blogs-jpcert-or-jp.translate.goog Open in urlscan Pro
2404:6800:400a:804::2001  Public Scan

URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Submission: On July 13 via manual from GB — Scanned from JP

Summary

This website contacted 22 IPs in 4 countries across 11 domains to perform 83 HTTP transactions. The main IP is 2404:6800:400a:804::2001, located in Osaka, Japan and belongs to GOOGLE, US. The main domain is blogs-jpcert-or-jp.translate.goog.
TLS certificate: Issued by WR2 on June 24th 2024. Valid for: 3 months.
This is the only time blogs-jpcert-or-jp.translate.goog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
22 jpcert.or.jp
blogs.jpcert.or.jp
ws.jpcert.or.jp
1 MB
17 movabletype.net
movabletype.net — Cisco Umbrella Rank: 948842
3 MB
12 google.com
translate.google.com — Cisco Umbrella Rank: 1478
cse.google.com — Cisco Umbrella Rank: 4003
www.google.com — Cisco Umbrella Rank: 5
clients1.google.com — Cisco Umbrella Rank: 788
217 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1315
syndication.twitter.com — Cisco Umbrella Rank: 1611
31 KB
6 ranklet4.com
pro.ranklet4.com
19 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
translate.googleapis.com — Cisco Umbrella Rank: 1169
translate-pa.googleapis.com — Cisco Umbrella Rank: 1688
77 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
120 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 67
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
268 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 240
6 KB
1 translate.goog
blogs-jpcert-or-jp.translate.goog
10 KB
83 11
Domain Requested by
21 blogs.jpcert.or.jp blogs-jpcert-or-jp.translate.goog
blogs.jpcert.or.jp
17 movabletype.net blogs-jpcert-or-jp.translate.goog
6 pro.ranklet4.com blogs-jpcert-or-jp.translate.goog
5 www.google.com cse.google.com
www.google.com
blogs-jpcert-or-jp.translate.goog
5 platform.twitter.com blogs-jpcert-or-jp.translate.goog
platform.twitter.com
5 www.gstatic.com blogs-jpcert-or-jp.translate.goog
www.gstatic.com
4 translate-pa.googleapis.com
4 translate.google.com blogs-jpcert-or-jp.translate.goog
www.gstatic.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com blogs-jpcert-or-jp.translate.goog
www.googletagmanager.com
2 cse.google.com blogs-jpcert-or-jp.translate.goog
www.google.com
1 syndication.twitter.com
1 clients1.google.com blogs-jpcert-or-jp.translate.goog
1 fonts.gstatic.com blogs-jpcert-or-jp.translate.goog
1 ws.jpcert.or.jp blogs.jpcert.or.jp
1 translate.googleapis.com
1 fonts.googleapis.com blogs-jpcert-or-jp.translate.goog
1 cdnjs.cloudflare.com blogs-jpcert-or-jp.translate.goog
1 blogs-jpcert-or-jp.translate.goog
83 19

This site contains links to these domains. Also see Links.

Domain
translate.google.com
blogs.jpcert.or.jp
Subject Issuer Validity Valid
*.googleusercontent.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
blogs.jpcert.or.jp
Cybertrust Japan SureServer EV CA G3
2024-01-05 -
2025-01-31
a year crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
*.google-analytics.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.gstatic.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
upload.video.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
movabletype.net
Amazon RSA 2048 M02
2024-02-11 -
2025-03-11
a year crt.sh
*.ranklet4.com
R3
2024-06-03 -
2024-09-01
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-08 -
2025-07-07
a year crt.sh
*.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
ws.jpcert.or.jp
Cybertrust Japan SureServer EV CA G3
2024-01-05 -
2025-01-31
a year crt.sh
syndication.twitter.com
R10
2024-07-12 -
2024-10-10
3 months crt.sh

This page contains 5 frames:

Primary Page: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Frame ID: 2A6D4F4A25EA8D614CDC7EB0B142BC9F
Requests: 77 HTTP requests in this frame

Frame: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2Fblogs-jpcert-or-jp.translate.goog&pfu=https%3A%2F%2Fblogs-jpcert-or-jp.translate.goog%2Fja%2F2024%2F07%2Fkimsuky.html%3F_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fblogs.jpcert.or.jp%2Fja%2F2024%2F07%2Fkimsuky.html&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fblogs.jpcert.or.jp%2Fja%2F2024%2F07%2Fkimsuky.html%26anno%3D2&client=webapp&hl=en-US&lang=ja
Frame ID: 5C4114E329AAE5246CC5DF26AAC7EDD7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblogs-jpcert-or-jp.translate.goog
Frame ID: 7F75E4D8413F7FF9161DBE31249C8D80
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 762CB66233AC04732C3B227019C7E764
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 263AD7B61A6B0F7597775B2194AAB2E4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Attack activities by Kimsuky, an attack group targeting Japanese organizations - JPCERT/CC Eyes | JPCERT Coordination Center Official Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

83
Requests

100 %
HTTPS

55 %
IPv6

11
Domains

19
Subdomains

22
IPs

4
Countries

5236 kB
Transfer

6842 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request kimsuky.html
blogs-jpcert-or-jp.translate.goog/ja/2024/07/
46 KB
10 KB
Document
General
Full URL
https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
674a7fa1d725590c32dd95686bc3b33737be5c8e773d651e4edcf40362e35172
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.translate.goog
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
135636
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-security-policy
frame-ancestors *.translate.goog
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jul 2024 18:44:04 GMT
server
ESF
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
0
styles.css
blogs.jpcert.or.jp/ja/common/css/
38 KB
9 KB
Stylesheet
General
Full URL
https://blogs.jpcert.or.jp/ja/common/css/styles.css
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4ef1948d05443111ffb16719ec8cc1e5d159e2dedab4c68c4a0cbd13e15df7b4
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.053245
date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=3600
age
135828
expect-ct
enforce, max-age=3600
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8713
x-xss-protection
1; mode=block
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
Origin
https://blogs-jpcert-or-jp.translate.goog
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
185856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FZ82uJdfUVPXzYGsnpnoeQvc6zWS8ofRCH6ZtToDLx3i7QIP6cTNkbVO31%2FQoMWCb5O4stQV3JL%2FO62rt5lsTQ4aNzYJFc0fgNn7xkCF1Twbs5tAgQNjv5OzMHcqIyPIdvZWoD7F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a2b6c1b1a328aa2-NRT
expires
Thu, 03 Jul 2025 18:44:04 GMT
js
www.googletagmanager.com/gtag/
198 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-124034031-1
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21caa13ead32264b368d355809866bf310dd1fe89dd1725db38ac97bfc72c49a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73453
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jul 2024 18:44:05 GMT
js
www.googletagmanager.com/gtag/
290 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6NX4WBMERX
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec07fa005a6c154033366cb030785e90e097af7da61a4dd05f170c61f95bd62e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100362
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jul 2024 18:44:05 GMT
m=corsproxy
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.ja.qSGf8vE4rlw.O/am=HgY/d=1/rs=AN8SPfpKhCPvCa1lUKzq_Jf2vbZvgxwgEA/
84 KB
29 KB
Script
General
Full URL
https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.ja.qSGf8vE4rlw.O/am=HgY/d=1/rs=AN8SPfpKhCPvCa1lUKzq_Jf2vbZvgxwgEA/m=corsproxy
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5e7db34cb742812943d141f44d05db99b0737dde85726145bc37dbd12ab746f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 20:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29889
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 21:12:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Jul 2025 20:14:29 GMT
css2
fonts.googleapis.com/
631 B
809 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::200a Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c9ddcaa501e232c88e8394bc3e88dc269d0ece094f7747362315e8025098111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 18:44:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jul 2024 18:44:05 GMT
m=phishing_protection
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.ja.qSGf8vE4rlw.O/am=HgY/d=1/exm=corsproxy/ed=1/rs=AN8SPfpKhCPvCa1lUKzq_Jf2vbZvgxwgEA/
113 KB
36 KB
Script
General
Full URL
https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.ja.qSGf8vE4rlw.O/am=HgY/d=1/exm=corsproxy/ed=1/rs=AN8SPfpKhCPvCa1lUKzq_Jf2vbZvgxwgEA/m=phishing_protection
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d04ce89f7df844d78e5518b5c73fa8b32429c3db6eecee8d23fd9ba6167d3d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 20:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35801
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 21:12:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Jul 2025 20:14:29 GMT
m=navigationui
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.ja.qSGf8vE4rlw.O/am=HgY/d=1/exm=corsproxy,phishing_protection/ed=1/rs=AN8SPfpKhCPvCa1lUKzq_Jf2vbZvgxwgEA/
24 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.ja.qSGf8vE4rlw.O/am=HgY/d=1/exm=corsproxy,phishing_protection/ed=1/rs=AN8SPfpKhCPvCa1lUKzq_Jf2vbZvgxwgEA/m=navigationui
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc80cfa0f21ffe6b404b9826418802bcafa9274cb529265df8e729b2ec618c82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 20:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9289
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 21:12:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Jul 2025 20:14:29 GMT
header_logo.svg
blogs.jpcert.or.jp/ja/common/images/
3 KB
2 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/common/images/header_logo.svg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a8063b32a2b02296dbcb861b81a209185ad876688835b12106bd04c7196342a5
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.053292
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
C1aGh.oT9J5h6NeGypAe5bPCpg7zmQt7
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:19:37 GMT
content-encoding
gzip
age
122625
etag
W/"470f7c2a7f953ad63a2f660ce00a9ef3"
expect-ct
enforce, max-age=3600
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
1443
x-xss-protection
1; mode=block
image-992ce083-832a-45c5-a3d8-5922b68506a7.jpg
movabletype.net/users/kino/
81 KB
82 KB
Image
General
Full URL
https://movabletype.net/users/kino/image-992ce083-832a-45c5-a3d8-5922b68506a7.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
d025d624352f8a6ceec63d1be3f7513b4874d370d224a3011620d20c03276e2e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
rm7cfsZ5Ce6oLWec3yfNemazc91RQBCq
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 19 Feb 2020 02:36:54 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"e1c0b0f3e14981fa62431e8e3dee6b24"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
83292
x-xss-protection
1; mode=block
kimsuky_flow-640wri.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
63 KB
63 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/kimsuky_flow-640wri.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
5dec945dbcba157663e22477f50f232283af0e460599941bb00c8f2eef15a0b3
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.091113
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Mon, 12 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Tue, 02 Jul 2024 10:27:03 GMT
age
223504
etag
"8337e500a4d0b10c9c14af92f4892ba8"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
64100
x-xss-protection
1; mode=block
favicon-640wri.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
202 KB
202 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/favicon-640wri.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4179b840182d9e5e9f3aa20287b576efc24a67ce682971c60b71053bf0f9360f
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.093625
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Mon, 12 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Tue, 02 Jul 2024 05:43:47 GMT
age
223602
etag
"954d78106dea9011caaf08b017698104"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
206614
x-xss-protection
1; mode=block
PokDoc-640wri.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
119 KB
120 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/PokDoc-640wri.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d05f65a1fa8f17fc85fccfaa492383f72972d776ad014bbce1e4b09247098c49
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.055353
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Mon, 12 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Tue, 02 Jul 2024 05:46:48 GMT
age
223602
etag
"53d8bc65272c8ea7759579384bd60f75"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
122335
x-xss-protection
1; mode=block
vbs-640wri.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
90 KB
90 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/vbs-640wri.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d8f015c5bc6d77a669cf742075114f4d9c5db23baae034ddae5ce8b7a998ca76
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.040315
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Mon, 12 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Tue, 02 Jul 2024 05:46:47 GMT
age
223504
etag
"b0fd817da9d717e27d5305f9cfebfbfc"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
91791
x-xss-protection
1; mode=block
InfoKey-640wri.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
100 KB
101 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/InfoKey-640wri.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6c15565ea8eb36ab3693a564a967b44851ad6888cdff601e9551d7eb1c34bed2
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.051960
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Mon, 12 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Tue, 02 Jul 2024 05:46:47 GMT
age
223601
etag
"4577c52a96f86180586e1cd279081407"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
102610
x-xss-protection
1; mode=block
fb_loader.gif
blogs.jpcert.or.jp/ja/common/images/
889 B
1 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/common/images/fb_loader.gif
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
2ec9087635398a0a4f08808b2d5bd3af37542c290314c060303ee3a41e7af6bd
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.021238
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
eSrOczhJg57z7EdlNhWncqh5htdeAm9c
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:46 GMT
age
122625
etag
"86ca4d6e0539b88294cdf7e757b79455"
expect-ct
enforce, max-age=3600
content-type
image/gif
accept-ranges
bytes
content-length
889
x-xss-protection
1; mode=block
pypi%281%29-320wi.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
35 KB
35 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/pypi%281%29-320wi.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
9c55a48ea14ce2f39c148c8b10018e4e844de9182393762e31434f1ceed3e525
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.079797
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Thu, 01 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Fri, 21 Jun 2024 00:34:52 GMT
age
117737
etag
"d8980dabf974a0968593a9f30d037772"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
35581
x-xss-protection
1; mode=block
maldocpdf-fig1-320wi.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
270 KB
270 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/maldocpdf-fig1-320wi.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cf99cf55b2afc39f2d5c89093e53203df0e5446052cbe9d6353128fc649a27de
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.079495
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Thu, 01 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Fri, 21 Jun 2024 00:04:52 GMT
age
118256
etag
"5e47f2801058e89b5be3ebbbe389bc0a"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
276097
x-xss-protection
1; mode=block
yama-320wi.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
12 KB
12 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/yama-320wi.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
2bc994d7f7baad1cfcf4ab458b8e70f442174b075308e9603adefd82b42f6629
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.112077
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Mon, 19 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Tue, 09 Jul 2024 01:45:12 GMT
age
117737
etag
"94a5ee3202d5dee553fe30d984a52d5c"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
12359
x-xss-protection
1; mode=block
dangerouspassword_dev-fig3-320wi.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
103 KB
104 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/dangerouspassword_dev-fig3-320wi.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
620ab418519842f322d81bcd5bc64c155d997de8a2a3022b55ddee829820cff6
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.056596
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Thu, 22 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Fri, 12 Jul 2024 01:45:18 GMT
age
117737
etag
"c4df15cea62e38ace8414d3427d20d12"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
105621
x-xss-protection
1; mode=block
AutoYara4FLIRT-fig5-320wi.png
blogs.jpcert.or.jp/ja/.assets/thumbnail/
50 KB
51 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/.assets/thumbnail/AutoYara4FLIRT-fig5-320wi.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
31cbdbebe460b0cfd10970b833b9f916dcad07aea0390c86c2b0f0fc941aa755
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.042180
date
Sat, 13 Jul 2024 18:44:05 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-amz-expiration
expiry-date="Tue, 13 Aug 2024 00:00:00 GMT", rule-id="RemoveOldData"
last-modified
Wed, 03 Jul 2024 01:11:06 GMT
age
117737
etag
"ff599b7c597a9d0749027c6ee5adea29"
x-amz-server-side-encryption
AES256
expect-ct
enforce, max-age=3600
content-type
image/png
accept-ranges
bytes
content-length
51384
x-xss-protection
1; mode=block
xCoP8HShn5l8cEjl5JPT.js
pro.ranklet4.com/widgets/
7 KB
2 KB
Script
General
Full URL
https://pro.ranklet4.com/widgets/xCoP8HShn5l8cEjl5JPT.js
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
210.231.184.214 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
210-231-184-214.pro.static.arena.ne.jp
Software
nginx/1.26.1 /
Resource Hash
7655a70e66e94b48063b7444f85eca653ca2f51b273d0bfaa4c0da1d32c0510e

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 18:44:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Jul 2024 15:04:26 GMT
Server
nginx/1.26.1
x-amz-request-id
01JSX8XJSHZMTEE7
ETag
"0f3172283bafbf961b3a365c29cc8608"
x-amz-server-side-encryption
AES256
X-Cache
EXPIRED
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1737
x-amz-id-2
MHCXwn37865UDGABt1ncMZhCe3Agj3TCFVIeA+mcx9IK2uN7YS9xZKP1yHeEkJElSs81I837JEEWn3CaUaMBaw==
matsu.png
movabletype.net/users/SHIKAPON/
579 KB
580 KB
Image
General
Full URL
https://movabletype.net/users/SHIKAPON/matsu.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
d0777e2e2c6a47608109aa789d1f8769aa6b972da30e0ffaf631a1fefbf31fd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
4CqEq9yloEXP.7_Aa3yLht9hpURhskiF
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 26 Sep 2018 07:36:08 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"f042b8ca8c2df4e375d83530eea4d1b2"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
593069
x-xss-protection
1; mode=block
default-userpic-90.jpg
blogs.jpcert.or.jp/ja/common/images/
634 B
952 B
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/common/images/default-userpic-90.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
bff0831e53ffe4da0fc58d076aafffae2e6f46b7210f7f2d08c2b88c53304fe8
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.023179
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
Ro4BXU9bK193Y8b_gaOlKaZxsQusYOSa
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:46 GMT
age
122625
etag
"5a94d27506940168f6de59eb32f920dc"
expect-ct
enforce, max-age=3600
content-type
image/jpeg
accept-ranges
bytes
content-length
634
x-xss-protection
1; mode=block
picture.png
movabletype.net/users/t.koshiishi/
259 KB
260 KB
Image
General
Full URL
https://movabletype.net/users/t.koshiishi/picture.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
fa4d9ac8279e6b85fa89a0d15119c2108d7965857964047e2cb44327d805bdb8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
._TLfalDIkeXXrexJa8tb2Tbs8Zd2Ymo
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 05 Dec 2018 05:04:37 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"11fd73053320cb39c7da519552f76aba"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
265361
x-xss-protection
1; mode=block
Q6VN1jSR_400x400.jpg
movabletype.net/users/reto/
61 KB
62 KB
Image
General
Full URL
https://movabletype.net/users/reto/Q6VN1jSR_400x400.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
23fd61c6a9f5a2c1d58d42eebce6f72a1e0838eafcd8adb349ee85b1024db128
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
5CyHQUgE0cDtK5ZBTTH8nuPiZLj4rNoJ
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 25 Mar 2020 01:50:50 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"0280c12bed1fc39e5dd1ace0986264ab"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
62701
x-xss-protection
1; mode=block
profile_icon.png
movabletype.net/users/ikuya/
209 KB
210 KB
Image
General
Full URL
https://movabletype.net/users/ikuya/profile_icon.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
10de10394a37304a0c94242badee67380313edf5d99f963126c0660f7115315f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
6aNgdxXWGy8r9Je1nvYiwKC3aPMq0TOL
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 04 Apr 2019 03:31:39 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"0ff73c7fe128b36457b0d8d582689949"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
214306
x-xss-protection
1; mode=block
ENCORE_400x400.jpg
movabletype.net/users/shu_tom/
64 KB
65 KB
Image
General
Full URL
https://movabletype.net/users/shu_tom/ENCORE_400x400.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
7fe1a58ea8b8fdfaca777d67aab3b8c3162591f5370294c693fbf6713b563bee
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
ZSziZ7mhrWfa6SnVIF9Z5BQnQABGuZ_s
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 03 Oct 2018 05:27:14 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"e6e4162bb599969e44d37cb379a6db54"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
65659
x-xss-protection
1; mode=block
photo_sparky_small.jpg
movabletype.net/users/kkomiyama/
94 KB
95 KB
Image
General
Full URL
https://movabletype.net/users/kkomiyama/photo_sparky_small.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
90bfb0ff383c74405328fce0fcfa8544f0a8549f9d3d18c3245dd8fb54f6a65e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
OEfSIkB0RGovJcaXq6G39aw4RboYWtHl
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 03 Oct 2018 05:08:05 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"b97364fc77ea6e5b13cb43a6a4be63bf"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
96469
x-xss-protection
1; mode=block
MyFace(%E3%82%B9%E3%82%B1%E3%83%83%E3%83%81).png
movabletype.net/users/ToshioMiyachi/
64 KB
64 KB
Image
General
Full URL
https://movabletype.net/users/ToshioMiyachi/MyFace(%E3%82%B9%E3%82%B1%E3%83%83%E3%83%81).png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
408ba6f9cae3468ec39b9f7f3ce4f89ee93448ddfde16fb72439ac6cf2c40e58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
slUhFkud7g2gIf3IkO8ypanTQNrqiCD.
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 31 Jul 2022 04:06:09 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"fee3d81a9bfa3486e8645ac9b66da950"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
65423
x-xss-protection
1; mode=block
blog_image.png
movabletype.net/users/masubuchi/
590 KB
591 KB
Image
General
Full URL
https://movabletype.net/users/masubuchi/blog_image.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
46e2a1c601fb504a72bfdca8785474711d40549df3a0f73cef2474e4f3c66476
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
LJ6qoYQ_vcq3zigInkn5q7BD.yiOZuYR
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 16 Apr 2021 09:36:36 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"f40ace5c0be0a709e386e540a5721f51"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
603691
x-xss-protection
1; mode=block
%E7%94%BB%E5%83%8F%E3%81%AE%E8%B2%BC%E3%82%8A%E4%BB%98%E3%81%91%E5%85%88_-2021-3-18-22-18.png
movabletype.net/users/hori-32tk/
498 KB
499 KB
Image
General
Full URL
https://movabletype.net/users/hori-32tk/%E7%94%BB%E5%83%8F%E3%81%AE%E8%B2%BC%E3%82%8A%E4%BB%98%E3%81%91%E5%85%88_-2021-3-18-22-18.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
e502f0bbfcb50ab822ce1f941eed85eb4628a4e301132e1dcb047f5b96a55900
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
tsBKAQ7ddCyKP5DFD715zfoyWgcV9zJt
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 18 Mar 2021 13:18:53 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"3f84e9e59a0216813f9868cdb0750a58"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
509789
x-xss-protection
1; mode=block
14190908.jpg
movabletype.net/users/uchida/
56 KB
56 KB
Image
General
Full URL
https://movabletype.net/users/uchida/14190908.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
23e6d93452a4c0db3f01dfcdcef099dfe3e9861eb3b03ea07ae1878d63b7d412
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
xSjrABhuC5_UsXL2kH2LUKWQ_9rQM.jm
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 14 Nov 2018 02:44:17 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"27bdb7b931ee101c812d31c210c562ee"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
57308
x-xss-protection
1; mode=block
Sajo0191031.jpg
movabletype.net/users/sajo/
42 KB
42 KB
Image
General
Full URL
https://movabletype.net/users/sajo/Sajo0191031.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
830ae81a7374748dc123821adcb7c0548ba35d4f16b74c234aa8a0dba1729960
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
nK1wfC4U_YAKdNPjnfFNOz6hYlZz6Hwo
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 02 Dec 2019 04:26:56 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"46a715f26415fd287dd8d636e655227a"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
42964
x-xss-protection
1; mode=block
%E3%82%A4%E3%83%B3%E3%82%B3%E7%94%BB%E5%83%8F.jpg
movabletype.net/users/hayato.sasaki/
39 KB
39 KB
Image
General
Full URL
https://movabletype.net/users/hayato.sasaki/%E3%82%A4%E3%83%B3%E3%82%B3%E7%94%BB%E5%83%8F.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
e91d6119ce96da299ff86ab4d466b5422d0b57ef7ecf2bf476460a40b9c0a102
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
ynj.M9Tt1q.q.nYI5Mpnd4sPUEfbNRIh
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 05 Apr 2022 00:41:07 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"f7f45efe2e414892b98233f900d3cb82"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
39483
x-xss-protection
1; mode=block
Tomotaka-Ito.jpg
movabletype.net/users/Tomotaka/
33 KB
33 KB
Image
General
Full URL
https://movabletype.net/users/Tomotaka/Tomotaka-Ito.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
a6653a5760c7cea6cdad209d739f01c8436527a428fa218459716fab12ce37cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
2fvcyuaHrwAXr_kpyHORm2o39hfGCEKt
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 03 Dec 2020 15:10:39 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"2cf4a537d5062bfa194893d424988d62"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
33853
x-xss-protection
1; mode=block
default-userpic-90.jpg
movabletype.net/users/tnakano/
832 B
1 KB
Image
General
Full URL
https://movabletype.net/users/tnakano/default-userpic-90.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
db202f6b1909fb514275f7d608e1497fa95e8ba8f850c8909b1927cf11f85e52
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
rkhmeUk7DoOh.CA_DZpezULC6kVHyLQL
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 06 Dec 2023 06:58:16 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"3de507977021a6e538d85c4f23549ec2"
x-amz-server-side-encryption
AES256
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
832
x-xss-protection
1; mode=block
DSCN1042-(2).png
movabletype.net/users/shoko/
555 KB
556 KB
Image
General
Full URL
https://movabletype.net/users/shoko/DSCN1042-(2).png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
36ba36d6118ad765aa17b49bcc2d3fc44379b1c8715cabc60bda192ad0a79261
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
gn1ENFMTC8XJoZacN7.XPNO_LiNxcra.
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 10 May 2023 04:30:01 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"c5f4e594f6c0a33267016d18f4aa0b36"
x-amz-server-side-encryption
AES256
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
568417
x-xss-protection
1; mode=block
j_icon72_400x400.jpg
movabletype.net/users/retiree_blog/
29 KB
29 KB
Image
General
Full URL
https://movabletype.net/users/retiree_blog/j_icon72_400x400.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.249.128 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-249-128.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
92f1bc2e6be6094ffa0bd7ba2538fb71e6aadfd481c2b762c35a4b5559380a6d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
fP9rPqYkUqVXLZFK4aYyKZ4lsm.JbgHp
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 04 Oct 2018 05:28:49 GMT
server
openresty
content-security-policy
frame-ancestors 'self'
etag
"0678b8fce84b34cf896501f2e5bd184a"
x-frame-options
sameorigin
content-type
image/jpeg
accept-ranges
bytes
content-length
29768
x-xss-protection
1; mode=block
footer_logo.svg
blogs.jpcert.or.jp/ja/common/images/
3 KB
2 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/common/images/footer_logo.svg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
a8063b32a2b02296dbcb861b81a209185ad876688835b12106bd04c7196342a5
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.020247
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
6blu_mLR96fJCcaP78rk8XnXQzCGvKBD
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:46 GMT
content-encoding
gzip
age
122618
etag
W/"470f7c2a7f953ad63a2f660ce00a9ef3"
expect-ct
enforce, max-age=3600
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
1443
x-xss-protection
1; mode=block
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/7532) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 18:44:05 GMT
Content-Encoding
gzip
Age
699
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (itm/7532)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
prototype.js
blogs.jpcert.or.jp/ja/common/js/
162 KB
47 KB
Script
General
Full URL
https://blogs.jpcert.or.jp/ja/common/js/prototype.js
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
9136a988a146f144678867cd35b5b4b8bd2593d6fb97c6d0a5d73019495f3e69
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.047754
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
0.TaLt_48X2N3tdjOxTtX0bcexuGiOqe
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:47 GMT
content-encoding
gzip
age
122625
etag
W/"e09519b3a184e74e3ce2c55bf10ac50d"
expect-ct
enforce, max-age=3600
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
47548
x-xss-protection
1; mode=block
script.js
blogs.jpcert.or.jp/ja/common/feedback/
6 KB
3 KB
Script
General
Full URL
https://blogs.jpcert.or.jp/ja/common/feedback/script.js
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3438b317f1468a4ab0bc048d1d45c8ef65a5a08fc539ec10e9e390a917346570
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.046740
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
LWHm6mogXrvUzS4WK2KUZP3c8D7KYcZk
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:46 GMT
content-encoding
gzip
age
122625
etag
W/"60987a520f80a2b8d52bdec4fbc89ef3"
expect-ct
enforce, max-age=3600
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
2495
x-xss-protection
1; mode=block
element.js
translate.google.com/translate_a/
90 KB
31 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=gtElInit&hl=en-US&client=wt
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c41eca72c06be5985c0dff688e2de32b892a099668e288099c4244bb078bfe5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/
118 KB
39 KB
Script
General
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.ja.qSGf8vE4rlw.O/am=HgY/d=1/exm=corsproxy,phishing_protection/ed=1/rs=AN8SPfpKhCPvCa1lUKzq_Jf2vbZvgxwgEA/m=navigationui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaa70b79b657e5997b465f24c770db49638dcadac9aebe8ed36c11e219c5c69c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39139
x-xss-protection
0
last-modified
Thu, 11 Jul 2024 18:12:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Jul 2024 18:54:07 GMT
websitetranslationui
translate.google.com/ Frame 5C41
0
0
Document
General
Full URL
https://translate.google.com/websitetranslationui?parent=https%3A%2F%2Fblogs-jpcert-or-jp.translate.goog&pfu=https%3A%2F%2Fblogs-jpcert-or-jp.translate.goog%2Fja%2F2024%2F07%2Fkimsuky.html%3F_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fblogs.jpcert.or.jp%2Fja%2F2024%2F07%2Fkimsuky.html&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fblogs.jpcert.or.jp%2Fja%2F2024%2F07%2Fkimsuky.html%26anno%3D2&client=webapp&hl=en-US&lang=ja
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.ja.qSGf8vE4rlw.O/am=HgY/d=1/exm=corsproxy,phishing_protection/ed=1/rs=AN8SPfpKhCPvCa1lUKzq_Jf2vbZvgxwgEA/m=navigationui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://blogs-jpcert-or-jp.translate.goog script-src 'report-sample' 'nonce-z-yNEDU20WIHa-U_2P5k2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://blogs-jpcert-or-jp.translate.goog
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors https://blogs-jpcert-or-jp.translate.goog script-src 'report-sample' 'nonce-z-yNEDU20WIHa-U_2P5k2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sat, 13 Jul 2024 18:44:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/TranslateWebserverWebsiteTranslationUi/web-reports?context=eJzjctDikmII0pBikPj6kkkJiDPUZrBWAbFT-gxWHxCun8EaBsStN8-x9gNx0r_zrDlAvCTiIuuexIusQjwcX6ee3sImsGHa5pOMSmpJ-YXxJUWJecU5iSWpuuWpScWpRWWpRfFGBkYmBuYGlnoGFvEFBgCF0yzv"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://blogs-jpcert-or-jp.translate.goog
x-ua-compatible
IE=edge
x-xss-protection
0
cse.js
cse.google.com/
6 KB
3 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=004990004422359256493:nnhwqqlx864
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
da2185cc7c9fb86b09bd1ee99c5aaad407853f925712d9f15d86c226bf6ad8a7
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-CWypEHv41uJJvkuFZXoS2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-CWypEHv41uJJvkuFZXoS2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Sat, 13 Jul 2024 18:44:05 GMT
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=()
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2476
x-xss-protection
0
bg_header.jpg
blogs.jpcert.or.jp/ja/common/images/
79 KB
80 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/common/images/bg_header.jpg
Requested by
Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/ja/common/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
261c7d35b8070f9e07d90aec18fe37b29b78e49cbbdb13c279efda50dc92cbfe
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.jpcert.or.jp/ja/common/css/styles.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.073351
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
Dlg2cFX23iXfgWiOLSEgXa3Bp_LqZBcM
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:46 GMT
age
122625
etag
"36b8b54cd6c4d3cedb6f1fab7973bd13"
expect-ct
enforce, max-age=3600
content-type
image/jpeg
accept-ranges
bytes
content-length
81378
x-xss-protection
1; mode=block
icon-mail.svg
blogs.jpcert.or.jp/ja/common/images/
334 B
621 B
Image
General
Full URL
https://blogs.jpcert.or.jp/ja/common/images/icon-mail.svg
Requested by
Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/ja/common/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
eba8d7f3703d70c73f3403a2754b3b41c92e4aeaaabdbdd417585bfefd49eec3
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.jpcert.or.jp/ja/common/css/styles.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.048168
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
P.6ql_LvzzLTb3NDRSVsGc2CJPJG7KYR
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:46 GMT
content-encoding
gzip
age
122625
etag
W/"cdfcff7746225765d03d1b1fe8135ca9"
expect-ct
enforce, max-age=3600
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
263
x-xss-protection
1; mode=block
aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvSW5mb0tleS04MDB3aS5wbmc.jpg
pro.ranklet4.com/imgproxy/5-RsCJmy6bDBO2V27DMPy65j77PvXKE6eLC1uor4gLU/rs:fit:160:160/q:75/sm:1/
2 KB
2 KB
Image
General
Full URL
https://pro.ranklet4.com/imgproxy/5-RsCJmy6bDBO2V27DMPy65j77PvXKE6eLC1uor4gLU/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvSW5mb0tleS04MDB3aS5wbmc.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
210.231.184.214 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
210-231-184-214.pro.static.arena.ne.jp
Software
nginx/1.26.1 /
Resource Hash
6a2fbbe670d3e049df7de0e20f3698882ed9783e47a010e1b0c2c746b919091c
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 18:44:05 GMT
Content-Security-Policy
script-src 'none'
Server
nginx/1.26.1
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Content-Disposition
inline; filename="InfoKey-800wi.jpg"
Connection
keep-alive
Content-Length
1826
X-Request-Id
raK4uosbJxntTbEUKJLgf
Expires
Thu, 10 Jul 2025 01:04:41 GMT
aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvbWlycm9yZmFjZS1maWcxLWNkNmQ0YjQxLTgwMHdpLnBuZw.jpg
pro.ranklet4.com/imgproxy/HM3PrU8QSqGO0p9U8yusQfGVohJlc-9YP1qUWBpJMwg/rs:fit:160:160/q:75/sm:1/
2 KB
3 KB
Image
General
Full URL
https://pro.ranklet4.com/imgproxy/HM3PrU8QSqGO0p9U8yusQfGVohJlc-9YP1qUWBpJMwg/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvbWlycm9yZmFjZS1maWcxLWNkNmQ0YjQxLTgwMHdpLnBuZw.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
210.231.184.214 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
210-231-184-214.pro.static.arena.ne.jp
Software
nginx/1.26.1 /
Resource Hash
7f81a537f538a203af07e55d7ce420b3877f192860bb5c535d48bf5d41a63aa8
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 18:44:05 GMT
Content-Security-Policy
script-src 'none'
Server
nginx/1.26.1
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Content-Disposition
inline; filename="mirrorface-fig1-cd6d4b41-800wi.jpg"
Connection
keep-alive
Content-Length
2351
X-Request-Id
PwJigvXSXQoMDayAr__Cp
Expires
Thu, 10 Jul 2025 01:04:05 GMT
aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvJUU2JUIzJUE4JUU2JTg0JThGJUU1JTk2JTlBJUU4JUI1JUI3JUU1JTg2JTkyJUU5JUEwJUFEJUU3JTk0JUJCJUU1JTgzJThGMi04MDB3aS5wbmc.jpg
pro.ranklet4.com/imgproxy/82C5QSaeC5TkDFz9qVVElR1i522mrh-PYi6b5WuUA6Y/rs:fit:160:160/q:75/sm:1/
3 KB
3 KB
Image
General
Full URL
https://pro.ranklet4.com/imgproxy/82C5QSaeC5TkDFz9qVVElR1i522mrh-PYi6b5WuUA6Y/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvJUU2JUIzJUE4JUU2JTg0JThGJUU1JTk2JTlBJUU4JUI1JUI3JUU1JTg2JTkyJUU5JUEwJUFEJUU3JTk0JUJCJUU1JTgzJThGMi04MDB3aS5wbmc.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
210.231.184.214 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
210-231-184-214.pro.static.arena.ne.jp
Software
nginx/1.26.1 /
Resource Hash
b2dd0251eba15bc3ed9ff3b0c622b02e98adacb7c0965ad1174ccc31ca21a53e
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 18:44:05 GMT
Content-Security-Policy
script-src 'none'
Server
nginx/1.26.1
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Content-Disposition
inline; filename="注意喚起冒頭画像2-800wi.jpg"
Connection
keep-alive
Content-Length
2904
X-Request-Id
AHaycq5qpP3qElqvsUYDc
Expires
Thu, 10 Jul 2025 01:04:41 GMT
aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvMDEtODAwd2kuanBn.jpg
pro.ranklet4.com/imgproxy/xwV3Uq8N3kjTDOnBGEs3k373Q1l677ltV8-c6tbA7AQ/rs:fit:160:160/q:75/sm:1/
4 KB
5 KB
Image
General
Full URL
https://pro.ranklet4.com/imgproxy/xwV3Uq8N3kjTDOnBGEs3k373Q1l677ltV8-c6tbA7AQ/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvMDEtODAwd2kuanBn.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
210.231.184.214 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
210-231-184-214.pro.static.arena.ne.jp
Software
nginx/1.26.1 /
Resource Hash
d2d3c59b419cdc9fdce3dd7f7c5cac9cba95b0535d89e6b7488bce7ce8b7013b
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 18:44:05 GMT
Content-Security-Policy
script-src 'none'
Server
nginx/1.26.1
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Content-Disposition
inline; filename="01-800wi.jpg"
Connection
keep-alive
Content-Length
4522
X-Request-Id
c4-T5zfv2Qx50tVtSHAgd
Expires
Sat, 12 Jul 2025 21:12:50 GMT
aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvZW1vdGV0RkFRX2ltYWdlNi04MDB3aS5wbmc.jpg
pro.ranklet4.com/imgproxy/lYebV8vmOgCHtNHsjiUJR5SuVL8roeCP-kEspcWJcDU/rs:fit:160:160/q:75/sm:1/
4 KB
4 KB
Image
General
Full URL
https://pro.ranklet4.com/imgproxy/lYebV8vmOgCHtNHsjiUJR5SuVL8roeCP-kEspcWJcDU/rs:fit:160:160/q:75/sm:1/aHR0cHM6Ly9ibG9ncy5qcGNlcnQub3IuanAvamEvLmFzc2V0cy90aHVtYm5haWwvZW1vdGV0RkFRX2ltYWdlNi04MDB3aS5wbmc.jpg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
210.231.184.214 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
210-231-184-214.pro.static.arena.ne.jp
Software
nginx/1.26.1 /
Resource Hash
4e347f45e37f45838aa4b6f58492167ab63540bad275ab32a99226e700f93b34
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 18:44:05 GMT
Content-Security-Policy
script-src 'none'
Server
nginx/1.26.1
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Content-Disposition
inline; filename="emotetFAQ_image6-800wi.jpg"
Connection
keep-alive
Content-Length
3936
X-Request-Id
ogJHxOGGGMekDwvug_oD0
Expires
Thu, 10 Jul 2025 01:04:41 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=HgY/d=0/rs=AN8SPfonBlm1MHZ-AdvB-IHVmngdYetLMQ/
22 KB
4 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=HgY/d=0/rs=AN8SPfonBlm1MHZ-AdvB-IHVmngdYetLMQ/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.86_290uSigY.O/am=HgY/d=1/rs=AN8SPfr4df9RwTZl1WfnzK7ygMQyC8FR5g/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f163.1e100.net
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 17:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Jul 2025 17:20:32 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.86_290uSigY.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrV2AKLz9gea540aCVx7vujmzUvFQ/
207 KB
72 KB
Script
General
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.86_290uSigY.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrV2AKLz9gea540aCVx7vujmzUvFQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.86_290uSigY.O/am=HgY/d=1/rs=AN8SPfr4df9RwTZl1WfnzK7ygMQyC8FR5g/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92749448e117f7f3efcaef560ab1a9c5a60c3edbce32a6222a30954159b91ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 17:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73148
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 21:12:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Jul 2025 17:57:09 GMT
fb_loader.gif
blogs.jpcert.or.jp/common/feedback/images/
4 KB
4 KB
Image
General
Full URL
https://blogs.jpcert.or.jp/common/feedback/images/fb_loader.gif
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
684476872d3b64b3fbb972c14b1d21d4bde8b6c8074a644f93e234764f542ffd
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.019202
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
rraXNl8QFXJ4DUlZOhqk4kUmZQBo6KKB
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:44 GMT
age
122785
etag
"2acb729ed298b6a3f2455e651bb5d876"
expect-ct
enforce, max-age=3600
content-type
image/gif
accept-ranges
bytes
content-length
3917
x-xss-protection
1; mode=block
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 7F75
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblogs-jpcert-or-jp.translate.goog
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/754A) /
Resource Hash

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
9506621
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Sat, 13 Jul 2024 18:44:05 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (itm/754A)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
get_feedback_jsonp.cgi
ws.jpcert.or.jp/cgi-bin/
155 B
386 B
Script
General
Full URL
https://ws.jpcert.or.jp/cgi-bin/get_feedback_jsonp.cgi?uri=/ja/2024/07/kimsuky.html&_d=1720896245523
Requested by
Host: blogs.jpcert.or.jp
URL: https://blogs.jpcert.or.jp/ja/common/feedback/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.196.227.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-227-230.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0209ab2942a96128efb86c3307430cd5dbcd3737cf3267c24b7bc7d9fae785a6

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Upgrade
h2,h2c
Date
Sat, 13 Jul 2024 18:44:05 GMT
Server
Apache
Connection
Upgrade, Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/
290 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6NX4WBMERX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124034031-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9facae1a0c1aa8995a4c8aad959a6b71036dea714639d16e28b71fcbe9f3ab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100396
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jul 2024 18:44:05 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124034031-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jul 2024 16:50:20 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6825
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 13 Jul 2024 18:50:20 GMT
cse_element__ja.js
www.google.com/cse/static/element/8fa85d58e016b414/
287 KB
94 KB
Script
General
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__ja.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=004990004422359256493:nnhwqqlx864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f4.1e100.net
Software
sffe /
Resource Hash
9d3c12b97ece45f6079634b9086909b43c0f0aed4320f0630cf4b32baebb0d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96200
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 13 Jul 2024 18:44:05 GMT
default+ja.css
www.google.com/cse/static/element/8fa85d58e016b414/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/default+ja.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=004990004422359256493:nnhwqqlx864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f4.1e100.net
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9068
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 13 Jul 2024 18:44:05 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=004990004422359256493:nnhwqqlx864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f4.1e100.net
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 13 Jul 2024 19:11:12 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6NX4WBMERX&gtm=45je4790v889024560za200&_p=1720896245288&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=666563481.1720896246&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1720896245&sct=1&seg=0&dl=https%3A%2F%2Fblogs-jpcert-or-jp.translate.goog%2Fja%2F2024%2F07%2Fkimsuky.html%3F_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&dt=%E6%97%A5%E6%9C%AC%E3%81%AE%E7%B5%84%E7%B9%94%E3%82%92%E7%8B%99%E3%81%A3%E3%81%9F%E6%94%BB%E6%92%83%E3%82%B0%E3%83%AB%E3%83%BC%E3%83%97Kimsuky%E3%81%AB%E3%82%88%E3%82%8B%E6%94%BB%E6%92%83%E6%B4%BB%E5%8B%95%20-%20JPCERT%2FCC%20Eyes%20%7C%20JPCERT%E3%82%B3%E3%83%BC%E3%83%87%E3%82%A3%E3%83%8D%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%AD%E3%82%B0&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1303&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6NX4WBMERX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 18:44:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blogs-jpcert-or-jp.translate.goog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen204
translate.google.com/
0
736 B
Image
General
Full URL
https://translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20240710
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-L4ppcGj4pvKjpSuSJ8Fg7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-L4ppcGj4pvKjpSuSJ8Fg7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/TranslateApiHttp/web-reports?context=eJzjktDikmII0pBicEqfweoDxEsiLrLuSbzIKsTD8XXq6S1sAifafp1mUlJKyi-MLylKzCvOSSxJLU4tKkstijcyMDIxMDc00DOwiC8wAAC1AxmI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/
6 KB
4 KB
Image
General
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 03:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Jul 2025 03:23:36 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1514494750&t=pageview&_s=1&dl=https%3A%2F%2Fblogs-jpcert-or-jp.translate.goog%2Fja%2F2024%2F07%2Fkimsuky.html%3F_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&ul=ja-jp&de=UTF-8&dt=%E6%97%A5%E6%9C%AC%E3%81%AE%E7%B5%84%E7%B9%94%E3%82%92%E7%8B%99%E3%81%A3%E3%81%9F%E6%94%BB%E6%92%83%E3%82%B0%E3%83%AB%E3%83%BC%E3%83%97Kimsuky%E3%81%AB%E3%82%88%E3%82%8B%E6%94%BB%E6%92%83%E6%B4%BB%E5%8B%95%20-%20JPCERT%2FCC%20Eyes%20%7C%20JPCERT%E3%82%B3%E3%83%BC%E3%83%87%E3%82%A3%E3%83%8D%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%AD%E3%82%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1997733302&gjid=620115219&cid=666563481.1720896246&tid=UA-124034031-1&_gid=1922974736.1720896246&_r=1&gtm=457e4790za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=326562918
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 18:44:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blogs-jpcert-or-jp.translate.goog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-ads.js
cse.google.com/adsense/search/
192 KB
75 KB
Script
General
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__ja.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0dfb399ebc11283105cb45dbda35b6fdc79a0a236b1458a259bbc9e7f0b10f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"14067330115590729530"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://syndicatedsearch.goog>; rel="preconnect"
expires
Sat, 13 Jul 2024 18:44:05 GMT
clear.png
www.google.com/cse/static/css/v2/
1018 B
1 KB
Image
General
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/default+ja.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f4.1e100.net
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/cse/static/element/8fa85d58e016b414/default+ja.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 19:33:16 GMT
x-content-type-options
nosniff
age
169849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 11 Jul 2025 19:33:16 GMT
branding.png
www.google.com/cse/static/images/1x/ja/
1 KB
1 KB
Image
General
Full URL
https://www.google.com/cse/static/images/1x/ja/branding.png
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f4.1e100.net
Software
sffe /
Resource Hash
b0983545a358cc3907ff7ff53f7c075eff35e8ca3d1c5c54704470abc4624a29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 11:26:40 GMT
x-content-type-options
nosniff
age
199045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1249
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 11 Jul 2025 11:26:40 GMT
generate_204
clients1.google.com/
0
117 B
Image
General
Full URL
https://clients1.google.com/generate_204
Requested by
Host: blogs-jpcert-or-jp.translate.goog
URL: https://blogs-jpcert-or-jp.translate.goog/ja/2024/07/kimsuky.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
translateHtml
translate-pa.googleapis.com/v1/ Frame
0
0
Preflight
General
Full URL
https://translate-pa.googleapis.com/v1/translateHtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::200a Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://blogs-jpcert-or-jp.translate.goog
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://blogs-jpcert-or-jp.translate.goog
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 13 Jul 2024 18:44:05 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
translateHtml
translate-pa.googleapis.com/v1/ Frame
0
0
Preflight
General
Full URL
https://translate-pa.googleapis.com/v1/translateHtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::200a Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://blogs-jpcert-or-jp.translate.goog
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://blogs-jpcert-or-jp.translate.goog
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 13 Jul 2024 18:44:05 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
translateHtml
translate-pa.googleapis.com/v1/
3 KB
1 KB
XHR
General
Full URL
https://translate-pa.googleapis.com/v1/translateHtml
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.86_290uSigY.O/am=HgY/d=1/rs=AN8SPfr4df9RwTZl1WfnzK7ygMQyC8FR5g/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::200a Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e9b0c1c906002be79a715bd874d0634a419abc0801d9630ba65c58837e52519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
X-goog-api-key
AIzaSyATBXajvzQLTDHEQbcpq0Ihe0vWDHmO520
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://blogs-jpcert-or-jp.translate.goog
access-control-expose-headers
x-google-eom,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1459
x-xss-protection
0
translateHtml
translate-pa.googleapis.com/v1/
6 KB
2 KB
XHR
General
Full URL
https://translate-pa.googleapis.com/v1/translateHtml
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.86_290uSigY.O/am=HgY/d=1/rs=AN8SPfr4df9RwTZl1WfnzK7ygMQyC8FR5g/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::200a Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0089214036d249c086b00495609b4f581118d3d32e884957a4d06e2a862758c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
X-goog-api-key
AIzaSyATBXajvzQLTDHEQbcpq0Ihe0vWDHmO520
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://blogs-jpcert-or-jp.translate.goog
access-control-expose-headers
x-google-eom,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2237
x-xss-protection
0
favicon.ico
blogs.jpcert.or.jp/ja/common/images/
5 KB
6 KB
Other
General
Full URL
https://blogs.jpcert.or.jp/ja/common/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.199.127.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-127-131.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c7f6f4acee58585774f7bb43bd5a95200029af8d32847f29fcf1126832d82753
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime
0.046205
date
Sat, 13 Jul 2024 18:44:05 GMT
x-amz-version-id
8tSkczhi0ToXcn3qAtxwHdz4X1_BjOX8
x-content-type-options
nosniff
strict-transport-security
max-age=3600
last-modified
Fri, 09 Oct 2020 02:03:46 GMT
age
122756
etag
"fe6624b7972582fe71cd6779a97147c5"
expect-ct
enforce, max-age=3600
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
5558
x-xss-protection
1; mode=block
gen204
translate.google.com/
0
24 B
Image
General
Full URL
https://translate.google.com/gen204?sl=ja&tl=en&textlen=85&ttt=264&ttl=163&sr=1&nca=te_time&client=wt_lib&logld=vTE_20240710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce--AK_oHH_Xhk-xgnrqim4iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 18:44:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce--AK_oHH_Xhk-xgnrqim4iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/TranslateApiHttp/web-reports?context=eJzjktDikmII0pBicEqfweoDxEsiLrLuSbzIKsTD8XXq6S1sAg-23DzLrKSUlF8YX1KUmFeck1iSWpxaVJZaFG9kYGRiYG5ooGdgEV9gAAC7dRmw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/7532) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 18:44:06 GMT
Content-Encoding
gzip
Age
9513515
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (itm/7532)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 762C
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/7519) /
Resource Hash

Request headers

Referer
https://blogs-jpcert-or-jp.translate.goog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
9506573
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12332
Content-Type
text/html; charset=utf-8
Date
Sat, 13 Jul 2024 18:44:06 GMT
Etag
"e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (itm/7519)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 263A
0
0
Document