cf96820.tw1.ru Open in urlscan Pro
2a03:6f00:1::5c35:6079 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cf96820.tw1.ru/
Submission Tags: phishing
Submission: On June 07 via api (June 7th 2024, 9:20:21 pm UTC) from JP — Scanned from JP

Summary HTTP 130 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 32 domains to perform 130 HTTP transactions. The main IP is 2a03:6f00:1::5c35:6079, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is cf96820.tw1.ru.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 11th 2024. Valid for: a year.

This is the only time cf96820.tw1.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: au Jibun Bank (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	2a03:6f00:1::... 2a03:6f00:1::5c35:6079	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1	104.71.152.232 104.71.152.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2	183.79.248.252 183.79.248.252	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1	52.194.138.20 52.194.138.20	16509 (AMAZON-02) (AMAZON-02)
9	2404:6800:400... 2404:6800:400a:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26f... 2600:9000:26f2:5000:1e:513c:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.62.185.138 23.62.185.138	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.32.224.34 23.32.224.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.228.157 151.101.228.157	54113 (FASTLY) (FASTLY)
14	23.62.20.91 23.62.20.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 15	172.217.26.226 172.217.26.226	15169 (GOOGLE) (GOOGLE)
1	172.217.161.66 172.217.161.66	15169 (GOOGLE) (GOOGLE)
2	183.79.255.12 183.79.255.12	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1	3.114.207.150 3.114.207.150	16509 (AMAZON-02) (AMAZON-02)
1	54.65.115.213 54.65.115.213	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:26a... 2600:9000:26a7:8e00:2:a84d:5700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.251.181.147 13.251.181.147	16509 (AMAZON-02) (AMAZON-02)
3	184.26.218.115 184.26.218.115	16625 (AKAMAI-AS) (AKAMAI-AS)
9	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	52.196.189.61 52.196.189.61	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26a... 2600:9000:26a7:6400:10:3572:e540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:235... 2600:9000:2352:a000:8:dcbf:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 15	172.217.175.68 172.217.175.68	15169 (GOOGLE) (GOOGLE)
15	142.250.196.131 142.250.196.131	15169 (GOOGLE) (GOOGLE)
4	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
2	34.102.157.207 34.102.157.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:140b:a00... 2600:140b:a00:29a::322	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.249.167.126 54.249.167.126	16509 (AMAZON-02) (AMAZON-02)
1	3.164.110.92 3.164.110.92	16509 (AMAZON-02) (AMAZON-02)
1	57.180.94.75 57.180.94.75	16509 (AMAZON-02) (AMAZON-02)
1	13.225.183.52 13.225.183.52	16509 (AMAZON-02) (AMAZON-02)
1	3.165.39.26 3.165.39.26	16509 (AMAZON-02) (AMAZON-02)
1 2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 2	35.78.35.33 35.78.35.33	16509 (AMAZON-02) (AMAZON-02)
1	3.164.110.129 3.164.110.129	16509 (AMAZON-02) (AMAZON-02)
1	3.164.134.66 3.164.134.66	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.69.201.129 52.69.201.129	16509 (AMAZON-02) (AMAZON-02)
130	42

1 2a03:6f00:1::5c35:6079 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)

cf96820.tw1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.71.152.232 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-152-232.deploy.static.akamaitechnologies.com

cdn.kaizenplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.79.248.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.194.138.20 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-138-20.ap-northeast-1.compute.amazonaws.com

rec.ebis.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:400a:80e::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26f2:5000:1e:513c:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

taj1.ebis.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.185.138 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-185-138.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.224.34 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-224-34.deploy.static.akamaitechnologies.com

cdn.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.228.157 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.62.20.91 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-20-91.deploy.static.akamaitechnologies.com

sib.jibunbank.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.26.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.161.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.79.255.12 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

b98.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b99.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.207.150 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-207-150.ap-northeast-1.compute.amazonaws.com

dynalyst-mk.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.115.213 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-115-213.ap-northeast-1.compute.amazonaws.com

mk.ca-conv.amoad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26a7:8e00:2:a84d:5700:93a1 (United States)

ASN16509 (AMAZON-02, US)

fledge.dynalyst.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.181.147 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.26.218.115 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-218-115.deploy.static.akamaitechnologies.com

www.jibunbank.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.129.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn-edge.karte.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-issues.karte.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bs.karte.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.karte.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.196.189.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-189-61.ap-northeast-1.compute.amazonaws.com

i.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a7:6400:10:3572:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fraud-alert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2352:a000:8:dcbf:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.yjtag.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.175.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.196.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.157.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.157.102.34.bc.googleusercontent.com

b.karte.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:a00:29a::322 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

i6.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.249.167.126 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-167-126.ap-northeast-1.compute.amazonaws.com

yjtag.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.164.110.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-110-92.nrt12.r.cloudfront.net

p.fraud-alert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.180.94.75 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-180-94-75.ap-northeast-1.compute.amazonaws.com

code.usergram.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.183.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-52.nrt57.r.cloudfront.net

tk.csolution.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.165.39.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-39-26.nrt12.r.cloudfront.net

cd.valis-cpx.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore) 1 redirects

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.78.35.33 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-35-33.ap-northeast-1.compute.amazonaws.com

px.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.164.110.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-110-129.nrt12.r.cloudfront.net

config-code.usergram.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.164.134.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-134-66.nrt12.r.cloudfront.net

um.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.69.201.129 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-201-129.ap-northeast-1.compute.amazonaws.com

tr.usergram.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	jibunbank.co.jp sib.jibunbank.co.jp www.jibunbank.co.jp	2 MB
15	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 20792	960 B
15	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5	920 B
15	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 63	21 KB
11	karte.io cdn-edge.karte.io — Cisco Umbrella Rank: 155460 cdn-issues.karte.io — Cisco Umbrella Rank: 628238 b.karte.io — Cisco Umbrella Rank: 159296 bs.karte.io — Cisco Umbrella Rank: 262321 static.karte.io — Cisco Umbrella Rank: 267763	142 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	749 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	4 KB
4	line.me tr.line.me — Cisco Umbrella Rank: 14989	2 KB
4	yahoo.co.jp b98.yahoo.co.jp — Cisco Umbrella Rank: 78637 yjtag.yahoo.co.jp — Cisco Umbrella Rank: 46791 b99.yahoo.co.jp — Cisco Umbrella Rank: 22878 am.yahoo.co.jp — Cisco Umbrella Rank: 20943	24 KB
4	smartnews-ads.com cdn.smartnews-ads.com — Cisco Umbrella Rank: 78129 i.smartnews-ads.com — Cisco Umbrella Rank: 79152 i6.smartnews-ads.com — Cisco Umbrella Rank: 83124	4 KB
3	ladsp.com 1 redirects px.ladsp.com — Cisco Umbrella Rank: 108019 um.ladsp.com — Cisco Umbrella Rank: 227383	1 KB
3	usergram.info code.usergram.info — Cisco Umbrella Rank: 264168 config-code.usergram.info — Cisco Umbrella Rank: 402315 tr.usergram.info — Cisco Umbrella Rank: 354545	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	72 KB
2	creativecdn.com 1 redirects asia.creativecdn.com — Cisco Umbrella Rank: 25435	1 KB
2	fraud-alert.net static.fraud-alert.net p.fraud-alert.net	21 KB
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 12561	8 KB
2	dynalyst.jp fledge.dynalyst.jp — Cisco Umbrella Rank: 556292	2 KB
2	ebis.ne.jp rec.ebis.ne.jp — Cisco Umbrella Rank: 315627 taj1.ebis.ne.jp — Cisco Umbrella Rank: 215005	10 KB
1	valis-cpx.jp cd.valis-cpx.jp — Cisco Umbrella Rank: 340978	3 KB
1	csolution.jp tk.csolution.jp	2 KB
1	yjtag.jp s.yjtag.jp — Cisco Umbrella Rank: 79230	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 824	82 KB
1	amoad.com mk.ca-conv.amoad.com — Cisco Umbrella Rank: 487753	894 B
1	adtdp.com dynalyst-mk.adtdp.com — Cisco Umbrella Rank: 513731	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 137	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 907	15 KB
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 15261	10 KB
1	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 6996	11 KB
1	kaizenplatform.net cdn.kaizenplatform.net — Cisco Umbrella Rank: 537862	101 KB
1	tw1.ru cf96820.tw1.ru	8 KB
0	goo.ne.jp Failed adcdn.goo.ne.jp Failed
130	32

	Domain	Requested by
15	www.google.co.jp	cf96820.tw1.ru
15	www.google.com	1 redirects cf96820.tw1.ru
15	googleads.g.doubleclick.net	1 redirects cf96820.tw1.ru www.googletagmanager.com
14	sib.jibunbank.co.jp	cf96820.tw1.ru sib.jibunbank.co.jp
9	www.googletagmanager.com	cf96820.tw1.ru s.yjtag.jp
5	bat.bing.com	cf96820.tw1.ru
4	www.facebook.com
4	tr.line.me	cf96820.tw1.ru
3	static.karte.io	bs.karte.io
3	cdn-edge.karte.io	cf96820.tw1.ru cdn-edge.karte.io
3	www.jibunbank.co.jp	cf96820.tw1.ru
2	px.ladsp.com	1 redirects
2	connect.facebook.net	cf96820.tw1.ru connect.facebook.net
2	asia.creativecdn.com	1 redirects cf96820.tw1.ru
2	b.karte.io	cdn-edge.karte.io
2	cdn-issues.karte.io	cdn-edge.karte.io cdn-issues.karte.io
2	i.smartnews-ads.com	cf96820.tw1.ru
2	seal.digicert.com	cf96820.tw1.ru
2	fledge.dynalyst.jp	cf96820.tw1.ru
1	tr.usergram.info
1	um.ladsp.com	px.ladsp.com
1	config-code.usergram.info	code.usergram.info
1	am.yahoo.co.jp	s.yimg.jp
1	b99.yahoo.co.jp
1	cd.valis-cpx.jp	cf96820.tw1.ru
1	tk.csolution.jp	s.yjtag.jp
1	code.usergram.info	cf96820.tw1.ru
1	bs.karte.io	cdn-edge.karte.io
1	p.fraud-alert.net	static.fraud-alert.net
1	yjtag.yahoo.co.jp	s.yjtag.jp
1	i6.smartnews-ads.com	cf96820.tw1.ru
1	s.yjtag.jp	cf96820.tw1.ru
1	static.fraud-alert.net	sib.jibunbank.co.jp
1	code.jquery.com	cf96820.tw1.ru
1	mk.ca-conv.amoad.com	cf96820.tw1.ru
1	dynalyst-mk.adtdp.com	cf96820.tw1.ru
1	b98.yahoo.co.jp	cf96820.tw1.ru
1	www.googleadservices.com	cf96820.tw1.ru
1	static.ads-twitter.com	cf96820.tw1.ru
1	cdn.smartnews-ads.com	cf96820.tw1.ru
1	d.line-scdn.net	cf96820.tw1.ru
1	taj1.ebis.ne.jp	cf96820.tw1.ru
1	rec.ebis.ne.jp	cf96820.tw1.ru
1	s.yimg.jp	cf96820.tw1.ru
1	cdn.kaizenplatform.net	cf96820.tw1.ru
1	cf96820.tw1.ru
0	adcdn.goo.ne.jp Failed	s.yjtag.jp
130	47

This site contains links to these domains. Also see Links.

Domain
help.jibunbank.co.jp
www.jibunbank.co.jp

Subject Issuer	Validity	Valid
*.tw1.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-01-11` - `2025-02-11`	a year	crt.sh
*.kaizenplatform.net GeoTrust RSA CA 2018	`2024-03-04` - `2025-03-07`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2024-02-02` - `2025-03-01`	a year	crt.sh
rec.ebis.ne.jp Amazon RSA 2048 M02	`2023-11-05` - `2024-12-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.ebis.ne.jp Amazon RSA 2048 M03	`2024-02-05` - `2025-03-05`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-13` - `2024-11-13`	a year	crt.sh
*.smartnews-ads.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
sib.jibunbank.co.jp DigiCert G5 TLS RSA4096 SHA384 2021 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
mscedge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-20` - `2024-12-19`	a year	crt.sh
*.dynalyst-mk.adtdp.com Amazon RSA 2048 M03	`2024-01-10` - `2025-02-07`	a year	crt.sh
*.ca-conv.amoad.com Amazon RSA 2048 M02	`2024-01-03` - `2025-01-31`	a year	crt.sh
*.dynalyst.jp Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-01-30`	a year	crt.sh
www.jibunbank.co.jp DigiCert G5 TLS RSA4096 SHA384 2021 CA1	`2024-03-01` - `2025-04-01`	a year	crt.sh
*.karte.io GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-01` - `2025-01-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.fraud-alert.net Amazon RSA 2048 M02	`2023-09-28` - `2024-10-27`	a year	crt.sh
*.tgm.yahoo-net.jp Cybertrust Japan SureServer CA G4	`2023-11-30` - `2024-12-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2023-08-10` - `2024-09-10`	a year	crt.sh
b.karte.io GTS CA 1D4	`2024-06-05` - `2024-09-03`	3 months	crt.sh
yjtag.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-30` - `2024-12-29`	a year	crt.sh
*.usergram.info Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.csolution.jp Amazon RSA 2048 M03	`2024-03-25` - `2025-04-23`	a year	crt.sh
*.valis-cpx.jp GlobalSign RSA OV SSL CA 2018	`2023-10-17` - `2024-11-17`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-17` - `2024-06-15`	3 months	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2024-05-21` - `2025-06-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://cf96820.tw1.ru/
Frame ID: 653E263188A011B5C7D649C0856AFEE1
Requests: 128 HTTP requests in this frame

Frame: https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1
Frame ID: C1E8F48B0FDAC72F12BB4F8CE127C031
Requests: 1 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1717795217331&svid=48
Frame ID: 79D5A19FDCC93AF5A402A5CF64D09C16
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

98 %
HTTPS

27 %
IPv6

32
Domains

47
Subdomains

42
IPs

4
Countries

3244 kB
Transfer

5894 kB
Size

54
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://help.jibunbank.co.jp/faq_detail.html?id=999
Title: ログインできなくなりました。

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=518
Title: ログインパスワードとは何ですか？

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=536
Title: お客さま番号とログインパスワードを正しく入力しても、インターネットバンキングにログインできません。

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=528
Title: ログインパスワードを忘れてしまいました。どうすればいいですか？

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=599
Title: ログインパスワードを何度も間違えて、入力できなくなりました。どうすればいいですか？

Search URL Search Domain Scan URL

URL: https://www.jibunbank.co.jp/common/redirector.html?id=3484
Title: 全てを見る

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2PTp1KwEW002GViMv0IuF09rRtOY9_reSPg&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv HTTP 302
https://www.google.com/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv&is_vtc=1&cid=CAQSKQDaQooLYe2qBHxfKcue3bmn0_3cVY-QYfYscimOXbOnQvtpmoxA3NDX&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2Pd8juTEFUmEw-dln93q4QITjbYxv4cRh4A&random=4153409732 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv&is_vtc=1&cid=CAQSKQDaQooLYe2qBHxfKcue3bmn0_3cVY-QYfYscimOXbOnQvtpmoxA3NDX&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2Pd8juTEFUmEw-dln93q4QITjbYxv4cRh4A&random=4153409732&ipr=y

Request Chain 99

https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284 HTTP 302
https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1

Request Chain 107

https://px.ladsp.com/pixel?advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119 HTTP 302
https://px.ladsp.com/pixel?cr=true&advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cf96820.tw1.ru/ 40 KB
8 KB 1479ms
265ms Document
text/html 2a03:6f00:1::5c35:6079
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6079 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: c416db33405a27396b6ada4b33b0e8b1582eb987eb72693db75cdc75b65e8e76

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 21:20:16 GMT
server: nginx/1.24.0
vary: Accept-Encoding

GET
H2 200 8c9dd94c00f839.js Show response
cdn.kaizenplatform.net/s/df/ 317 KB
101 KB 35ms
9ms Script
application/javascript 104.71.152.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.152.232 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-152-232.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a71e1e5b38c0016fa7125db40021d544b5de7fa423c8a6cf578a7dfb7b08559d

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Fri, 07 Jun 2024 21:20:16 GMT
x-amz-request-id: PZ93VX5WF3WB9KV2
x-amz-server-side-encryption: AES256
content-length: 102764
x-amz-id-2: mHzrEC9PIXWBe5ZR+0J3qMNpWHhWldOi8xOn/nVl6+cQ1mq2a/NYrIOb3XLDiiS5nmYGDiqnrCk=
last-modified: Fri, 07 Jun 2024 01:56:24 GMT
server: AmazonS3
etag: "c6cb6fbb150ba704612abc7cb92bce68"
vary: Accept-Encoding
access-control-max-age: 3000
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=300
accept-ranges: bytes

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 32 KB
11 KB 38ms
12ms Script
application/javascript 183.79.248.252
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 183.79.248.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: nghttpx /
Resource Hash: b5a034ead112699878b523b7cd97438c7799f6392fc5378749d5c8a69166fa9c

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 07 Jun 2024 21:18:34 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2024 02:06:25 GMT
server: nghttpx
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 102
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-ntap-sg-trace-id: 20460373c586f650
cache-control: public, max-age=600
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 10672

GET
H2 200 rec.php Show response
rec.ebis.ne.jp/ 39 B
377 B 48ms
36ms Script
application/javascript 52.194.138.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.ebis.ne.jp/rec.php?ebisV=6.12&argument=3FYeHBQU&referrer=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&pagetitle=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&pageurl=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ebisUA=Mozilla%2F5.0%20(Windows%20NT%2015.0.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&lstd=2.1qmhn9fp2xx.1717444974&ctd=2.1qmhn9fp2xx.1717444974&td=1qmhn9fp2xx.1717444974&ebisAccessTypes=pv&ebisRand=1717789133289.0&pids=&js=cb
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.138.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-138-20.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 6ee08153c9a97ceaa6a0c382f82b35327aa68e4b4bbe6544c2657631a80c236e

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
date: Fri, 07 Jun 2024 21:20:16 GMT
x-ebis-measured-access-types: pv
cross-origin-resource-policy: cross-origin
server: Apache
content-length: 39
p3p: policyref="/w3c/p3p.xml", CP="NOI OUR PSA IND DSP COR ADM DEV UNI COM NAV INT STA"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 125ms
68ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccb6aa3cf3c69a97f9c8b3e9fa831216f1987771f4da241b37fadbce2d719a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83116
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:16 GMT

GET
H2 200 cmt.js Show response
taj1.ebis.ne.jp/3FYeHBQU/ 29 KB
10 KB 29ms
2ms Script
application/javascript 2600:9000:26f2:5000:1e:513c:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taj1.ebis.ne.jp/3FYeHBQU/cmt.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26f2:5000:1e:513c:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 2af1d7b0e3dada1e08de57f2731c68a0f935ad9db19b81e584cc7a336afd2767

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:19:19 GMT
content-encoding: gzip
via: 1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
last-modified: Fri, 31 May 2024 10:16:03 GMT
server: Apache
x-amz-cf-pop: NRT12-P5
age: 57
etag: W/"7405-619bd455934f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-store, s-maxage=60, public
cross-origin-resource-policy: cross-origin
x-amz-cf-id: p_wpGEImg0KyoZzFZ_qShgVrCUdFQgNwcHR1CyT10ie2ns65x7rY_w==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 67ms
50ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 07 Jun 2024 21:20:16 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A96C78FFC3BF4A909D523608B38BB4CE Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 13ms
2ms Script
application/javascript 23.62.185.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.185.138 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-185-138.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
strict-transport-security: max-age=15768000
content-encoding: gzip
date: Fri, 07 Jun 2024 21:20:16 GMT
x-amz-request-id: tx00000a010788432711387-00651a6065-13de0d6f-jp2
content-length: 9865
x-amz-expiration: expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified: Mon, 02 Oct 2023 06:16:39 GMT
server: VOS
etag: "02e4691c0dcc2f7ecef2712fb0f24921"
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: max-age=2097282
accept-ranges: bytes
expires: Tue, 02 Jul 2024 03:54:58 GMT

GET
H2 200 pixel.js Show response
cdn.smartnews-ads.com/i/ 5 KB
2 KB 16ms
4ms Script
application/javascript 23.32.224.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartnews-ads.com/i/pixel.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.224.34 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: U_040zL3HHLQ_Xb5czsQ1qGGPFoW.rFj
content-encoding: gzip
date: Fri, 07 Jun 2024 21:20:16 GMT
last-modified: Mon, 21 Nov 2022 09:11:10 GMT
etag: "709c82eb76cb41d00bb431534c33b6ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-amz-meta-version: 8.4.6
content-type: application/javascript
cache-control: max-age=128
accept-ranges: bytes
content-length: 1922
expires: Fri, 07 Jun 2024 21:22:24 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 94ms
67ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-460162144&l=dataLayer&cx=c

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

443c9e65beb2fe9db625ba5dde6dca5147f157ce951349065012238299c25fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83198
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:16 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 80ms
59ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfa09e6c41e2dedee077c48c47c547797beb1aea55147c233cc4b096312e2429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85909
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:16 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 62ms
50ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f9db7c8179b8ee39d57d226053e582fd050177e227f3ee3cdc7232d63d8b07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85885
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:16 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 89ms
88ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df0490975598ac04676187866062347a04e855232ed03e80ff146d771d35f54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85981
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:16 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 10ms
1ms Script
application/javascript 151.101.228.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.228.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: gzip
last-modified: Wed, 27 Mar 2024 23:09:36 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000135-IAD, cache-hnd18721-HND

GET
H/1.1 200
OK all.js Show response
sib.jibunbank.co.jp/js/ 256 KB
256 KB 245ms
205ms Script
application/javascript 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/js/all.js?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "3fe02-5b6a78bde2593"
X-FRAME-OPTIONS: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 261634

GET
H/1.1 200
OK app.js Show response
sib.jibunbank.co.jp/js/ 190 KB
190 KB 220ms
180ms Script
application/javascript 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/js/app.js?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Sat, 11 Dec 2021 13:00:55 GMT
Server: Apache
ETag: "2f731-5d2de6e1914d4"
X-FRAME-OPTIONS: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 194353

GET
H/1.1 200
OK style.css
sib.jibunbank.co.jp/css/ 516 KB
516 KB 252ms
212ms Stylesheet
text/css 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/css/style.css?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b655d409d1d1b439c2e548b988bbf519f523500114eb1e38604d7e67febe43a1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Sat, 09 Mar 2024 16:27:11 GMT
Server: Apache
ETag: "810f0-6133cc7c9469f"
X-FRAME-OPTIONS: DENY
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 528624

GET
H/1.1 200
OK common.js Show response
sib.jibunbank.co.jp/js/ 4 KB
5 KB 228ms
189ms Script
application/javascript 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/js/common.js?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cf13c4419977d2f686600b263e163329da325e3291a0a66d0de22b9808066d15

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Wed, 28 Apr 2021 05:39:42 GMT
Server: Apache
ETag: "11eb-5c101ce317fce"
X-FRAME-OPTIONS: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4587

GET
H/1.1 200
OK extended_timeout.js Show response
sib.jibunbank.co.jp/js/ 3 KB
4 KB 217ms
177ms Script
application/javascript 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/js/extended_timeout.js?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Wed, 28 Apr 2021 05:39:42 GMT
Server: Apache
ETag: "d06-5c101ce318f6e"
X-FRAME-OPTIONS: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3334

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/460162144/ 4 KB
1 KB 89ms
49ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/460162144/?random=1717789131970&cv=11&fst=1717789131970&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ed92ea5ecc441438194a08e31c912361fe9ca009347dce68a5a3fa363207cee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1495
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/ 4 KB
1 KB 79ms
48ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1717789132022&cv=11&fst=1717789132022&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

2b21dcaaa1c1ed769d1a4323d619d72059651be40be3c2d95ab18a37a0b2842c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1495
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/ 4 KB
1 KB 71ms
48ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1717789132073&cv=11&fst=1717789132073&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

2cb7df87962541d661e113e0045120be429479e3309719f2058474276351f8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1494
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/721159065/ 3 KB
2 KB 96ms
46ms Script
text/javascript 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/721159065/?random=1717789132076&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&bttype=purchase&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

cafe /

Resource Hash

3d365a6395b9f0e62b9cc914189d1e462843e780eede59b14c7407f875ce04e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1740
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/ 4 KB
2 KB 52ms
50ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1717789132086&cv=11&fst=1717789132086&bg=ffffff&guid=ON&async=1&gtm=45be4650v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c35fd6a485324a59e51beadca1d4bd9908ee96786265e519816cb9ad9446483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1521
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 97022402.js Show response
bat.bing.com/p/action/ 0
118 B 55ms
52ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97022402.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 07 Jun 2024 21:20:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3945DCA1515841789D3DC5FBC31DD2DC Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
x-cache: CONFIG_NOCACHE

GET
H2 204 97114338.js Show response
bat.bing.com/p/action/ 0
117 B 53ms
50ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97114338.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 07 Jun 2024 21:20:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CA0BFBB185B46AD8C3511F4134FBCC2 Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
x-cache: CONFIG_NOCACHE

GET
H2 204 97050327.js Show response
bat.bing.com/p/action/ 0
118 B 55ms
52ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050327.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 07 Jun 2024 21:20:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F221CDCDC0354E4CAE440B1F830FB01B Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
x-cache: CONFIG_NOCACHE

GET
H2 204 97050325.js Show response
bat.bing.com/p/action/ 0
117 B 54ms
51ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050325.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 07 Jun 2024 21:20:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 08073AA17F834051A6868835D2259845 Ref B: TYO01EDGE2010 Ref C: 2024-06-07T21:20:16Z
x-cache: CONFIG_NOCACHE

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/ 4 KB
2 KB 47ms
45ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1717789132689&cv=11&fst=1717789132689&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

411bff450d9a7ff9aa950233a52c17b3feb575b554a8dfe8236948f9171c2108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1515
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/ 4 KB
2 KB 48ms
47ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/?random=1717789132701&cv=11&fst=1717789132701&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

be2f241cecf2cc48e86598fcde8c642e782cd3db9870a042eae183faa3d5e1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1514
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK conversion_async.js Show response
b98.yahoo.co.jp/pagead/ 53 KB
20 KB 110ms
85ms Script
text/javascript 183.79.255.12
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b98.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.12 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

cafe /

Resource Hash

95c3a41dc0300691569690f968222223b3cf13c9c950e6ac2f0c48003b71f8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Connection: close
X-XSS-Protection: 0
Server: cafe
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
ETag: 13397053139491029127
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin: *
Expires: Fri, 07 Jun 2024 21:20:16 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/ 4 KB
2 KB 50ms
48ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/?random=1717789132916&cv=11&fst=1717789132916&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

bf27f60cc41bd253f9fc274661a5d1fa9a00ad82dd0b76e4d3838163ff6d685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1530
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/ 4 KB
2 KB 53ms
51ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/?random=1717789132928&cv=11&fst=1717789132928&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

41223816ca838c8d0795cab48948d68a6c04d8171445ce77ba747595ad316444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1527
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/ 4 KB
2 KB 88ms
86ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/?random=1717789132939&cv=11&fst=1717789132939&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

49dfc4a033d974b6f20c2b5343757673c7588bf9ef65c99383a63be53011b0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1525
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/ 4 KB
2 KB 89ms
87ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1717789132951&cv=11&fst=1717789132951&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

bec54132b336b6183d12e2da783cd20dcf37524785df0d4c4c9552d94e601902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1522
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/ 4 KB
2 KB 85ms
83ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/?random=1717789132962&cv=11&fst=1717789132962&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3febc80c27bc363e6498cf16d6c5a0e98c0c88ee1606979a18bc68a2f3533bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1523
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ext Show response
dynalyst-mk.adtdp.com/site/game/ 4 KB
1 KB 27ms
14ms Script
application/javascript 3.114.207.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dynalyst-mk.adtdp.com/site/game/ext?dtype=1&advid=3383&an=jibun-ginko&cty=JPN&tz=JST&ext=%7B%7D&tp=game/ext&uq=81ac29d3-d21e-4863-8f98-305216f849b2&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&swh=2560x1440&scd=24
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.207.150 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-207-150.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 217728cd2bd1c1f3ad6928ec142241336f13446f214366ce2cfde4d7cfb680a6

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 732
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ext Show response
mk.ca-conv.amoad.com/site/game/ 4 KB
894 B 21ms
8ms Script
application/javascript 54.65.115.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mk.ca-conv.amoad.com/site/game/ext?dtype=2&advid=3383&an=jibun-ginko&cty=JPN&tz=JST&ext=%7B%7D&tp=game/ext&uq=81ac29d3-d21e-4863-8f98-305216f849b2&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&swh=2560x1440&scd=24
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.115.213 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-115-213.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dbb9069d2de94b007afc3107774af3bd02aa6e0cece82b1f9396d7b395aef9e2

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 553
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 widget.js Show response
fledge.dynalyst.jp/join-ad-interest-group/ 564 B
932 B 30ms
2ms Script
text/javascript 2600:9000:26a7:8e00:2:a84d:5700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fledge.dynalyst.jp/join-ad-interest-group/widget.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a7:8e00:2:a84d:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48395747738ae23158701c30d1f14a385d855d154661747974a16fc4d2d2a5bd

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 04:00:55 GMT
via: 1.1 c383634e01fa17a4ab3a0d27cbdf5f0c.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 03:52:54 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P2
age: 62362
x-amz-server-side-encryption: AES256
etag: "3baedeea55bd9e3e2e325745da5da154"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 564
x-amz-cf-id: FjwBKQKcdfVKvFf9w4Sq2CKSVZ6oPMKO4dpFFebaWPtHaR1q2zttWw==

GET
H/1.1 200
OK img_site-logo_pc.png
sib.jibunbank.co.jp/images/img/ 2 KB
2 KB 216ms
178ms Image
image/png 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sib.jibunbank.co.jp/images/img/img_site-logo_pc.png?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "86a-5b6a78bda8001"
X-FRAME-OPTIONS: DENY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2154

GET
H/1.1 200
OK img_site-logo_sp.png
sib.jibunbank.co.jp/images/img/ 2 KB
2 KB 19ms
19ms Image
image/png 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sib.jibunbank.co.jp/images/img/img_site-logo_sp.png?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "725-5b6a78bda87cb"
X-FRAME-OPTIONS: DENY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1829

GET
H/1.1 200
OK before_auth.css
sib.jibunbank.co.jp/css/ 447 B
714 B 17ms
17ms Stylesheet
text/css 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/css/before_auth.css?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "1bf-5b6a78bd4175d"
X-FRAME-OPTIONS: DENY
Content-Type: text/css
X-N: S
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 447

GET
H/1.1 200
OK question.svg
sib.jibunbank.co.jp/images/icon/16x16/ 717 B
981 B 16ms
15ms Image
image/svg+xml 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sib.jibunbank.co.jp/images/icon/16x16/question.svg?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "2cd-5b6a78bd5ec1d"
X-FRAME-OPTIONS: DENY
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 717

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 8 KB
8 KB 211ms
69ms Script
text/javascript 13.251.181.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.251.181.147 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
last-modified: Tue, 04 Jun 2024 20:13:25 GMT
Server: nginx
etag: "1e3d-61a16150c6340"
Content-Type: text/javascript
x-envoy-upstream-service-time: 1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7741
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK p_img04.png
www.jibunbank.co.jp/bs_banner/ 21 KB
21 KB 29ms
4ms Image
image/png 184.26.218.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jibunbank.co.jp/bs_banner/p_img04.png

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.26.218.115 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-26-218-115.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

436f5fd01b87b021f1dea366566da470d0c4398050592ba2b00c66513ed8ed92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ai-translate.com;
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' ai-translate.com;
Date: Fri, 07 Jun 2024 21:20:16 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=600
Last-Modified: Mon, 03 Jun 2024 10:40:06 GMT
Server: Apache
ETag: "28c15b-5288-619f9f4dded80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21128

GET
H/1.1 200
OK p_img05.png
www.jibunbank.co.jp/bs_banner/ 16 KB
16 KB 2ms
2ms Image
image/png 184.26.218.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jibunbank.co.jp/bs_banner/p_img05.png

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.26.218.115 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-26-218-115.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

543ab792369cfc31207e44598c95badbb85e68752009b647f4e08a3121b227d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ai-translate.com;
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' ai-translate.com;
Date: Fri, 07 Jun 2024 21:20:16 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=600
Last-Modified: Mon, 03 Jun 2024 10:40:06 GMT
Server: Apache
ETag: "2481f7-3ef0-619f9f4dded80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16112

GET
H/1.1 200
OK p_img06.png
www.jibunbank.co.jp/bs_banner/ 17 KB
17 KB 6ms
6ms Image
image/png 184.26.218.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jibunbank.co.jp/bs_banner/p_img06.png

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.26.218.115 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-26-218-115.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4ee5949392f439d6fa7dbc590d5b4c066e3b7224c30e4936a5f7bc696fa160d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ai-translate.com;
Strict-Transport-Security	max-age=600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' ai-translate.com;
Date: Fri, 07 Jun 2024 21:20:16 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=600
Last-Modified: Mon, 03 Jun 2024 10:40:06 GMT
Server: Apache
ETag: "236863-4282-619f9f4dded80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17026

GET
H/1.1 200
OK pc_cachcard_back.gif
sib.jibunbank.co.jp/images/icon/other/ 76 KB
77 KB 17ms
17ms Image
image/gif 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sib.jibunbank.co.jp/images/icon/other/pc_cachcard_back.gif?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "13183-5b6a78bda58ef"
X-FRAME-OPTIONS: DENY
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78211

GET
H/1.1 200
OK fraudalert_form.js Show response
sib.jibunbank.co.jp/js/ 950 B
1 KB 16ms
16ms Script
application/javascript 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/js/fraudalert_form.js?2024060804

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:16 GMT
Last-Modified: Sat, 11 Nov 2023 16:43:24 GMT
Server: Apache
ETag: "3b6-609e322af3e0e"
X-FRAME-OPTIONS: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 950

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 122ms
64ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-709179453

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bf819a265baa5f631bbceec41c94baea23383751a9d20b0d204dfb10d9a1c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86012
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
81 KB 111ms
53ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-723623815

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

245c5ce05d63cf9f1a3342ee3cde30366752ba5dc63e65732641ee46226c5721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83101
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:16 GMT

GET
H2 200 edge.js Show response
cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/ 85 KB
18 KB 50ms
1ms Script
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4261fecbdca755ec080fb25e98f26f2ca3afda2c057490d5fc1c39d98d4ab5b8

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: DiUgbByLLq_ttNtdekmp_qstOrh.kY.N
content-encoding: br
via: 1.1 varnish
date: Fri, 07 Jun 2024 21:20:16 GMT
x-amz-request-id: YN4YERT2GXCQVK7G
age: 41
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 18084
x-amz-id-2: 8gNndWSUdc4jyP5E3noDoUPHhfiDY++SdgxPw6pkr8OHLZPU3I8HuGXNSXeWuum0ZeK1Axef9rM=
x-served-by: cache-tyo11937-TYO
last-modified: Tue, 04 Jun 2024 00:16:21 GMT
server: AmazonS3
x-timer: S1717795217.756404,VS0,VE0
etag: "db5be99a4dd2d62b77c7582fdd09e77e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10,s-maxage=60
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 jquery-3.7.1.js Show response
code.jquery.com/ 279 KB
82 KB 20ms
2ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe

Request headers

Referer: https://cf96820.tw1.ru/
Origin: https://cf96820.tw1.ru
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 15173061
x-cache: HIT, HIT
content-length: 83619
x-served-by: cache-lga21929-LGA, cache-tyo11929-TYO
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1717795217.724665,VS0,VE0
etag: W/"28feccc0-45a82"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2297, 3848

GET
H2 200 pe
i.smartnews-ads.com/ 0
611 B 17ms
3ms Image
text/plain 52.196.189.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/pe?b=%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22SmartnewsAds%20does%20not%20defined.%22%2C%22stack%22%3A%22Error%3A%20SmartnewsAds%20does%20not%20defined.%5Cn%20%20%20%20at%20https%3A%2F%2Fcdn.smartnews-ads.com%2Fi%2Fpixel.js%3A1%3A4762%5Cn%20%20%20%20at%20https%3A%2F%2Fcdn.smartnews-ads.com%2Fi%2Fpixel.js%3A1%3A4960%5Cn%20%20%20%20at%20https%3A%2F%2Fcdn.smartnews-ads.com%2Fi%2Fpixel.js%3A1%3A4978%22%2C%22url%22%3A%22https%3A%2F%2Fcf96820.tw1.ru%2F%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Linux%3B%20Android%2010%3B%20K)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Mobile%20Safari%2F537.36%22%7D
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.189.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-189-61.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:16 GMT
content-length: 0

GET
H2 200 trigger-attribution
fledge.dynalyst.jp/ 2 B
707 B 7ms
7ms Other
text/plain 2600:9000:26a7:8e00:2:a84d:5700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fledge.dynalyst.jp/trigger-attribution?adv_id=3383
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a7:8e00:2:a84d:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"2"}],"aggregatable_trigger_data":[{"key_piece":"0x50000000000000000000000000000000","source_keys":["purchase_count_for_test"]}],"aggregatable_values":{"purchase_count_for_test":2700},"aggregatable_deduplication_keys":[{"deduplication_key":"3383"}],"debug_key":"15054409352320009467","filters":{"advertiser_ids":["3383"]}}
via: 1.1 c383634e01fa17a4ab3a0d27cbdf5f0c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT20-P2
x-cache: Miss from cloudfront
content-type: text/plain; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
content-length: 2
x-amz-cf-id: Dl06TStFXW9QnCNUKoAJYaDhS17tBc4sAXZk9a_gmkV44flVj9wlUw==

GET
H2 200 f.js Show response
static.fraud-alert.net/ 56 KB
20 KB 26ms
2ms Script
application/javascript 2600:9000:26a7:6400:10:3572:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fraud-alert.net/f.js
Requested by: Host: sib.jibunbank.co.jp
URL: https://sib.jibunbank.co.jp/js/fraudalert_form.js?2024060804
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a7:6400:10:3572:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 19:01:02 GMT
content-encoding: gzip
via: 1.1 0351cfe7ed552069eb05c4ac51dbf9cc.cloudfront.net (CloudFront)
last-modified: Sun, 22 Oct 2023 12:05:34 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P2
age: 8356
x-amz-server-side-encryption: AES256
etag: W/"f98f7793266711a8689fe211e9d65b52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yinBpsOk2gXWqpSPUkUurY_0qrEu20igl64e5ey8sFtKGen_ab2ghw==

GET
H2 200 tag.js Show response
s.yjtag.jp/ 43 KB
14 KB 29ms
3ms Script
application/javascript 2600:9000:2352:a000:8:dcbf:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yjtag.jp/tag.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2352:a000:8:dcbf:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7398b866493b0b2db87edfd1c11abb5d29687fab805c59ae427fc8e3714f520

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: AYP__hvbqkf5dPE0F3Ao.4CvkXcwg3MX
content-encoding: gzip
via: 1.1 5cf2560f7c8afa4de402da0380c23964.cloudfront.net (CloudFront)
date: Fri, 07 Jun 2024 20:19:13 GMT
last-modified: Thu, 16 Mar 2023 06:19:07 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P4
age: 3665
etag: W/"a41306fdba90953fd540045823303db5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Xms5kNLeCNbKO5uPcSxPNYpgJOKdg2rLXU2-GRVuEVd1_tL7_M6CEQ==

GET
H3 200 /
www.google.com/pagead/1p-user-list/460162144/ 42 B
64 B 84ms
42ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/460162144/?random=1717789131970&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLlNUUnTzMG9gvfgTnko_Lh6eKIeIymA&random=3732726662&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/460162144/ 42 B
64 B 107ms
63ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/460162144/?random=1717789131970&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLlNUUnTzMG9gvfgTnko_Lh6eKIeIymA&random=3732726662&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/709179453/ 42 B
64 B 88ms
46ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709179453/?random=1717789132022&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLb1imWJide-NzO5IkvSn6nKcoijqPnw&random=1444823103&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/709179453/ 42 B
64 B 86ms
41ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/709179453/?random=1717789132022&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLb1imWJide-NzO5IkvSn6nKcoijqPnw&random=1444823103&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/721159065/ 42 B
64 B 92ms
50ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721159065/?random=1717789132073&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLX994kyrsO1jHkS1N3j1tHE7ayB9nOA&random=3558977178&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721159065/ 42 B
64 B 86ms
42ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721159065/?random=1717789132073&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLX994kyrsO1jHkS1N3j1tHE7ayB9nOA&random=3558977178&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/721159065/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1...
https://www.google.com/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=...
https://www.google.co.jp/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_...

42 B
64 B

45ms
45ms

Image
image/gif

142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv&is_vtc=1&cid=CAQSKQDaQooLYe2qBHxfKcue3bmn0_3cVY-QYfYscimOXbOnQvtpmoxA3NDX&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2Pd8juTEFUmEw-dln93q4QITjbYxv4cRh4A&random=4153409732&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.jp/pagead/1p-conversion/721159065/?random=673058264&cv=11&fst=1717789132076&bg=ffffff&guid=ON&async=1&gtm=45be4650z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&label=PTZ1CMeM7eUYEJmH8NcC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&value=0&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXIsIGV2ZW50LXNvdXJjZTtuYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI_JnO7bXKhgMVuMgWBR31bzHfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vY2Y5NjgyMC50dzEucnUv&is_vtc=1&cid=CAQSKQDaQooLYe2qBHxfKcue3bmn0_3cVY-QYfYscimOXbOnQvtpmoxA3NDX&eitems=ChAI8N-KswYQrqO3xMfHuug-Eh0A7AT2Pd8juTEFUmEw-dln93q4QITjbYxv4cRh4A&random=4153409732&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/856479406/ 42 B
64 B 90ms
50ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/856479406/?random=1717789132086&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLy8MdMnbHiN2KGxkyADJCyiAOSOeTqa8knXSh1PRSGgiEdBxW&random=1685819686&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/856479406/ 42 B
64 B 88ms
45ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/856479406/?random=1717789132086&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLy8MdMnbHiN2KGxkyADJCyiAOSOeTqa8knXSh1PRSGgiEdBxW&random=1685819686&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/709179453/ 42 B
64 B 66ms
43ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709179453/?random=1717789132689&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLn5vLZZHOn0vIp-97u3B6HmKX_BOd1oLfiTRWYw7mtdvtfaXK&random=1411605253&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/709179453/ 42 B
64 B 67ms
45ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/709179453/?random=1717789132689&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLn5vLZZHOn0vIp-97u3B6HmKX_BOd1oLfiTRWYw7mtdvtfaXK&random=1411605253&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/723623815/ 42 B
64 B 44ms
43ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/723623815/?random=1717789132701&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLqb0DsuBaChTdxoi1CwEsGdgU8dvZ5BMpbnZBuO5D_d06C1jc&random=3692486032&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/723623815/ 42 B
64 B 42ms
41ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/723623815/?random=1717789132701&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLqb0DsuBaChTdxoi1CwEsGdgU8dvZ5BMpbnZBuO5D_d06C1jc&random=3692486032&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/709209482/ 42 B
64 B 44ms
43ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709209482/?random=1717789132916&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLpKjYMNKyWYdm6-M_DweGlMrMdYXqNxVBNMxUvymMp_o8m_Y9&random=2745528287&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/709209482/ 42 B
64 B 48ms
45ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/709209482/?random=1717789132916&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLpKjYMNKyWYdm6-M_DweGlMrMdYXqNxVBNMxUvymMp_o8m_Y9&random=2745528287&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/942787950/ 42 B
64 B 43ms
40ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/942787950/?random=1717789132928&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL6d7KWQFwopMR8es0glL22mTMDjYD1Q1IxxyW5Zwtlvq0TR8p&random=4190137259&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/942787950/ 42 B
64 B 45ms
43ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/942787950/?random=1717789132928&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL6d7KWQFwopMR8es0glL22mTMDjYD1Q1IxxyW5Zwtlvq0TR8p&random=4190137259&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/612303449/ 42 B
64 B 46ms
44ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/612303449/?random=1717789132939&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL6GwWzdl5s0t7iBhlazuFwC7C_sE-agO9e4KEGazmFZiu3KN9&random=2751125883&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/612303449/ 42 B
64 B 46ms
44ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/612303449/?random=1717789132939&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL6GwWzdl5s0t7iBhlazuFwC7C_sE-agO9e4KEGazmFZiu3KN9&random=2751125883&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/721159065/ 42 B
64 B 44ms
41ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721159065/?random=1717789132951&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLrDbt1F3ve4lEHmfDAOW5oxLV5TFt267gpunm0c7fgimTPH0V&random=647204921&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721159065/ 42 B
64 B 47ms
45ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721159065/?random=1717789132951&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLrDbt1F3ve4lEHmfDAOW5oxLV5TFt267gpunm0c7fgimTPH0V&random=647204921&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/721477044/ 42 B
64 B 49ms
47ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721477044/?random=1717789132962&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLhIgqqqVDIBg4JdZSjh45dhdBLwWLaTh0y2f5jA23GfqhIC2W&random=467941163&rmt_tld=0&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721477044/ 42 B
64 B 45ms
43ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721477044/?random=1717789132962&cv=11&fst=1717786800000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200zb812496802&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=2560&u_h=1440&url=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Floginstart%3Fcid%3D&ref=https%3A%2F%2Fib.jibunbank.co.jp%2Fsecurity%2Fap%2Floginlogout%2Flogin%2Fdirectlogin%3Fcid%3D&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&auid=1683253146.1717444973&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.142%7CChromium%3B125.0.6422.142%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLhIgqqqVDIBg4JdZSjh45dhdBLwWLaTh0y2f5jA23GfqhIC2W&random=467941163&rmt_tld=1&ipr=y

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK NotoSansCJKjp-RegularSubset.woff
sib.jibunbank.co.jp/fonts/ 397 KB
397 KB 35ms
30ms Font
application/font-woff 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/fonts/NotoSansCJKjp-RegularSubset.woff

Requested by

Host: sib.jibunbank.co.jp
URL: https://sib.jibunbank.co.jp/css/style.css?2024060804

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://sib.jibunbank.co.jp/css/style.css?2024060804
Origin: https://cf96820.tw1.ru
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "63348-5b6a78bd53c52"
X-FRAME-OPTIONS: DENY
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 406344

GET
H/1.1 200
OK arrow_gray.svg
sib.jibunbank.co.jp/images/icon/16x16/ 539 B
803 B 18ms
18ms Image
image/svg+xml 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sib.jibunbank.co.jp/images/icon/16x16/arrow_gray.svg

Requested by

Host: sib.jibunbank.co.jp
URL: https://sib.jibunbank.co.jp/css/style.css?2024060804

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://sib.jibunbank.co.jp/css/style.css?2024060804
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "21b-5b6a78bd5962b"
X-FRAME-OPTIONS: DENY
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 539

GET
H/1.1 200
OK NotoSansCJKjp-MediumSubset.woff
sib.jibunbank.co.jp/fonts/ 397 KB
398 KB 32ms
28ms Font
application/font-woff 23.62.20.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sib.jibunbank.co.jp/fonts/NotoSansCJKjp-MediumSubset.woff

Requested by

Host: sib.jibunbank.co.jp
URL: https://sib.jibunbank.co.jp/css/style.css?2024060804

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.62.20.91 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-20-91.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://sib.jibunbank.co.jp/css/style.css?2024060804
Origin: https://cf96820.tw1.ru
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified: Thu, 17 Dec 2020 11:46:45 GMT
Server: Apache
ETag: "63594-5b6a78bd52cc5"
X-FRAME-OPTIONS: DENY
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 406932

GET
H2 200 index.js Show response
cdn-edge.karte.io/__edge_plugins/context_event/ 105 KB
28 KB 7ms
1ms Script
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-edge.karte.io/__edge_plugins/context_event/index.js
Requested by: Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f2cb37f40592d6d97db3379180c2bcb6883f0b4681424f7615503ff83b4301e

Request headers

Referer
Origin: https://cf96820.tw1.ru
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: 3g9bso4_anbYuWW1vsI0X2pJMBupE3QZ
content-encoding: br
via: 1.1 varnish
date: Fri, 07 Jun 2024 21:20:17 GMT
x-amz-request-id: 3V1P7Y0KWS6NHQ1Y
age: 27
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 28785
x-amz-id-2: FIUi7KnLRbkx1dHdCvG4gPkAaKLw1iie8YrQioJVe+1XOj1UMNHJBadTPjck4M6wfBIWU1hRCIE=
x-served-by: cache-tyo11957-TYO
last-modified: Wed, 24 Apr 2024 07:30:42 GMT
server: AmazonS3
x-timer: S1717795217.116565,VS0,VE0
etag: "e5e14af2425841618dc788aa753a5263"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10,s-maxage=60,stale-while-revalidate=10
accept-ranges: bytes
x-cache-hits: 201

GET
H2 200 index.js Show response
cdn-edge.karte.io/__edge_plugins/blitz_action_runner/ 12 KB
5 KB 6ms
1ms Script
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-edge.karte.io/__edge_plugins/blitz_action_runner/index.js
Requested by: Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02b309865012d2dbe5cf51d3eae8cd2cbfeb4d6b2a9b41b146fd7d809fa3ba8

Request headers

Referer
Origin: https://cf96820.tw1.ru
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: lnzJF5ndf4ikI43T7hxBys7JxIkxSvvC
content-encoding: br
via: 1.1 varnish
date: Fri, 07 Jun 2024 21:20:17 GMT
x-amz-request-id: 5ZAN7FBH8VTBXX39
age: 26
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 4737
x-amz-id-2: +VTypUcQtd9Lb0mJZvom4IvF+hD4J0h6rYUifTKW11lAd/2IKBWoAlg+V7YAsYmHICwohTWw5F4=
x-served-by: cache-tyo11957-TYO
last-modified: Thu, 25 Apr 2024 03:39:39 GMT
server: AmazonS3
x-timer: S1717795217.116556,VS0,VE0
etag: "8de35811fb874ea5ecc9d6220cbc5cdb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10,s-maxage=60,stale-while-revalidate=10
accept-ranges: bytes
x-cache-hits: 197

GET
H2 200 action.js Show response
cdn-issues.karte.io/actionjs/ 36 KB
13 KB 16ms
1ms Script
text/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-issues.karte.io/actionjs/action.js
Requested by: Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 226db5b095d2f37d4783213e9286dc25ce181d3ecf26e94aa660b61f91acfd84

Request headers

Referer
Origin: https://cf96820.tw1.ru
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 varnish
date: Fri, 07 Jun 2024 21:20:17 GMT
x-amz-request-id: KFNEDY1QF29CRR6E
age: 10
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 12882
x-amz-id-2: J759L/s5PrK94zEjJE/gnIVxin/JF5D/X+HmX0aHhd+0KiPvDm+ouFfIFyTPPvkrJ5JBwatRPq0=
x-served-by: cache-tyo11957-TYO
last-modified: Thu, 06 Jun 2024 12:40:11 GMT
server: AmazonS3
etag: "0ad11ab396414b0179014c8a6a4b717c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
x-cache-hits: 11

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 17ms
3ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6&b_u=https%3A%2F%2Fcf96820.tw1.ru%2F&b_d=cf96820.tw1.ru&b_p=%2F&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=abc7e14b-e97c-4e6b-bf23-f49c61bb0e21&s_id=97360f70-68340ca4&x4=100&e=pv&v=3.4.1&_t=1717795217119
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 12ms
3ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6&b_u=https%3A%2F%2Fcf96820.tw1.ru%2F&b_d=cf96820.tw1.ru&b_p=%2F&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=33fcba51-9216-4b10-a9a7-4647b79bdecf&s_id=97360f70-68340ca4&x4=400&e=pv&v=3.4.1&_t=1717795217135
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 event Show response
b.karte.io/ 3 KB
2 KB 103ms
95ms Fetch
application/json 34.102.157.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.karte.io/event
Requested by: Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.157.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.157.102.34.bc.googleusercontent.com
Software: /
Resource Hash: a72d47b6f647b40a3135830e71d732c2b0a7e7c3a43d022fa9e454e7866dbe5c

Request headers

Accept: application/json
Referer: https://cf96820.tw1.ru/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1478

GET
H2 200 p
i.smartnews-ads.com/ 2 B
499 B 9ms
9ms Image
text/plain 52.196.189.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/p?id=d650045319e0726eca67e9c1&t=1717795217&url=https%3A%2F%2Fcf96820.tw1.ru%2F&referrer=&e=PageView&v=1.0.0&exid=4b680d05-278b-4a73-a231-ff8fabfcaf9f
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.189.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-189-61.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK smallest.png
i6.smartnews-ads.com/ 95 B
474 B 11ms
2ms Image
image/png 2600:140b:a00:29a::322
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i6.smartnews-ads.com/smallest.png?id=d650045319e0726eca67e9c1&t=1717795217&url=https%3A%2F%2Fcf96820.tw1.ru%2F&referrer=&e=PageView&v=1.0.0&exid=4b680d05-278b-4a73-a231-ff8fabfcaf9f
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a00:29a::322 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified: Wed, 09 Feb 2022 07:40:21 GMT
Server: AmazonS3
x-amz-request-id: HRGZGFDXS2H30R38
ETag: "71a50dbba44c78128b221b7df7bb51f1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95
x-amz-id-2: XAwmtoP8iYXhsZqir7s6tBjT0El+bap64Ie70CTeYcui9vZZI7NeKp+X0APUiJHQ9pnrs0kcBYU=

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 155 B
560 B 69ms
69ms Image
image/png 13.251.181.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=BDWjGLpY&referer=cf96820.tw1.ru&format=png&lang=ja&seal_number=18&seal_size=s&an=min

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.251.181.147 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
last-modified: Fri, 07 Jun 2024 20:35:42 GMT
Server: nginx
Content-Type: image/png
cache-control: max-age=7776000
x-envoy-upstream-service-time: 34
Connection: keep-alive
Content-Length: 155
X-XSS-Protection: 1; mode=block
expires: Thu, 05 Sep 2024 20:35:43 GMT

GET
H2 200 tag Show response
yjtag.yahoo.co.jp/ 9 KB
3 KB 16ms
4ms Script
text/javascript 54.249.167.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://yjtag.yahoo.co.jp/tag?site=e2L7WxO%2CZ7ftF8X%2CFJReueG&referrer=https%3A%2F%2Fcf96820.tw1.ru%2F&H=26h37ao

Requested by

Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.249.167.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-249-167-126.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

023c102bcec6505b6048e359ff5c7cc3d824065be74de48884b2996d0baf5f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
x-bt-requestid: bcadd550-2513-11ef-a377-0000ac1c458e
x-content-type-options: nosniff
content-encoding: gzip
etag: 5a048a9c662b864294201f24b1142993
vary: accept-encoding
content-type: text/javascript
cache-control: private, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 accept Show response
p.fraud-alert.net/ 31 B
514 B 35ms
12ms XHR
text/plain 3.164.110.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.fraud-alert.net/accept
Requested by: Host: static.fraud-alert.net
URL: https://static.fraud-alert.net/f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.164.110.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-164-110-92.nrt12.r.cloudfront.net
Software: /
Resource Hash: fcb92256c3e56256b54cc042e811cdb92728020e595c0fa3bf733f56cd53b531

Request headers

Referer: https://cf96820.tw1.ru/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
via: 1.1 36cf18acfba4fa4f3949b71621f2b1e8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-P2
x-cache: Miss from cloudfront
access-control-allow-origin: https://cf96820.tw1.ru
access-control-allow-credentials: true
content-length: 31
x-amz-cf-id: 2ZSpokbc7QXaydNpaSiWIvQpZrzu7kQxn64SvK0Wh9SSuaquRVS8tg==

GET
H2 200 settings.json Show response
cdn-issues.karte.io/79189f281f13ea9187560e2ed5ed02b2/ 82 KB
8 KB 2ms
2ms Fetch
application/json 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-issues.karte.io/79189f281f13ea9187560e2ed5ed02b2/settings.json
Requested by: Host: cdn-issues.karte.io
URL: https://cdn-issues.karte.io/actionjs/action.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2159d7d822ac14048df7c20ec5d420cd82e9d8822f1e540bf37272a24ea5545b

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 varnish
date: Fri, 07 Jun 2024 21:20:17 GMT
x-amz-request-id: THKE90Y830S9JG8G
age: 3
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 7745
x-amz-id-2: W+gwQyGye+PWvLYqKjTPQjQt/JbXmLxXp8jDu7DO8k1LNTY4Oq79Pc9vWwan+Bt3LxFCtKi9pWw=
x-served-by: cache-tyo11957-TYO
last-modified: Fri, 07 Jun 2024 08:44:25 GMT
server: AmazonS3
etag: "fc3630796ab2c796d61e52cae8d11037"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 index.js Show response
bs.karte.io/action/__script-action/latest/ 9 KB
4 KB 44ms
1ms Script
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.karte.io/action/__script-action/latest/index.js
Requested by: Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/__edge_plugins/blitz_action_runner/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: effe56951344e9aaf32191bbb963c207d43f16fa85cf4e70b7b280e8b8d5b504

Request headers

Referer: https://cdn-edge.karte.io/
Origin: https://cf96820.tw1.ru
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
via: 1.1 varnish
x-amz-request-id: ZYQJBEGGZ7V1D40F
age: 57
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3946
x-amz-id-2: 3VrmXAt+x2NMN+IdP36ngiFqEJf5VwKEH1ZsdvP3ZYMiAGhg5Nujc1/R9gBu9KjFmgH6lBp6+NNocoreUFo61A==
x-served-by: cache-tyo11957-TYO
last-modified: Mon, 08 May 2023 04:36:17 GMT
server: AmazonS3
etag: "73633fac02a5c2ddfee8d86154395d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=10,s-maxage=60,stale-while-revalidate=30
accept-ranges: bytes
x-cache-hits: 9819455

GET
H/1.1 200
OK usergram.js Show response
code.usergram.info/js/ 50 KB
16 KB 23ms
9ms Script
text/javascript 57.180.94.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.usergram.info/js/usergram.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 57.180.94.75 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-57-180-94-75.ap-northeast-1.compute.amazonaws.com
Software: Ug /
Resource Hash: d9c7daa07005267eb35152ef01ce3f08e29700db629abda4e96b52fcdbad31a6

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 May 2024 00:00:00 GMT
Server: Ug
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16383

GET
H2 200 adme_tk.neo Show response
tk.csolution.jp/ 1 KB
2 KB 34ms
15ms Script
binary/octet-stream 13.225.183.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk.csolution.jp/adme_tk.neo
Requested by: Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.183.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-183-52.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:18 GMT
via: 1.1 6ac16f976c05437e94521db1631451d8.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jan 2020 06:27:43 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C4
etag: "01b42b52842905b667f426f1145dfab9"
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 1231
x-amz-cf-id: o7l26_ONJ2tU0vSMrscdnujT0wgO7hlO8bxaI0libZkDBPiM2-hmzQ==

GET 9pbn9i0a81.js
adcdn.goo.ne.jp/images/pix/ 0
0

GET
H2 200 pb_pixel2.js Show response
cd.valis-cpx.jp/script/ 7 KB
3 KB 16ms
2ms Script
text/javascript 3.165.39.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.valis-cpx.jp/script/pb_pixel2.js
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.39.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-39-26.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 628052ff7b7c472dc233bbbf997dc6daf9f61655d5a57d7dbfb7ac5ce826f83e

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Wed, 05 Jun 2024 08:58:20 GMT
content-encoding: gzip
via: 1.1 27103d7e96cd7686e426419dcdf43292.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 08:42:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P5
age: 217318
etag: "53896112a3e93cca75c18d1ed6007bc9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
content-length: 2608
x-amz-cf-id: DnKOkqWLSh3aO30dk9sG0XT1Wt1x5-lMQ9d-53RDqYH6TsNWokSY6Q==

GET
H2

204

tags
asia.creativecdn.com/ Frame C1E8
Redirect Chain

https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284
https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1

0
0

80ms
79ms

Document
text/plain

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1
Requested by: Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 07 Jun 2024 21:20:17 GMT Fri, 07 Jun 2024 21:20:17 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location: https://asia.creativecdn.com/tags?type=iframe&id=pr_hxYam9TowYWyYdrw8cSX&id=pr_hxYam9TowYWyYdrw8cSX_lid_T8tV75SEM8kDHMBPQx8A&su=https%3A%2F%2Fcf96820.tw1.ru%2F&sr=&ts=1717795217284&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
vary: Origin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 50ms
49ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721484514

Requested by

Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63462dc90c8be8e1f61c3ee7188facba5e4e2318f8adbda5bc8b993fe6ce1ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85965
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 15ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cf96820.tw1.ru
URL: https://cf96820.tw1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 21:20:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1368, tbw=2796, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 8UypzclRK0l0/oNH4tO+kEZhZk9OrZ6h7w3jJvTufqFlxN5gOS1vLnTR6JqUOLIcjITWtek5ayNgW1Nh1XYhhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 54ms
52ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721521220

Requested by

Host: s.yjtag.jp
URL: https://s.yjtag.jp/tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04f23277586478cbb986f3b6c22df02c83b00d596401dcc95528888b10050b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85948
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 21:20:17 GMT

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 5ms
3ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6&b_u=https%3A%2F%2Fcf96820.tw1.ru%2F&b_d=cf96820.tw1.ru&b_p=%2F&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=0e9bcef0-dbe0-47cb-96a1-63e0c2cefa09&s_id=97360f70-68340ca4&x4=400&e=pv&v=3.4.1&_t=1717795217288
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 5ms
3ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6&b_u=https%3A%2F%2Fcf96820.tw1.ru%2F&b_d=cf96820.tw1.ru&b_p=%2F&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=0e9bcef0-dbe0-47cb-96a1-63e0c2cefa09&s_id=97360f70-68340ca4&x4=400&e=pv&v=3.4.1&_t=1717795217292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001088130/ 42 B
742 B 90ms
66ms Image
image/gif 183.79.255.12
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001088130/?random=1717795217293&cv=9&fst=1717795217293&num=1&fmt=3&guid=ON&disvt=false&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcf96820.tw1.ru%2F&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.12 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Date: Fri, 07 Jun 2024 21:20:17 GMT
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 0
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 42
X-XSS-Protection: 0
Pragma: no-cache
Server: cafe
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin: *
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
am.yahoo.co.jp/rt/ 0
0 22ms
19ms Fetch
text/javascript 183.79.248.252
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://am.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=&ref=https%3A%2F%2Fcf96820.tw1.ru%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1717795218.274354&pvid=k998214vivmlx56x4ll&su=be278ea2-1dd5-4715-8b94-b981e35de328&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.248.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 1;mode=block
pragma: no-cache
server: nghttpx
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
vary: Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://cf96820.tw1.ru
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel Show response
px.ladsp.com/
Redirect Chain

https://px.ladsp.com/pixel?advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsI...
https://px.ladsp.com/pixel?cr=true&advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9yb...

1 KB
1 KB

3ms
3ms

Script
text/javascript

35.78.35.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ladsp.com/pixel?cr=true&advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol: H2
Server: 35.78.35.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-35-33.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 88bd4523beed41e732cca76652a5ab7d0a223dc324195f264c3caf00a215e1fe

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
cache-control: private, no-store, no-cache, must-revalidate
content-encoding: gzip
vary: accept-encoding
content-type: text/javascript;charset=utf-8

Redirect headers

location: https://px.ladsp.com/pixel?cr=true&advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
cache-control: private, no-store, no-cache, must-revalidate
content-length: 0
expires: -1

GET
H2 200 config.js Show response
config-code.usergram.info/UgbXwE-1/ 50 B
454 B 21ms
3ms Script
application/javascript 3.164.110.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config-code.usergram.info/UgbXwE-1/config.js
Requested by: Host: code.usergram.info
URL: https://code.usergram.info/js/usergram.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.164.110.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-164-110-129.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87fc9597a23facc94ead8fe7e978d5d088c7dc7e050805c7cfa0dae8babe4539

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-amz-version-id: in6t.obzfq.fuVZGI44MI_HfqR4m5uDb
date: Fri, 07 Jun 2024 21:09:20 GMT
via: 1.1 c3a2a3a54087ab055a943dd98dfac028.cloudfront.net (CloudFront)
last-modified: Mon, 16 Aug 2021 06:48:57 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P2
age: 658
etag: "1ab647f567a02d4eb012034015e6305f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 50
x-amz-cf-id: 8zCZFnz1UO_ggvyU8_pswXeLtXTC50VRpgpsR3eRk5YTdwpvqv9uAw==

GET
H2 200 2401863046519079 Show response
connect.facebook.net/signals/config/ 58 KB
13 KB 4ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2401863046519079?v=2.9.157&r=stable&domain=cf96820.tw1.ru&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65445eb8b3492446d2a99437da030393e716d2d67b4e63a8dfe08334485202ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 21:20:17 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12709
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=61, mss=1368, tbw=63502, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: W3auTKiL9ZV3uCfeYgb4s7AUIy4JzRG6CkcqAVViW5eKl3U/qc7MhuooHW/X90yvoPfpVLN3Gkum3+YumbIKXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tracker.jquery.js Show response
static.karte.io/libs/ 83 KB
31 KB 60ms
3ms XHR
text/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.karte.io/libs/tracker.jquery.js
Requested by: Host: bs.karte.io
URL: https://bs.karte.io/action/__script-action/latest/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cadf3c3a9253b0d06232619dc20082d865a3824667154df1429cd9bca7388ab

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
via: 1.1 varnish
x-amz-request-id: ZZJNCSZAJAHQBX7J
age: 299
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 31376
x-amz-id-2: Tlr6vGG0vQ1M9kWIbs5JL5DTQUN4Q6/qpmQwZInLgTRiB9+7Xznp25DXQpDIsU0CO5VSM1pIQBQ=
x-served-by: cache-tyo11957-TYO
last-modified: Thu, 31 Aug 2023 04:06:05 GMT
server: AmazonS3
etag: "fd493063335f8b0d8aaa8754ad1cc2a9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 340

GET
H2 200 tracker.lodash.js Show response
static.karte.io/libs/ 50 KB
20 KB 58ms
1ms XHR
text/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.karte.io/libs/tracker.lodash.js
Requested by: Host: bs.karte.io
URL: https://bs.karte.io/action/__script-action/latest/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88b0fc3f9d2f307411b1a42d7d8e97f1b68325d0f5f4d1185910fb55f2af9f3a

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
via: 1.1 varnish
x-amz-request-id: ZZJJX88TV2PWDW69
age: 118
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 19837
x-amz-id-2: u36b46uojPD861Q+UlgdnhKK76j6htdcO75D97U2B++5xSj8jYrbk98s7VwKDeNWVuiAX7sYnV4=
x-served-by: cache-tyo11957-TYO
last-modified: Thu, 31 Aug 2023 04:06:06 GMT
server: AmazonS3
etag: "a2da51c9eebb3e6712323e46b125cd2b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 184

GET
H2 200 tracker.moment.js Show response
static.karte.io/libs/ 34 KB
13 KB 59ms
2ms XHR
text/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.karte.io/libs/tracker.moment.js
Requested by: Host: bs.karte.io
URL: https://bs.karte.io/action/__script-action/latest/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 325365d6ab2928e0202c292dbfc66ae24e682d018df6d62d7ea60f9a32e35938

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
via: 1.1 varnish
x-amz-request-id: YHSF2G24A96DDW77
age: 221
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 13271
x-amz-id-2: MVjUMA3zFVfP+OMG8kbx70zBfzI55i8+RsTKV9+gjsEq3WRHkiHwpjvaPQsCas/U3cCR//svS3zvJARxI8ZFPg==
x-served-by: cache-tyo11957-TYO
last-modified: Thu, 31 Aug 2023 04:06:06 GMT
server: AmazonS3
etag: "bbd0cb012ec9b89c413647d8a1fd307b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 278

GET
H2 200 iframe
um.ladsp.com/match/ Frame 79D5 0
0 16ms
8ms Document
text/html 3.164.134.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1717795217331&svid=48
Requested by: Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00011736&su=2&site_url=https%3A%2F%2Fcf96820.tw1.ru%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.164.134.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-164-134-66.nrt12.r.cloudfront.net
Software: Logicad /
Resource Hash

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

cache-control: private, no-store, no-cache, must-revalidate
content-type: text/html;charset=utf-8
date: Fri, 07 Jun 2024 21:20:17 GMT
expires: -1
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 f291bc63f914cded36807605199bda20.cloudfront.net (CloudFront)
x-amz-cf-id: 4NZL6r_emOWKtOzJ4kGutNR8l9_6A4jOUFTgZ0c9-YhGPsbB_XMtww==
x-amz-cf-pop: NRT12-P3
x-cache: Miss from cloudfront

GET
H2 200 /
www.facebook.com/tr/ 0
104 B 135ms
122ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Fcf96820.tw1.ru&rl=&if=false&ts=1717795217343&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717795217339.636670925176811508&pm=1&hrl=d23a7e&ler=empty&cdl=API_unavailable&it=1717795217325&coo=false&cs_cc=1&cs_cc=1&cas=7469710046409932&cas=7469710046409932&chmd=&chpv=&chfv=undefined&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1368, tbw=3166, tp=-1, tpl=-1, uplat=120, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 21:20:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 145ms
133ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Fcf96820.tw1.ru&rl=&if=false&ts=1717795217343&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717795217339.636670925176811508&pm=1&hrl=d23a7e&ler=empty&cdl=API_unavailable&it=1717795217325&coo=false&cs_cc=1&cs_cc=1&cas=7469710046409932&cas=7469710046409932&chmd=&chpv=&chfv=undefined&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 07 Jun 2024 21:20:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1368, tbw=3314, tp=-1, tpl=-1, uplat=130, ullat=0
pragma: no-cache
x-fb-debug: rCg1j9Qs5qaWuzlrogCbRUJp3GJHSw5LflE+5Msh0DPh1h3JOlVh2my+LimecXUIpdGub3jVXu4zbEMwsTCqyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 18ms
6ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Fcf96820.tw1.ru&rl=&if=false&ts=1717795217344&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4124&fbp=fb.1.1717795217339.636670925176811508&pm=1&hrl=db3312&ler=empty&cdl=API_unavailable&it=1717795217325&coo=false&tm=1&cs_cc=1&cs_cc=1&cas=6234696556613005&cas=6234696556613005&chmd=&chpv=&chfv=undefined&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=2849, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 21:20:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
272 B 266ms
254ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Fcf96820.tw1.ru&rl=&if=false&ts=1717795217344&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4124&fbp=fb.1.1717795217339.636670925176811508&pm=1&hrl=db3312&ler=empty&cdl=API_unavailable&it=1717795217325&coo=false&tm=1&cs_cc=1&cs_cc=1&cas=6234696556613005&cas=6234696556613005&chmd=&chpv=&chfv=undefined&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 07 Jun 2024 21:20:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1368, tbw=6729, tp=-1, tpl=-1, uplat=249, ullat=0
pragma: no-cache
x-fb-debug: QnTn8y1Ec7JyXZKcWCJ+Kd4DNs59l/obhqRqrSyNgBGyMi5667fBs40TfaeqtK7XaFR94ks6hgz7A3skpHaHUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK _usergram.png
tr.usergram.info/ 68 B
356 B 22ms
5ms Image
image/png 52.69.201.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.usergram.info/_usergram.png?cid=UgbXwE-1&pid=UF37fcnQVsUiqxy0&t=pv&dr=&dl=https%3A%2F%2Fcf96820.tw1.ru%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&sr=1600x1200&nt=0&ct=1717795217348&tz=-540&wt=2080&v=js-3&_u=8vn08z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.69.201.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-201-129.ap-northeast-1.compute.amazonaws.com
Software: Ug /
Resource Hash: bf326ce018ba6b9da2227dfa98e7f87f691946687f806f808b9c9879de9feba8

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jun 2024 21:20:17 GMT
Last-Modified: Tue, 14 May 2024 01:57:10 GMT
Server: Ug
Content-Type: image/png
Cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68
Expires: -1

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 3 KB
1 KB 42ms
41ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1717795217411&cv=11&fst=1717795217411&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

121f582e6a35f723dd0f97b5395baf10bc97c4d11399aa8ab8d20324dd58538a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1409
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 3 KB
1 KB 46ms
46ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1717795217426&cv=11&fst=1717795217426&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

dec51aa91ccdc6953914f75dcb9acedd1081c2bca5082ebb455864d5dc39fb95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1410
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/ 3 KB
1 KB 46ms
46ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1717795217469&cv=11&fst=1717795217469&bg=ffffff&guid=ON&async=1&gtm=45be4650v9100464315za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ebc38c1e9c2f3394d422c03a6b6a1dee9b07da0d952b8f57aa41a273742265af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1423
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 51ms
50ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1717795217411&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLad_auu1krfw3HuNzcpAtS3bppPu2xVgmcpXL0qVGdfpdSkT1&random=1481889170&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721484514/ 42 B
64 B 43ms
41ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721484514/?random=1717795217411&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLad_auu1krfw3HuNzcpAtS3bppPu2xVgmcpXL0qVGdfpdSkT1&random=1481889170&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 51ms
51ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1717795217426&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLJgmZnznJt0Y-It1ch2ShxK2hH4lHaVUBraTC4HDJnl-m1IIi&random=662054229&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721484514/ 42 B
64 B 45ms
45ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721484514/?random=1717795217426&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLJgmZnznJt0Y-It1ch2ShxK2hH4lHaVUBraTC4HDJnl-m1IIi&random=662054229&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/721521220/ 42 B
64 B 48ms
47ms Image
image/gif 172.217.175.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721521220/?random=1717795217469&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9100464315za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLwllSaTaynxJUiNnTS0LIdwGwkVYrsh-SAMXzlTj-SG-q5Tvi&random=528564606&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721521220/ 42 B
64 B 42ms
41ms Image
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721521220/?random=1717795217469&cv=11&fst=1717794000000&bg=ffffff&guid=ON&async=1&gtm=45be4650v9100464315za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcf96820.tw1.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=438082293.1717795217&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLwllSaTaynxJUiNnTS0LIdwGwkVYrsh-SAMXzlTj-SG-q5Tvi&random=528564606&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://cf96820.tw1.ru/
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 21:20:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event Show response
b.karte.io/ 143 B
206 B 74ms
70ms Fetch
application/json 34.102.157.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.karte.io/event
Requested by: Host: cdn-edge.karte.io
URL: https://cdn-edge.karte.io/79189f281f13ea9187560e2ed5ed02b2/edge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.157.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.157.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 65ad269abbe34f1b66b135692aa740eb2cf8c9e37d81739418e483bc502029fa

Request headers

Accept: application/json
Referer: https://cf96820.tw1.ru/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Mobile Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 07 Jun 2024 21:20:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
vary: Origin
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adcdn.goo.ne.jp
URL: https://adcdn.goo.ne.jp/images/pix/9pbn9i0a81.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: au Jibun Bank (Financial)

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amoad.com/	1970-01-21 06:45:55	Name: uid Value: AY_0kt1CCE8RSUrhG_E
.adtdp.com/	1970-01-21 06:45:55	Name: uid Value: AY_0kt1BJr_30ExISH8
.adtdp.com/	1970-01-21 06:45:55	Name: dynid Value: AY_0kt1BJr_30ExISH8
.ebis.ne.jp/	1970-01-21 06:45:55	Name: TRACKING_DATA Value: 1qmhn9fp2xx.1717444974
.yahoo.co.jp/	1970-01-21 05:55:31	Name: XA Value: 4bdfuthj66ucg&sd=A&t=1717795216&u=1717795216&v=1
.yahoo.co.jp/	1970-01-21 06:45:55	Name: XB Value: bc660a72-2513-11ef-a62d-f965bc313c61&v=6&u=1717795216&s=4c
.smartnews-ads.com/	1970-01-21 06:45:55	Name: g Value: AIZGmyKQZp_i9gxGndnXb578mK0Y2cZSe7nbbLh831126Lbr97BqbawJS8dZHz4kwnVkOeSp5ULcx8wyg9RHBCA%3D
.doubleclick.net/	1970-01-21 06:45:55	Name: IDE Value: AHWqTUnZ6GJCIiblFm7ZNiNA6wnP1oOSupMEW-mRE-EK_Lzr-zgZKtq-4QgE6ru7
fledge.dynalyst.jp/	1970-01-20 21:53:07	Name: ar_debug Value: 1
.tw1.ru/	1970-01-21 06:45:55	Name: krt.vis Value: qxQNlPauJ5b8YD2
.cf96820.tw1.ru/	1970-01-21 06:45:55	Name: __lt__cid Value: d4d6af33-02a7-4980-a18c-1cc8dd5f4ca6
.cf96820.tw1.ru/	1970-01-20 21:09:57	Name: __lt__sid Value: 97360f70-68340ca4
cf96820.tw1.ru/	1970-01-21 06:45:55	Name: snexid Value: 4b680d05-278b-4a73-a231-ff8fabfcaf9f
i.smartnews-ads.com/	1970-01-20 21:20:00	Name: AWSALBTGCORS Value: AOpnEcHgxkzzhVq65xv+WVCQoFMmxkUGmPmv/OPNepV5e1vBtRMdUaT3P7RWuaHBjyQKDQGI8KN0yLs+fBJ5KKeVH3Ne7ZtjGBESYUlsD38YC7gDVPzg2lvDQlRoAP3mb5tLod11FlsrjxsSgdhZT5k7NKMHMjlKonPwLtjj9LEyubCBFeg=
cf96820.tw1.ru/	1970-01-21 06:35:50	Name: _pk_id.1077564906.9b16 Value: 2eec4c12d0a31af9.1717795217.1.1717795217.1717795217.
cf96820.tw1.ru/	1970-01-20 21:09:57	Name: _pk_ses.1077564906.9b16 Value: *
.line.me/	1970-01-21 06:45:55	Name: _ldbrbid Value: tr__k1y/XGZjeZFrE3uorKX9Ag==
.fraud-alert.net/	1970-01-21 05:55:31	Name: caulisCookie Value: 1063931530856914944
.tw1.ru/	1970-01-20 21:11:21	Name: rt_storage_writable Value: true
.tw1.ru/	1970-01-20 21:09:57	Name: rt_session_id Value: 2ea01886aad14b42905c39bee50a82c0
.tw1.ru/	1970-01-21 06:45:55	Name: rt_user_id Value: 9af10ab16fbd4260898843b01fff7a0b
.tw1.ru/	1970-01-21 05:55:31	Name: _yjsu_yjad Value: 1717795217.be278ea2-1dd5-4715-8b94-b981e35de328
.tw1.ru/	1970-01-21 06:45:55	Name: _ugpid Value: UF37fcnQVsUiqxy0.2
.ladsp.com/	1970-01-20 21:09:58	Name: cr Value: 1
.ladsp.com/	1970-01-21 06:45:55	Name: smn_uid Value: LPJz2buM43F8_XML9qJUUyDXXnliEow
.ladsp.com/	1970-01-20 21:53:07	Name: receive-cookie-deprecation Value: 1
.tw1.ru/	1970-01-20 23:19:31	Name: _fbp Value: fb.1.1717795217339.636670925176811508
.ladsp.com/	1970-01-21 06:45:55	Name: lum Value: CMS_y6T_MRIFCAEQqAESBQgZEMABEgQIDRB4EgIIDhICCCoSBQgDEPABEgIICxICCA8SAggQEgIIERICCBQSAggbEgIIHBICCB4SAgggEgIIIhICCCsSBQgKEJAN
.bidswitch.net/	1970-01-21 05:55:31	Name: tuuid Value: 1fcacc7e-02d1-4a84-924a-e16ee384113b
.bidswitch.net/	1970-01-21 05:55:31	Name: c Value: 1717795217
.bidswitch.net/	1970-01-21 05:55:31	Name: tuuid_lu Value: 1717795217
.send.microad.jp/	1970-01-20 23:19:31	Name: TR Value: 3a1c22c88ba3e6aba6ff516913cee3a191a38fe50dac8780
.ad-stir.com/	1970-01-21 05:55:31	Name: uid Value: 33278630-df66-42d3-98cf-00ee868dc2d4
.ad-stir.com/	1970-01-20 21:30:04	Name: d20 Value: AUMQshwvj6G2ks8AINdeeWISjM8AAAGP9JLfxA
.socdm.com/	1970-01-21 06:45:55	Name: SOC Value: ZmN5kcCo5uYAAF21rDgAAAAA
.adingo.jp/	1970-01-20 21:53:07	Name: logicad Value: AUMQshwvj6G2ks8AINdeeWISjM8AAAGP9JLf2A
.adn.caprofitx.com/	1970-01-21 06:45:55	Name: pfxid Value: 6617b542-495c-4663-8696-9d2f8f615ade
.adn.caprofitx.com/	1970-01-21 06:45:55	Name: pfxids_logicad Value: eyJpZCI6IkFVTVFzaHd2ajZHMmtzOEFJTmRlZVdJU2pNOEFBQUdQOUpMZjN3IiwidXBkYXRlZEF0IjoiMjAyNC0wNi0wN1QyMToyMDoxNy40MDRaIn0
.tw1.ru/	1970-01-20 23:19:31	Name: _gcl_au Value: 1.1.438082293.1717795217
.popin.cc/	1970-01-21 06:45:55	Name: piuid Value: 5197749af6494a1097a646fbcf3960ee
.popin.cc/	1970-01-20 22:36:19	Name: p_logicad Value: AUMQshwvj6G2ks8AINdeeWISjM8AAAGP9JLf5g
.as.amanad.adtdp.com/	1970-01-20 21:53:07	Name: b1029 Value: AUMQshwvj6G2ks8AINdeeWISjM8AAAGP9JLf7g
.impact-ad.jp/	1970-01-21 05:55:31	Name: tuuid Value: b7e64f58-3b2d-45a3-b223-cb605d9cbc5f
.impact-ad.jp/	1970-01-21 05:55:31	Name: c Value: 1717795217
.impact-ad.jp/	1970-01-21 05:55:31	Name: tuuid_lu Value: 1717795217
y.one.impact-ad.jp/	1970-01-21 05:55:31	Name: cmt Value: !105=1fcacc7e-02d1-4a84-924a-e16ee384113b=1=489630017=487038017
.impact-ad.jp/	1970-01-20 21:30:04	Name: psm Value: 0
.creativecdn.com/	1970-01-21 05:55:31	Name: g Value: RWfXQPAIOxwyat18X1Xd_1717795217487
.creativecdn.com/	1970-01-21 05:55:31	Name: c Value: RWfXQPAIOxwyat18X1Xd_hxYam9TowYWyYdrw8cSX_1717795217487
.creativecdn.com/	1970-01-21 05:55:31	Name: ts Value: 1717795217
.adnxs.com/	1970-01-21 06:45:55	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 05:55:31	Name: khaos Value: LX56X4ZZ-1D-KANV
.rubiconproject.com/	1970-01-21 05:55:31	Name: audit Value: 1\|quLkLAqJaOHn258dgHIH/96fbTEbSqjFBf14+EuBzkPULEzLSiMGrZ5ILooJ08eyn4Qp/QiAAocwHTRO1/p4iL+YuzCqzjSQgXr7nSTpjJ3Z6rMoVGSjxzI6m2GwvSZBptn4hYLAuUdoiGAAxAsgKNC9FXOUkL+Mr/zZYMWcvAog1u3OEw5FU9APlTu0R9RN
.rubiconproject.com/	1970-01-20 23:19:31	Name: receive-cookie-deprecation Value: 1

105 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/(Line 233) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation	verbose	URL: https://cf96820.tw1.ru/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cf96820.tw1.ru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adcdn.goo.ne.jp
am.yahoo.co.jp
asia.creativecdn.com
b.karte.io
b98.yahoo.co.jp
b99.yahoo.co.jp
bat.bing.com
bs.karte.io
cd.valis-cpx.jp
cdn-edge.karte.io
cdn-issues.karte.io
cdn.kaizenplatform.net
cdn.smartnews-ads.com
cf96820.tw1.ru
code.jquery.com
code.usergram.info
config-code.usergram.info
connect.facebook.net
d.line-scdn.net
dynalyst-mk.adtdp.com
fledge.dynalyst.jp
googleads.g.doubleclick.net
i.smartnews-ads.com
i6.smartnews-ads.com
mk.ca-conv.amoad.com
p.fraud-alert.net
px.ladsp.com
rec.ebis.ne.jp
s.yimg.jp
s.yjtag.jp
seal.digicert.com
sib.jibunbank.co.jp
static.ads-twitter.com
static.fraud-alert.net
static.karte.io
taj1.ebis.ne.jp
tk.csolution.jp
tr.line.me
tr.usergram.info
um.ladsp.com
www.facebook.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.jibunbank.co.jp
yjtag.yahoo.co.jp
adcdn.goo.ne.jp
103.132.192.30
104.71.152.232
13.225.183.52
13.251.181.147
142.250.196.131
147.92.191.92
151.101.129.91
151.101.228.157
172.217.161.66
172.217.175.68
172.217.26.226
183.79.248.252
183.79.255.12
184.26.218.115
23.32.224.34
23.62.185.138
23.62.20.91
2404:6800:400a:80e::2008
2600:140b:a00:29a::322
2600:9000:2352:a000:8:dcbf:c740:93a1
2600:9000:26a7:6400:10:3572:e540:93a1
2600:9000:26a7:8e00:2:a84d:5700:93a1
2600:9000:26f2:5000:1e:513c:d3c0:93a1
2620:1ec:c11::237
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a03:6f00:1::5c35:6079
2a04:4e42:200::649
3.114.207.150
3.164.110.129
3.164.110.92
3.164.134.66
3.165.39.26
34.102.157.207
35.78.35.33
52.194.138.20
52.196.189.61
52.69.201.129
54.249.167.126
54.65.115.213
57.180.94.75
023c102bcec6505b6048e359ff5c7cc3d824065be74de48884b2996d0baf5f66
04f23277586478cbb986f3b6c22df02c83b00d596401dcc95528888b10050b6d
0bf819a265baa5f631bbceec41c94baea23383751a9d20b0d204dfb10d9a1c41
105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8
121f582e6a35f723dd0f97b5395baf10bc97c4d11399aa8ab8d20324dd58538a
1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49
1f9db7c8179b8ee39d57d226053e582fd050177e227f3ee3cdc7232d63d8b07d
2159d7d822ac14048df7c20ec5d420cd82e9d8822f1e540bf37272a24ea5545b
217728cd2bd1c1f3ad6928ec142241336f13446f214366ce2cfde4d7cfb680a6
226db5b095d2f37d4783213e9286dc25ce181d3ecf26e94aa660b61f91acfd84
245c5ce05d63cf9f1a3342ee3cde30366752ba5dc63e65732641ee46226c5721
2af1d7b0e3dada1e08de57f2731c68a0f935ad9db19b81e584cc7a336afd2767
2b21dcaaa1c1ed769d1a4323d619d72059651be40be3c2d95ab18a37a0b2842c
2cb7df87962541d661e113e0045120be429479e3309719f2058474276351f8c9
325365d6ab2928e0202c292dbfc66ae24e682d018df6d62d7ea60f9a32e35938
3d365a6395b9f0e62b9cc914189d1e462843e780eede59b14c7407f875ce04e9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3febc80c27bc363e6498cf16d6c5a0e98c0c88ee1606979a18bc68a2f3533bdc
411bff450d9a7ff9aa950233a52c17b3feb575b554a8dfe8236948f9171c2108
41223816ca838c8d0795cab48948d68a6c04d8171445ce77ba747595ad316444
4261fecbdca755ec080fb25e98f26f2ca3afda2c057490d5fc1c39d98d4ab5b8
436f5fd01b87b021f1dea366566da470d0c4398050592ba2b00c66513ed8ed92
443c9e65beb2fe9db625ba5dde6dca5147f157ce951349065012238299c25fb2
48395747738ae23158701c30d1f14a385d855d154661747974a16fc4d2d2a5bd
49dfc4a033d974b6f20c2b5343757673c7588bf9ef65c99383a63be53011b0fa
4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4ee5949392f439d6fa7dbc590d5b4c066e3b7224c30e4936a5f7bc696fa160d9
543ab792369cfc31207e44598c95badbb85e68752009b647f4e08a3121b227d3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6
5f2cb37f40592d6d97db3379180c2bcb6883f0b4681424f7615503ff83b4301e
628052ff7b7c472dc233bbbf997dc6daf9f61655d5a57d7dbfb7ac5ce826f83e
63462dc90c8be8e1f61c3ee7188facba5e4e2318f8adbda5bc8b993fe6ce1ef0
65445eb8b3492446d2a99437da030393e716d2d67b4e63a8dfe08334485202ff
65ad269abbe34f1b66b135692aa740eb2cf8c9e37d81739418e483bc502029fa
6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d
6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c
6ee08153c9a97ceaa6a0c382f82b35327aa68e4b4bbe6544c2657631a80c236e
72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e
7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe
79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4
7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
87fc9597a23facc94ead8fe7e978d5d088c7dc7e050805c7cfa0dae8babe4539
88b0fc3f9d2f307411b1a42d7d8e97f1b68325d0f5f4d1185910fb55f2af9f3a
88bd4523beed41e732cca76652a5ab7d0a223dc324195f264c3caf00a215e1fe
8cadf3c3a9253b0d06232619dc20082d865a3824667154df1429cd9bca7388ab
95c3a41dc0300691569690f968222223b3cf13c9c950e6ac2f0c48003b71f8bb
a71e1e5b38c0016fa7125db40021d544b5de7fa423c8a6cf578a7dfb7b08559d
a72d47b6f647b40a3135830e71d732c2b0a7e7c3a43d022fa9e454e7866dbe5c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f
b5a034ead112699878b523b7cd97438c7799f6392fc5378749d5c8a69166fa9c
b655d409d1d1b439c2e548b988bbf519f523500114eb1e38604d7e67febe43a1
be2f241cecf2cc48e86598fcde8c642e782cd3db9870a042eae183faa3d5e1d1
bec54132b336b6183d12e2da783cd20dcf37524785df0d4c4c9552d94e601902
bf27f60cc41bd253f9fc274661a5d1fa9a00ad82dd0b76e4d3838163ff6d685d
bf326ce018ba6b9da2227dfa98e7f87f691946687f806f808b9c9879de9feba8
c35fd6a485324a59e51beadca1d4bd9908ee96786265e519816cb9ad9446483f
c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac
c416db33405a27396b6ada4b33b0e8b1582eb987eb72693db75cdc75b65e8e76
c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c
c7398b866493b0b2db87edfd1c11abb5d29687fab805c59ae427fc8e3714f520
ccb6aa3cf3c69a97f9c8b3e9fa831216f1987771f4da241b37fadbce2d719a27
cf13c4419977d2f686600b263e163329da325e3291a0a66d0de22b9808066d15
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa09e6c41e2dedee077c48c47c547797beb1aea55147c233cc4b096312e2429
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41
d9c7daa07005267eb35152ef01ce3f08e29700db629abda4e96b52fcdbad31a6
dbb9069d2de94b007afc3107774af3bd02aa6e0cece82b1f9396d7b395aef9e2
dec51aa91ccdc6953914f75dcb9acedd1081c2bca5082ebb455864d5dc39fb95
df0490975598ac04676187866062347a04e855232ed03e80ff146d771d35f54c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413
e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf
ebc38c1e9c2f3394d422c03a6b6a1dee9b07da0d952b8f57aa41a273742265af
ed92ea5ecc441438194a08e31c912361fe9ca009347dce68a5a3fa363207cee9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effe56951344e9aaf32191bbb963c207d43f16fa85cf4e70b7b280e8b8d5b504
f02b309865012d2dbe5cf51d3eae8cd2cbfeb4d6b2a9b41b146fd7d809fa3ba8
fcb92256c3e56256b54cc042e811cdb92728020e595c0fa3bf733f56cd53b531

cf96820.tw1.ru Open in urlscan Pro 2a03:6f00:1::5c35:6079 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

27 %IPv6

32 Domains

47 Subdomains

42 IPs

4 Countries

3244 kBTransfer

5894 kBSize

54 Cookies

6 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cf96820.tw1.ru Open in urlscan Pro
2a03:6f00:1::5c35:6079 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

27 %
IPv6

32
Domains

47
Subdomains

42
IPs

4
Countries

3244 kB
Transfer

5894 kB
Size

54
Cookies

130 HTTP transactions
0 data transactions