safety.mercari.pics Open in urlscan Pro
34.146.216.235  Malicious Activity! Public Scan

Submitted URL: https://safety.mercari.pics/jp
Effective URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&...
Submission: On May 18 via manual from JP — Scanned from JP

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 34.146.216.235, located in Tokyo, Japan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is safety.mercari.pics.
TLS certificate: Issued by R3 on May 14th 2022. Valid for: 3 months.
This is the only time safety.mercari.pics was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Mercari (E-commerce)

Domain & IP information

IP Address AS Autonomous System
21 34.146.216.235 396982 (GOOGLE-CL...)
1 2404:6800:400... 15169 (GOOGLE)
3 49.102.154.13 9605 (DOCOMO NT...)
2 2404:6800:400... 15169 (GOOGLE)
27 4
Apex Domain
Subdomains
Transfer
21 mercari.pics
safety.mercari.pics
189 KB
3 docomo.ne.jp
id.smt.docomo.ne.jp — Cisco Umbrella Rank: 461526
717 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
64 KB
27 4
Domain Requested by
21 safety.mercari.pics safety.mercari.pics
3 id.smt.docomo.ne.jp safety.mercari.pics
2 www.google-analytics.com safety.mercari.pics
www.google-analytics.com
1 www.googletagmanager.com safety.mercari.pics
27 4

This site contains no links.

Subject Issuer Validity Valid
safety.mercari.pics
R3
2022-05-14 -
2022-08-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-25 -
2022-07-18
3 months crt.sh
id.smt.docomo.ne.jp
DigiCert TLS RSA SHA256 2020 CA1
2021-09-07 -
2022-10-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Frame ID: DCF0D34750AB42E09CB04916F81F9F8D
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

ログイン

Page URL History Show full URLs

  1. https://safety.mercari.pics/jp Page URL
  2. https://safety.mercari.pics/index.php?t=51b9158f4472eb8a96c3b6f2d21b5ae3e16f181024a88fb290df4d72edb82553 Page URL
  3. https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&actio... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

274 kB
Transfer

900 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://safety.mercari.pics/jp Page URL
  2. https://safety.mercari.pics/index.php?t=51b9158f4472eb8a96c3b6f2d21b5ae3e16f181024a88fb290df4d72edb82553 Page URL
  3. https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
jp
safety.mercari.pics/
1 KB
1 KB
Document
General
Full URL
https://safety.mercari.pics/jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
access-control-allow-origin
safety.mercari.pics
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
597
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Wed, 18 May 2022 02:22:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
vendor.23238u92u82.js
safety.mercari.pics/vendor/
5 KB
2 KB
Script
General
Full URL
https://safety.mercari.pics/vendor/vendor.23238u92u82.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/jp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
1907
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Mon, 05 Apr 2021 18:24:52 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
index.php
safety.mercari.pics/
5 KB
3 KB
Document
General
Full URL
https://safety.mercari.pics/index.php?t=51b9158f4472eb8a96c3b6f2d21b5ae3e16f181024a88fb290df4d72edb82553
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/jp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safety.mercari.pics/jp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
access-control-allow-origin
safety.mercari.pics
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
2379
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Wed, 18 May 2022 02:22:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Primary Request signin
safety.mercari.pics/ap/
10 KB
3 KB
Document
General
Full URL
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/index.php?t=51b9158f4472eb8a96c3b6f2d21b5ae3e16f181024a88fb290df4d72edb82553
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
04bed74cb3990bbd567a9990de2b479020705026ab58182a5c85a9f58008cb08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safety.mercari.pics/index.php?t=51b9158f4472eb8a96c3b6f2d21b5ae3e16f181024a88fb290df4d72edb82553
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
access-control-allow-origin
safety.mercari.pics
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
3347
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Wed, 18 May 2022 02:22:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
upgrade-insecure-requests
1
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
layui.css
safety.mercari.pics/ap/css/
78 KB
14 KB
Stylesheet
General
Full URL
https://safety.mercari.pics/ap/css/layui.css
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
2099b96e5926889f45e5ee5613a8ddc2b81b8ba8a164711d80882523e1353091
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
14364
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 06 Jul 2021 11:59:16 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
accept-ranges
bytes
normalize.css
safety.mercari.pics/ap/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://safety.mercari.pics/ap/css/normalize.css
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
2e16a67f6d66d11462890ffbb47a2d9097ac0a9fa09695ab78637ef0cc66766a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
1757
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 06 Jul 2021 11:59:34 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
accept-ranges
bytes
style.css
safety.mercari.pics/ap/css/
3 KB
898 B
Stylesheet
General
Full URL
https://safety.mercari.pics/ap/css/style.css
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
6133eaf1a84019a054750bd9da1d6ed981baaa38c58fee9b87633be6ef4d656a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
835
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 07 Sep 2021 17:10:04 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
accept-ranges
bytes
checkboxRadio.css
safety.mercari.pics/ap/css/
3 KB
939 B
Stylesheet
General
Full URL
https://safety.mercari.pics/ap/css/checkboxRadio.css
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
46cddb9ec8f08619abaaf564e247a204bf1580ce0cdcb5e62a043bd3e200c813
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
876
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Mon, 06 Sep 2021 19:24:50 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
accept-ranges
bytes
auth_layout_v5_pc.css
safety.mercari.pics/ap/style/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://safety.mercari.pics/ap/style/css/auth_layout_v5_pc.css
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
f9e4f59d586a04355cb00b2514cd80a8e90ac3469470ebf29c2d49c0ac0a0977
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
2401
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Thu, 12 May 2022 10:18:49 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
accept-ranges
bytes
auth_layout_v5_style.css
safety.mercari.pics/ap/style/css/
22 KB
6 KB
Stylesheet
General
Full URL
https://safety.mercari.pics/ap/style/css/auth_layout_v5_style.css
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
0159d9ba2fba6ff0e211a5cc9a5147519f391b64fd4283528945c66af2c7b51e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
5620
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Fri, 13 May 2022 06:29:57 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
accept-ranges
bytes
idk.css
safety.mercari.pics/ap/css/
43 KB
9 KB
Stylesheet
General
Full URL
https://safety.mercari.pics/ap/css/idk.css
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
2c998067e7d2c5d49964e2daca460c3e5e2f81e4dfa9b8637c5aa13eb375bd30
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
8929
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 10 May 2022 03:28:18 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
text/css
access-control-allow-origin
(null)
accept-ranges
bytes
analytics.js
safety.mercari.pics/ap/style/js/
48 KB
19 KB
Script
General
Full URL
https://safety.mercari.pics/ap/style/js/analytics.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
19701
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Sat, 31 Jul 2021 23:10:46 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
gtm.js
safety.mercari.pics/ap/style/js/
187 KB
49 KB
Script
General
Full URL
https://safety.mercari.pics/ap/style/js/gtm.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
d512d0da9cc205fec87268246523fcb9991a3f3401909e75fc680d14b5fddfec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
49789
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Sun, 04 Jul 2021 15:29:16 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
jquery-1.9.1.min.js
safety.mercari.pics/ap/style/js/
90 KB
32 KB
Script
General
Full URL
https://safety.mercari.pics/ap/style/js/jquery-1.9.1.min.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
32775
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Sun, 04 Jul 2021 15:29:16 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
auth_IDFPS-IJ0002_v6.js
safety.mercari.pics/ap/style/js/
17 KB
4 KB
Script
General
Full URL
https://safety.mercari.pics/ap/style/js/auth_IDFPS-IJ0002_v6.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
7683b4e530ca40f167b5695ba3ae55c2922d447d8ff764e8faf08579d7593e85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
3864
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Sun, 04 Jul 2021 15:29:16 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
auth_validation_v5.js
safety.mercari.pics/ap/style/js/
8 KB
2 KB
Script
General
Full URL
https://safety.mercari.pics/ap/style/js/auth_validation_v5.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
b873af2cb3674cb4c47edddb6614b4542c4f09b404c3ad278013cbdca192a6ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
2001
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Sun, 04 Jul 2021 15:29:16 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
auth_dispCtl_v2.js
safety.mercari.pics/ap/style/js/
740 B
406 B
Script
General
Full URL
https://safety.mercari.pics/ap/style/js/auth_dispCtl_v2.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
3b4a493be4a3d49f41c289ad95f655725cbfe6d53cc3c400f0d564395fb4bebd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
366
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Sun, 04 Jul 2021 15:29:16 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
auth_accordion.js
safety.mercari.pics/ap/style/js/
608 B
360 B
Script
General
Full URL
https://safety.mercari.pics/ap/style/js/auth_accordion.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
52e33a8577de91c095569ac146a3d4165244decbbe82a7dbf85a4af70b9d62c5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
321
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Sun, 04 Jul 2021 15:29:16 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
beacon.js
safety.mercari.pics/ap/style/js/
426 B
289 B
Script
General
Full URL
https://safety.mercari.pics/ap/style/js/beacon.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
4ac2d652afb70293e9b3763d5bb9866010a5b58c031c8e80a2c984369cf96f26
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
250
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Sun, 04 Jul 2021 15:29:16 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
mercari.png
safety.mercari.pics/ap/images/
5 KB
5 KB
Image
General
Full URL
https://safety.mercari.pics/ap/images/mercari.png
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
88c7f436124f03d80bedbe94d8a7beab68ab1785248d9ee3f0226591f76798e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
x-content-type-options
nosniff
last-modified
Tue, 10 May 2022 02:33:38 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
image/png
access-control-allow-origin
(null)
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
4722
x-xss-protection
1; mode=block
jquery.min.js
safety.mercari.pics/ap/css/
94 KB
33 KB
Script
General
Full URL
https://safety.mercari.pics/ap/css/jquery.min.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.216.235 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.216.146.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-length
33231
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
last-modified
Tue, 06 Jul 2021 12:01:30 GMT
server
Apache
upgrade-insecure-requests
1
date
Wed, 18 May 2022 02:22:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
(null)
accept-ranges
bytes
gtm.js
www.googletagmanager.com/
214 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZ9HH4
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ad02a59d69b6a6001aab493d9734260075707ac2bb71f0e10cf112102527d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 02:22:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64590
x-xss-protection
0
last-modified
Wed, 18 May 2022 00:14:26 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 May 2022 02:22:51 GMT
bg_spring.png
id.smt.docomo.ne.jp/img/
102 B
279 B
Image
General
Full URL
https://id.smt.docomo.ne.jp/img/bg_spring.png
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/style/css/auth_layout_v5_pc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.102.154.13 , Japan, ASN9605 (DOCOMO NTT DOCOMO, INC., JP),
Reverse DNS
Software
/
Resource Hash
293b57cc384290eab34796b4a5be203a7de0bbd6c6bcfb9bc41596fe622b5ee9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 18 May 2022 02:22:51 GMT
Last-Modified
Mon, 07 Nov 2016 05:53:17 GMT
Content-Length
102
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/style/js/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6085
date
Wed, 18 May 2022 00:41:26 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 18 May 2022 02:41:26 GMT
empty.gif
id.smt.docomo.ne.jp/img/
43 B
219 B
Image
General
Full URL
https://id.smt.docomo.ne.jp/img/empty.gif?t=g&acs_url=https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Requested by
Host: safety.mercari.pics
URL: https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.102.154.13 , Japan, ASN9605 (DOCOMO NTT DOCOMO, INC., JP),
Reverse DNS
Software
/
Resource Hash
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 18 May 2022 02:22:51 GMT
Last-Modified
Fri, 21 Sep 2018 12:33:35 GMT
Content-Length
43
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
collect
www.google-analytics.com/j/
1 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=147070897&t=pageview&_s=1&dl=https%3A%2F%2Fsafety.mercari.pics%2Fap%2Fsignin%3F_encoding%3DUTF8%26openid.assoc_handle%3Djpflex%26openid.claimed_id%3D%26action%3Dsign-in%26path%3Dhome%26ref_%3Dnav_Account%26signIn%3D1%26useRedirectOnSuccess%3D1&dp=%2Fap%2Fsignin&ul=en-us&de=UTF-8&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABCAAAAC~&jid=938221171&gjid=743188262&cid=1483294483.1652840572&tid=UA-47453928-10&_gid=137927207.1652840572&_r=1&gtm=2wg6u0WZ9HH4&cd1=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&cd2=https%3A%2F%2Fsafety.mercari.pics%2Findex.php&cd3=SPSDI001&cd4=&z=1949049012
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safety.mercari.pics/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 May 2022 02:22:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://safety.mercari.pics
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
empty.gif
id.smt.docomo.ne.jp/img/
43 B
219 B
Image
General
Full URL
https://id.smt.docomo.ne.jp/img/empty.gif?acs_url=https://safety.mercari.pics/ap/signin?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.102.154.13 , Japan, ASN9605 (DOCOMO NTT DOCOMO, INC., JP),
Reverse DNS
Software
/
Resource Hash
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://safety.mercari.pics/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 18 May 2022 02:22:51 GMT
Last-Modified
Fri, 21 Sep 2018 12:33:35 GMT
Content-Length
43
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Mercari (E-commerce)

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery string| DCMID_COOKIE number| DCMID_EXPIRE number| BTN_CTL_ENABLE number| BTN_CTL_DISABLE boolean| COOKIE_SECURE number| BTN_TIMEOUT string| BTN_TYPE string| BTN_TYPE_IMG string| COOKIE_DOMAIN string| DOCOMOID_FORM string| DOCOMOID_UID string| DOCOMOID_PASS string| DOCOMONAME_SAVE string| BTN_NAME number| AUTH_TYPE_PW number| AUTH_TYPE_SEC string| DISP_AUTH_PW string| DISP_AUTH_SEC string| IDMSN_CHANGE_SEPARATOR undefined| userErrMsg number| submitFlg function| loginFormOnLoad function| chgDispById function| chgDisp function| setLoginForm function| setCookie function| getCookie function| doBeforeLogin0 function| doBeforeLogin2 function| changeIDMSNCookie0 function| getCharCDFromString function| getStringFromCharCD function| checkForm0 function| checkFormOneTime0 function| checkLength function| getByteStringLength function| buttonControl function| doBeforeLogin1 function| doBeforeLogin3 function| checkForm3 function| doBeforeLogin4 function| checkForm4 function| doBeforeLogin5 function| checkForm5 function| setDispAuth function| isSet function| isLength function| isLengthUnder function| isLengthUpper function| isBounds function| isAgree function| isCharCode function| isPwCharCode function| isNwPwCharCode function| getMsg function| setErr function| focusErr function| clearErr function| dispCtl function| launchApp function| launchApp2 function| setImg number| isEasyExec number| isEasyUnKnown number| secondDeviceFlg string| scrid object| dataLayer object| google_tag_data function| ga object| gaplugins object| google_tag_manager string| GoogleAnalyticsObject function| _auth_pv_ga object| _autha function| _authb object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
safety.mercari.pics/ Name: PHPSESSID
Value: qtg8tmf8jcbonh60kkn56gdg6p
.safety.mercari.pics/ Name: 62345ba76168db0033ce8ae6a90ce5a762956614
Value: nwcMGFHjQc7nDOZDxhWlbg%3D%3D
.safety.mercari.pics/ Name: ak_bmsc
Value: 4zeEvajla5VXwOLAS9VKlsr0%2BWOGgJY%2BbQmxh%2BGjxwggt%2BpOsS0PkLwchMK46pZ8w3nUh%2FbWFuOGsbuBKlTWggKp7t0r9mF9eqtHl2ICT5sOcx3tzCdXtlIm%2FBQLg6oT31xsLIgFKPd9UFCo7RIDLuMLFTGWuToJLNoqaa9tCdsJfam5evilpRNJWuVkhx5dFFCPzNeWfEoQsMDuIx0UWmnAluioyuMFpTfEjNk5zOWu1FC5V541N1IweIKPI8EyUKqjl4f6OEn6DzJbsqL%2BKK3JXI9%2FynUUdWMTmKfRzzrMmvOKlK45WZIEiLSYXyiRpVc6uMyYnzBt93M4Z0yBkLJswtU%2BR4SC8uriBIUDH1x7b3x4m42ooZpiOdPaueHIUC81Tz39JkVVkAIkDoyTnne2tZuIPa0REZoOLky1JnAJuQ8ZrqadvRxjdqdGVrvNiKBA2tF8wNBhf6nmiS23lIjmghcJ7VW9pDX5j6jC17fMGHiOKwjIkhaQLg1%2BejibTHoX8BUAwN9iswWdwk3sofsFYfsFHgd%2BZj94vysW7q2bEXJAhu2EBzZziXi9CiS2JJGWM6heMbZYtEZUNHVUNj%2FXUfHpZiOs9qDEpSgs5tZ1h69336fOLzXUPIUP%2Fknh13%2FoyjLkh8dPPJkDxYiH3hv9vj0%2BK7OZfMIICDLtz3NcvF%2F5A7MThDLBD05RZ7fjCoofJ4X1kWR%2FNqMVyehWgSdkR%2FyrZDrANyEx2DD66n4%3D
.safety.mercari.pics/ Name: _amkc
Value: 7995301c-2561-40a2-a944-068c9d45b11d
.mercari.pics/ Name: _auth_pv
Value: GA1.2.1483294483.1652840572
.mercari.pics/ Name: _auth_pv_gid
Value: GA1.2.137927207.1652840572
.mercari.pics/ Name: _gat_UA-47453928-10
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

id.smt.docomo.ne.jp
safety.mercari.pics
www.google-analytics.com
www.googletagmanager.com
2404:6800:4004:808::2008
2404:6800:4004:827::200e
34.146.216.235
49.102.154.13
0159d9ba2fba6ff0e211a5cc9a5147519f391b64fd4283528945c66af2c7b51e
04bed74cb3990bbd567a9990de2b479020705026ab58182a5c85a9f58008cb08
2099b96e5926889f45e5ee5613a8ddc2b81b8ba8a164711d80882523e1353091
293b57cc384290eab34796b4a5be203a7de0bbd6c6bcfb9bc41596fe622b5ee9
2c998067e7d2c5d49964e2daca460c3e5e2f81e4dfa9b8637c5aa13eb375bd30
2e16a67f6d66d11462890ffbb47a2d9097ac0a9fa09695ab78637ef0cc66766a
3ad02a59d69b6a6001aab493d9734260075707ac2bb71f0e10cf112102527d2e
3b4a493be4a3d49f41c289ad95f655725cbfe6d53cc3c400f0d564395fb4bebd
46cddb9ec8f08619abaaf564e247a204bf1580ce0cdcb5e62a043bd3e200c813
4ac2d652afb70293e9b3763d5bb9866010a5b58c031c8e80a2c984369cf96f26
52e33a8577de91c095569ac146a3d4165244decbbe82a7dbf85a4af70b9d62c5
6133eaf1a84019a054750bd9da1d6ed981baaa38c58fee9b87633be6ef4d656a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7683b4e530ca40f167b5695ba3ae55c2922d447d8ff764e8faf08579d7593e85
87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51
88c7f436124f03d80bedbe94d8a7beab68ab1785248d9ee3f0226591f76798e5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b873af2cb3674cb4c47edddb6614b4542c4f09b404c3ad278013cbdca192a6ac
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d512d0da9cc205fec87268246523fcb9991a3f3401909e75fc680d14b5fddfec
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
f9e4f59d586a04355cb00b2514cd80a8e90ac3469470ebf29c2d49c0ac0a0977