f5
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
387904efebbd557fcc676f0c67ecca7370641eb012729b67691f1d8eb312c27c
397f315ad454037442708464fbaf5b1e80773541560a3536ebef919f107d5401
3cd21c1708b4b478307a65e6459d336d54c07e32717f072d4b928895ac02495f
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
429f0434e294a654e720d2a264ffad94265349368afbd02bf468bd82dfefdc8a
43c4e5ad4850cd4d89aca8062ca82c1edb9ce56a2494e508c4f352414c70ea93
48047163a28f0a95f1415be88f8d1798dbd681ee38a12278e997c85ead21bfaf
4b9d0e4a60fce4c5c756f8725ab629d3b59976c3e411b94f4d884f9c277579e1
51d03cce0664ff5ecd200b110040c74a827b435c24639433d1ae765386bbb218
520470b583e5fc9ff507a8b5294c28f8bcc46af5bb568c01fd37b8793c5e7231
52da8b92b5d12c8b235b4ea1daebe4e0640148d791c7cc678a9bd96991fc901f
546869dadb1f7dcbdb34b2c3d9cee351ebec46da02f9a449ed40092778b31ed6
557759d73d431044a4407ae156478cbd1b4a5db0ca9630f7e8a5e84907842dfa
5bf1bec4fec81476c7639da8f7b27824f48bd73c1cd0ae59dfb49ac7d72b96ad
5ffb294cee9e543591b1f7da7da67e927451968d512bc4399249c57d89b30909
600d36c51c1558462ae2f71a0dea8021dbb7579a4f9b11c7404bb7a483640581
61b552b501b8bb345a48ee2aaa4e827c65c25fba1e42f9580def9481d8a9c51a
6297f1b12db39c9c3475538f551a0a49280fec05f31c7985a0f954f89a765792
62a2b378af9502f890328228a0b56714e558e59ff5276493ad0c0b33fa99d39f
696ad886456275565f87481332c3ca20f7edcab4837b4b202f732223c972cc55
6c6f61d2961f28a66ba658de4d0d37a3d40c45ff36d9de5554b3a54b02abe5f3
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
7054df3dc617022b622feed547f71b290246f102cd112a00252414cd096ba975
717a28a6502bdeb005cd9b7e79f3b7eab10650179efe723430b9e491baaaaf3c
7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e
7939a46651785f9c4b366d4b53848753c4f07f53a83d9c717fdc938e11522613
79d531e027ace180b7b9dff17e650718b8b6dc2dc9fa1961ed13e4d7e0005120
7cd85494eb375cc958155aca095fd0bae01e24f777c4ce4059e2edb82324618c
8170a7e1faada3df62367b511d7431c1232c030587cdb3d34fbf1dcb88e07e75
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96
8c17195235ff4ae19c56c7c2d743f422c5ddf1f7256854a1d42d10b03bae684c
904b29334b540ec6bddb7dff6e159bcf071418d0737b9d4bb9ba4f31ba20c18a
91dead79c0ffa18da74f9421b80eca3ba02a1b2fd0141dadf4ad6dfa6c396658
9ad2c0e38779649c3a5c2a14c7b91481d22c8b6db49be62e1cbeae479eb9da6c
9ad9022cd8cc4724758576edc9f0c342646924947e896406e43e4defd949a558
a591f6956b2bd4d5e9dd1cc421a8ea3d10b1ebbd8e3c25abe02961346eb08f8e
a64a0d940e4318218d15b181022e228c48d434c32a0742bb661944251946a11f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad7a30377fc09d83a44f9699c932297adeff454fd4a268140a950187a2977a7f
ad88e7a6d5bf79b170839cbd9a28aabc9d5e28e9713a002450a8b28c0b6cfcf7
bb6b7136ee3554791495564a5dcf20ddfcb0f03402f9d201c1d574a98a8d37b6
bbf60f227e308096e74141614a2ca1bab202cec48c26fb0fcd3d7929eefb761c
be1bf91daa1cb75bb076d56eaf2b94c46d2992aae6fe2f819fc88dd74d59b8f4
be79d8177764d1863a241ce55adb81636c0c302d55d00c5104a8f897fa104393
bf3c8007fd47f317a1663ab94e6e6aa54b8717fce37cf7ef01eaa9d34cc830da
c4607529d21cc699ac4056a62386c46fce7aa3378b54b15ec837a51068afba22
c4b4c25cd73917a969724b721007e9158a6da632adf6ff1968788434140ac997
c753907f165141db11945bdda128aa3524715543bbd461d1d5170ee81fa23478
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
cec575343421963a33f8c9b73299e1594df78760335069200bfbfc8e8f25200b
d0be6d86574faad32324007d5bded82ab15e1dce7bbd030c9bcb643b207cf0fd
d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c
d45e90bcb678a1dc650c2a32b991dba78cabda1af94955b7831e78c669d4fe6d
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfffe8dfdaa4f4136e1156a19cbf5c605b9fff9f5a65bae2403497cdcf006243
e022358ff383b104abae3e3d37541404919d1e3377ec7a18678bda5a7c98369f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8292b60ac1bc0c4fdea7b6b2cc294574d2710ac3244d8761053ce4b42f50d1
ed429f6afa589b6fdb7a91b0444feab7627c961a651873f79e3e105c44a2b5f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a7bf4479cd56824cf7bae1eb955a460163e6a7c47b4352a75776d6fe64ad7e
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f4d04dce4c5bcc1df0f9e008262d2516b807bc6138fb6f8ba369288fd24ede35
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
fc7eee1ed1d7424d68700df0a741c1cd84c39961dc92691438aff584fdb195c7
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e
fd95aab66a5596d5fad6352d03af66df4ae2d3494a00162f52df2df9905e291f
fea75c4087ecfa5d6030b1087a64b5bae3e7a483e2a690e6358ef5774ad9e974

malicious.fashionstore.jp Open in urlscan Pro 13.230.149.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

99 %HTTPS

55 %IPv6

15 Domains

19 Subdomains

21 IPs

3 Countries

7112 kBTransfer

9085 kBSize

9 Cookies

8 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

malicious.fashionstore.jp Open in urlscan Pro
13.230.149.252 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

99 %
HTTPS

55 %
IPv6

15
Domains

19
Subdomains

21
IPs

3
Countries

7112 kB
Transfer

9085 kB
Size

9
Cookies

106 HTTP transactions
0 data transactions